Even the most sophisticated advanced persistent threat groups (APT) tend to stick with old tactics, techniques, and procedures as long as they work. However, whenever needed, the groups can innovate in extremely dangerous ways.
A threat campaign last quarter — in which a so-far-unknown attacker modified platform-level firmware to plant exceptionally persistent and hard-to-remove malware on an organization’s system — is a case in point.
It was one of several new and sophisticated attack tactics that security vendor Kaspersky observed in the third quarter of this year as APT groups diversified their tool sets in larger numbers than usual. In a report this week, Kaspersky described the activity as “curious” and an example of how APT threat actors reinvent themselves and their tool sets…