Four other regional cyber trends detected and summarized include:

1. The region is a major target for state-sponsored ransomware Attacks
   Threat actors often use compromised VPN and RDP account credentials to access target company networks. This allows them to bypass initial stages of an attack and find new victims faster.

   On Dark Web forums, the average price for such stolen account credentials has decreased, making it more affordable than ever for cybercriminals to plan their attacks.

   In terms of the number of access offers, APAC ranks second to the US, with India the top country for access offers.

2. Ransomware is still the number one threat
   Despite key threat actor forums banning searching for affiliates, the Ransomware-as-a-Service (RaaS) market continues to evolve. Last year, Group-IB discovered 20 new public affiliate RaaS programs in its ecosystem.

   Ransomware groups are becoming increasingly similar to IT startups, with their own corporate structures, departments, incentive programs, and staff “days off”. Threat actors are using zero-day vulnerabilities and supply-chain attacks to infect victims.

3. Military operations are ongoing worldwide
   The firm’s specialists discovered 19 new state-sponsored groups that specialize in cyber espionage. Most attacks against critical infrastructure are successful because basic security requirements (such as updating software in time and patching) are not followed.

4. Manufacturing and real estate industries likely most vulnerable in 2023 As far as the firm’s customer ecosystem is concerned, several industries, including finance, manufacturing, information technology, energy, and telecommunications, will continue to face increasing dangers in 2023.

   Last year, ransomware operators principally targeted the manufacturing and real estate sectors, which accounted for almost 20% of ransomware outbreaks.