FireEye, Inc. | Advanced Threat Report 2013

The 2013 edition of the FireEye Advanced Threat Report analyses more than 40,000 advanced attacks across the globe to map out the latest trends in advanced persistent threat (APT) attacks. Leveraging real-time threat intelligence from millions of security alerts across customer deployments, FireEye tracked more than 160 distinct APT malware families and logged 22 million command-and-control (CnC) transmissions. This report correlates that intelligence to provide insight that spans countries, industries, and threat vectors. 

Key findings include: 

  • The top ten countries most frequently targeted by APTs
  • The most verticals that were targeted (by number of unique malware families)
  • The top threat vectors used
  • Top software exploited in zero-day attacks


In 2013, FireEye threat prevention platforms discovered millions of malicious incidents. From these, our researchers look for APT attacks, which we define as the use of distinct TTPs that appear to be employed directly or indirectly by a nation-state, or a professional criminal organization, whose goals range from short-term cyber espionage to the long-term subversion of target computer networks.

In 2013, cyber attackers were active around the clock. Across its customer base, FireEye analyzed almost 40,000 unique, advanced attacks, or over 100 per day. From these, we categorized nearly 5,000 unique attacks as APT-directed – or over 13 unique APT attacks per day. Moreover, these targeted attacks come in many different disguises, and from any point on the globe. In 2013, FireEye tracked 160 malware families associated with APT activity, and discovered initial CnC infrastructure within 206 national top-level domains (TLDs) – located in every region of the world.

Advanced Threat Report 2013

Complimentary Report

Download the Report

© 2018 FireEye, Inc. All rights reserved. Privacy Policy. FireEye on Facebook    FireEye on Twitter    FireEye on LinkedIn    FireEye Blog: Malware Intelligence Lab