Kaspersky Highlights Key Industries Targeted by APT Groups Across the Middle East, Turkiye, and Africa
Kaspersky has revealed that the Middle East, Turkiye, and Africa (META) region remains a primary focus for 25 Advanced Persistent Threat (APT) groups tracked since early 2024. According to the company’s latest research, these groups are actively targeting financial services, critical infrastructure, defense, and government institutions, while also extending their operations into commercial and emerging industries.
The report points to a complex and evolving threat landscape, with both established and emerging APT groups carrying out operations across the region. The Griffith group, for example, consistently targets financial services across multiple countries, while SideWinder demonstrates a broad geographic scope with espionage as its primary objective. Additionally, Kaspersky researchers have tracked activity from APT groups such as Evasive Panda and Cloud Atlas, both active in Turkiye.
Kaspersky’s findings indicate that spear-phishing campaigns remain the most common initial entry point for attackers. Once inside, these groups emphasize stealth—often disguising their activities as legitimate services or routine system processes—enabling them to remain undetected for months, or even years, while exfiltrating data or preparing for future operations.
“When we analyze APT activities in the region, what stands out is how quickly their methods adapt,” said Maher Yamout, Lead Security Researcher at Kaspersky. “We’re seeing attackers experiment with new exploits, expand into less common sectors, and test operations in countries that were previously less affected. It’s a clear reminder that no industry or organization is off the radar for advanced attackers.”
Recommendations for Organizations
To strengthen defenses against sophisticated targeted attacks, Kaspersky recommends that organizations:
Deploy multilayered security solutions, such as the Kaspersky Next product line, and enterprise-grade detection platforms like the Kaspersky Anti Targeted Attack Platform.
Closely monitor and regularly inspect third-party IT service providers within the supply chain.
Implement specialized solutions for critical infrastructure, such as Kaspersky Industrial Cyber Security.
Equip cybersecurity teams with Threat Intelligence to anticipate APT tactics.
Educate employees at all levels with tailored cybersecurity training, such as the Kaspersky Security Awareness Platform.