There are, however, plenty of mentions of APTs from Russia, China, Iran, and North Korea among others.
Of the threats from state-supported actors from these countries, CrowdStrike had this to say:
"Nation-state adversaries were continuously active throughout 2018 — targeting dissidents, regional adversaries and foreign powers to collect intelligence for decision-makers:
"Iran maintained focus on operations against other Middle Eastern and North African (MENA) countries, particularly regional foes across the Gulf Cooperation Council (GCC). Additionally, it is suspected that Iranian adversaries are developing new mobile malware capabilities to target dissidents and minority ethnic groups.
"As for China, CrowdStrike observed a significant rise in US targeting, likely tied to increased tensions between the two countries.
"Russian adversaries were active across the globe in a variety of intelligence collection and information operations."
Where are the US nation state attackers? Why are they missing from this report? Are they not detected, not reported or not active? pic.twitter.com/Nd2y1nupXo— Z Balazs (@zh4ck) March 5, 2019
Asked about what appears to be a glaring omission, since the NSA, the premier cyber offence organisation in the US has a much bigger budget and more human resources than practically every other country, CrowdStrike's public relations director Ilina Cashiola told iTWire that the report only covered intrusions, campaigns and targeting seen in CrowdStrike's customer base as detailed in the methodology section of the report.
"[These are] either where our technology is deployed or where our team has been engaged for security services," she said. "If we haven’t reported on a particular actor, this means that we haven’t encountered them first-hand."
The methodology section of the report says CrowdStrike's "global team of intelligence professionals track 116 adversaries of all types, including nation-state, eCrime and hacktivist actors".
"We are unable to make any inferences about activities or actor motivations — APTs or eCrime — that we haven’t directly observed or analysed," Cashiola added.
iTWire then asked how the report could be considered global since threats from one very prominent country, the US, were not mentioned at all. A response is awaited.
The CrowdStrike report also mentioned other nation-state adversaries which it had tracked but not cited prominently in its report. These were:
"Adversaries linked to Pakistan and India maintained an interest in regional affairs with a rise in activity on the Indian subcontinent, observed in the summer of 2018.
"The Vietnam-based adversary OCEAN BUFFALO appeared to focus on domestic — possibly internal law enforcement — operations; however, CrowdStrike has also identified the possible targeting of Cambodia, as well as activity against the manufacturing and hospitality sectors.
"Recent technical analysis, as well as the reported zero-day use of CVE-2018-8174, suggests the South Korean-based adversary SHADOW CRANE continues to actively develop its toolkit. The target scope of SHADOW CRANE’s campaigns appears to primarily focus on victims in China, Japan, South Korea, Russia, India and the DPRK — particularly those involved in the government, think tanks, media, academia and non-government organisation (NGO) sectors."
CrowdStrike was in the news in 2016 after it was called in to investigate the breach at the Democrat National Committee in 2016, but did not allow the FBI a look at the servers, even though there were many requests for access made by the organisation which was at that time headed by James Comey.