Security incident response management firm Mandiant, which became famous after releasing a report on the cyberattacks launched by the Chinese military, has released its fourth annual M-Trends report.The study, “M-Trends 2013: Attack the Security Gap,” focuses on advanced persistent threats (APTs), particularly the tactics used by cybercriminals to penetrate organizations and steal sensitive information.
The numbers from the report show that almost two thirds of organizations learn about a breach after being notified by an external source. On the positive side, Mandiant says companies are getting better at identifying targeted attacks on their own.
Worryingly, on average, it takes a company 243 days before discovering an attack, during which the criminals can freely roam their networks. However, there’s a positive aspect here as well: the number of days has decreased by 173 compared to 2011.
It’s interesting to note that the use of outsourced service providers is also problematic for cyber security. Attackers are taking advantage of the relationship between the targeted company and outsourced business processes such as finance, accounting and HR.
To make their attacks more efficient, cybercriminals collect large quantities of data related to system administration guides, processing methodologies and network infrastructure. This allows them to navigate their victims’ networks faster.
As far as China is concerned, Mandiant says the top three industries repeatedly targeted by the country are aerospace, energy and pharmaceuticals.
“We’ve seen first-hand that a sophisticated attacker can breach any network given enough time and determination,” Grady Summers, Mandiant VP, explained.
“It’s not enough for companies to ask ‘Are we secure?’ They need to be asking 'How do we know we're not compromised today? How would we know? What would we do about it if we were?'”
The complete report is available here.