FireEye M-Trends 2018 Annual Threat Report - The Trends Behind Today's Breaches and Cyber Attacks

FireEye M-Trends 2018 Annual Threat Report - The Trends Behind Today's Breaches and Cyber Attacks

We have continued to see the cyber security threat landscape evolve. Over the past 12 months we have observed a number of new trends and changes to attacks, but we have also seen how certain trends and predictions from the past have been confirmed or even reconfirmed.

Our 9th edition of M-Trends draws upon the findings of one year of incident response investigations across the globe. This data provides us with insights into the evolution of nation-state sponsored threat actors, new threat groups, and new trends and attacker techniques we have observed during our investigations. We also compare this data to past observations from prior M-Trends reports and continue our tradition of reporting on key metrics and their development over time.

Some of the topics we cover in the 2018 M-Trends report include:

Dwell Time

  • APAC region —already a laggard in security—appears to be getting worse in some ways. The median dwell time for APAC increased this year to 498 days, from 172 days in last year’s M-Trends report. 
  • 498 days is almost five times longer than the global median of 101 days.
  • With a maximum observed dwell time of 2,085 days, attackers maintain access to compromised organizations in APAC, for far too long.

Cybersecurity Skills Gap

  • In the ongoing battle to secure organizations from malicious actors that commit crimes through methods such as theft, destruction or data manipulation, frontline defenders are a scarce resource.
  • The widening cyber security skills gap is leading to a rising demand for skilled personnel capable of meeting the challenges posed by today’s more sophisticated threat actors.

Repeat breaches

  • Organizations are increasingly being re-targeted. 49 percent of customers with at least one high priority finding were successfully attacked again within one year.
  • Looking at the statistics by region, we find that customers in the APAC region are twice as likely to have experienced multiple incidents from multiple attackers, compared to those in EMEA or North America.
  • More than 91 percent of Asia Pacific customers which had at least one significant attack attempt were targeted again by the same or a similarly motivated attack group. Of those organizations, 82 percent had multiple attackers identified.

Iranian Threat Activity

  • FireEye tracks thousands of cyber attackers, but specializes in state-sponsored attackers who carry out advanced persistent threat (APT) attacks.
  • Throughout 2017, Iran grew more capable from an offensive perspective. Mandiant observed a significant increase in the number of cyber-attacks originatingfrom Iran-sponsored threat actors.
  • While they have captured notoriety over the past year, especially for their destructive attacks, much of their espionage activity has gone unnoticed.
  • Their list of victims currently spans nearly every industry sector and extends well beyond regional conflicts in the Middle East.

Related Stories

No stories found.
logo
DIGITAL TERMINAL
digitalterminal.in