FireEye has released a new report based on information collected by the recently acquired Mandiant, during the investigation of advanced threats in 2013.
The “M-Trends 2014: Beyond the Breach” report shows that the time it takes organizations to discover a breach on their network decreased to 229 days, from 243, in 2012. This represents the average, but there are cases of organizations that failed to detect an attack for years, the record being 6 years and 3 months.
On the other hand, in 2013, only 33% of organizations managed to detect breaches on their own. In the previous year, 37% of organizations identified breaches.
In most advanced attacks, the phishing emails sent out by the cybercriminals were designed to impersonate the targeted organization’s IT department.
Mandiant has found that cyber components are increasingly becoming part of political conflicts. A perfect example is the attacks of the Syrian Electronic , which has targeted numerous private organizations in support of its political cause.
A section of the report also focuses on the reconnaissance operations launched by Iran-based actors. While they appear to be behind other state-sponsored actors as far as cyber capabilities are concerned, warn that nothing prevents them from testing and improving their skills.
You can find the complete “M-Trends 2014: Beyond the Breach” report on Mandiant’s (registration required).