Mandiant has released its 15th annual M-Trends report, which examines the frontline investigations and remediations of high-impact cyber attacks worldwide throughout 2023.
The report reveals that organizations have made meaningful improvements in their defensive capabilities, identifying malicious activity affecting their organization more quickly than in previous years. It also looks at notable threat actors and campaigns and provides a focused look at threat activity by region.
The report notes that attackers’ median dwell time in the target environment is now ten days, the lowest point in over a decade. It also reveals that the top targeted industries were financial services (17%), business and professional services (13%), high technology (12%), retail and hospitality (9%), and healthcare (8%).
Mandiant says attackers targeted these industries because they possess sensitive information, including proprietary business data, personally identifiable information, protected health information and financial records.
In addition, Mandiant began tracking 626 new malware families, the highest number of net new malware families identified in a single year to date. The top five malware categories include backdoors (33%), downloaders (16%), droppers (15%), credential stealers (7%) and ransomware (5%). Mandiant says the attackers are increasingly targeting edge devices, leveraging “living off the land” techniques and exploiting zero-day vulnerabilities.
“Attackers regularly adjust their tactics, techniques, and procedures to achieve their objectives, which can be challenging for defenders,” said Vice President of Mandiant Consulting at Google Cloud, Jurgen Kutscher.
You can read the full report here.
