Our latest cybersecurity news brought to you…
Mandiant Consulting’s M-Trends 2024 Report Overview
Mandiant Consulting’s M-Trends 2024 report highlights significant improvements in cybersecurity across global organizations, noting a decrease in the median time to detect intruders—from 16 days in 2022 to just 10 days in 2023. This reduction in “dwell time” suggests that companies are fortifying their defenses more effectively than ever before.
The financial services, business services, technology, retail, healthcare, and government sectors were the most targeted in 2023, driven largely by attackers with financial motives. This focus aligns with the report’s finding that 52% of cyberattacks were primarily for financial gain, leveraging the sensitive information these industries hold.
Mandiant also observed an 8% increase in financially-motivated cybercrimes since 2022, correlating with a rise in ransomware and extortion cases. Attackers commonly breached networks through exploits, phishing, prior compromises, and stolen credentials. Despite ongoing discussions around ransomware, these methods remain highly effective, indicating that extortion campaigns continue to be lucrative for cybercriminals.
Key Cybersecurity Trends and Insights
- Improved Cyber Defenses: Global organizations have significantly strengthened their cybersecurity, evidenced by reduced dwell times and a higher percentage of attacks being internally detected—46% in 2023 up from 37% in 2022.
- Evasion Techniques: Cybercriminals are increasingly focusing on evading detection, targeting edge devices, exploiting zero-day vulnerabilities, and using advanced techniques like “living off the land” to maintain persistence undetected.
- Targeting Cloud Environments: With the ongoing shift to the cloud, attackers are exploiting weak identity management and poorly secured credentials to bypass security measures like multifactor authentication (MFA).
- Bypassing MFA: Despite widespread adoption of MFA, Mandiant noted a rise in techniques designed to circumvent this security measure, including sophisticated phishing attacks and SIM swapping.
- Use of AI in Red Teaming: Mandiant’s red teams are integrating AI to enhance their testing procedures, speeding up the creation of attack simulations and custom tools tailored to unique environments.
Recommendations
To counter these threats, Mandiant recommends maintaining robust patch management, employing defense-in-depth strategies, and regularly updating incident response plans. Additionally, ensuring the security of new technology deployments and enhancing network segmentation can further protect against these evolving cyber threats.
These insights from the M-Trends report underline the critical need for ongoing vigilance and innovation in cybersecurity strategies to stay ahead of increasingly sophisticated cybercriminals. –Tech Republic
Click for more of our recent cybersecurity news!
