SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Advanced Persistent Threat Protection
#
Cybersecurity
#
Ransomware
Mandiant unveils latest M-Trends 2024 cybersecurity report
Wed, 24th Apr 2024
Author image
By Tom Raynel, Managing Editor
Follow us

Mandiant has unveiled the findings of its annual M-Trends report, a study based on high-profile cyberattacks and resulting remediations across the globe throughout the year 2023. The 2024 report, marking its 15th year, showcases continued advancements in global organisations' defensive capabilities, allowing them to more quickly identify harmful cyber activity within their networks than in prior years. Additionally, the report examines notable cyber threats and activities, delivering detailed insights categorised by region.

Key findings from the M-Trends 2024 report indicate a substantive reduction in the global median dwell time, a measure of the duration attackers remain undetected within a targeted environment. This dwell time has dipped to a ten-day low, down from 16 days in 2022, representing the lowest it's been in over a decade. The report’s investigations also reveal the top targeted industries to be financial services (17%), followed by business and professional services (13%), high technology (12%), retail and hospitality (9%), and healthcare (8%). These sectors emerged as prime targets likely due to their highly sensitive data storages, ranging from proprietary business data, personally identifiable information, and protected health information to financial records.

Mandiant began tracking a record high of 626 new malware families in 2023, the highest number they've identified in a single year to date. These malware families were dominantly categorized as backdoors (33%), downloaders (16%), droppers (15%), credential stealers (7%), and ransomware (5%). The report identifies an emerging pattern of cyberattackers exploiting edge devices, living off the land techniques, and, more significantly, zero-day vulnerabilities, giving them ample opportunities to fly under the radar.

Jurgen Kutscher, Vice President of Mandiant Consulting at Google Cloud, explained the report’s implications and future outlook: "Attackers regularly adjust their tactics, techniques, and procedures to achieve their objectives, which can be challenging for defenders. Despite this, our frontline investigators have learned that organisations have done a better job in 2023 at protecting systems and detecting compromises. Defenders should be proud, but organisations must remain vigilant." Kutscher emphasized the trend of attackers strategically evading detection systems with zero-day vulnerabilities, reinforcing the need for an effective threat hunt program complemented with comprehensive investigations and remediation strategies in the wake of a breach.

The M-Trends 2024 report offers helpful insights into global cyber activity, spotlighting improvements and raising awareness about persisting dangers in the digital space. This knowledge can help organisations refine their cybersecurity efforts, staying one step ahead of potential cyber threats.

Related stories
CrowdStrike & TCS unite for AI-driven cybersecurity revolution
Qualys launches MSSP Portal to streamline partner management in cybersecurity
The Instillery launches affordable Microsoft MDR services in New Zealand
Businesses weigh up transition from best-of-breed to platform security
Illumio & Wiz partner to boost cloud security resilience
Top stories
Resilience named as National Cyber Resilience Centre Group Ambassador
Cybersixgill launches third-party module to tackle cybersecurity risks
Absolute Security to reveal next-gen cyber resilience at RSA Conference 2024
Teradata expands Strategic Collaboration Agreement with AWS
New Relic integrates with Atlassian for innovative engineering solutions