M-Trends 2018

What have incident responders observed and learned from cyber attacks
in 2017? Just as in prior years, we have continued to see the cyber
security threat landscape evolve. Over the past twelve months we have
observed a number of new trends and changes to attacks, but we have
also seen how certain trends and predictions from the past have been
confirmed or even reconfirmed.

Our 9th edition
of M-Trends
draws upon the findings of one year of incident
response investigations across the globe. This data provides us with
insights into the evolution of nation-state sponsored threat actors,
new threat groups, and new trends and attacker techniques we have
observed during our investigations. We also compare this data to past
observations from prior M-Trends reports and continue our tradition of
reporting on key metrics and their development over time.

Some of the topics we cover in the 2018
M-Trends report
include:

  • How the global median
    time from compromise to internal discovery has dropped from 80 days
    in 2016 to 57.5 in 2017.
  • The increase of attacks
    originating from threat actors sponsored by Iran.
  • Metrics
    about attacks that have retargeted or even recompromised prior
    victim organizations, a topic we previously discussed in our 2013
    edition of M-Trends.
  • The widening cyber security skills gap
    and the rising demand for skilled personnel capable of meeting the
    challenges posed by today’s more sophisticated threat actors.
  • Frequently observed areas of weaknesses in security programs and
    their relation to security incidents.
  • Observations and
    lessons we have learned from our red teaming exercises about the
    effectiveness and gaps of common security controls.

By sharing this report with the security community, we continue our
tradition of providing security professionals with insights and
knowledge gained from recent breaches. We hope that you find this
report useful in your work to strengthen your security posture and
defend against the ever evolving threats.



This is a Security Bloggers Network syndicated blog post authored by Nick Harbour. Read the original post at: Threat Research Blog