GEC NEWS WIREFireEye released its annual M-Trends report which found that attackers are present in EMEA organisations’ networks a median of 3.5 months before being detected. The report is based on information gathered during investigations conducted by FireEye’s security analysts in 2016 and uncovers emerging trends and tactics threat actors used to compromise organizations. The key findings of the report states that the median dwell time in EMEA has decreased significantly from the previous M-Trends report, standing at less than a quarter of the 469 days that were recorded in 2015.
One of the most unexpected trends noted in 2016 was attackers calling targets on the phone to help them enable macros in a phishing document or to obtain the personal email address. In 2016, the several German politicians who were targeted by Russian groups will continue as cyber-attacks are increasingly seen as a way of influencing European politics. Cyber threat groups could target European industrial control systems for potentially disruptive or destructive operations. Threat hunting is now among the most commonly sought skills in defensive security, and the associated training and education markets are shifting to meet this demand.
“In 2016 we saw cyber-attacks spread widely and publicly into areas such as elections and attackers became more sophisticated. By looking at the dropping levels of dwell time we can see that organisations are improving, but there is still much to do as attackers only need a few days to complete their objectives,” said Stuart McKenzie, Vice President of Mandiant at FireEye.
