Security News > 2022 > April > New threat groups and malware families emerging

New threat groups and malware families emerging
2022-04-22 03:00

According to the report, the global median dwell time-which is calculated as the median number of days an attacker is present in a target's environment before being detected-decreased from 24 days in 2020 to 21 days in 2021.

Organizations' improved threat visibility and response as well as the pervasiveness of ransomware-which has a significantly lower median dwell time than non-ransomware intrusions-are likely driving factors behind reduced median dwell time, per the report.

Mandiant began tracking 733 new malware families, of which 86% were not publicly available, continuing the trend of availability of new malware families being restricted or likely privately developed, according to the report.

New multifaceted extortion and ransomware TTPs: Mandiant observed multifaceted extortion and ransomware attackers using new tactics, techniques and procedures to deploy ransomware rapidly and efficiently throughout business environments, noting that the pervasive usage of virtualization infrastructure in corporate environments has made it a prime target for ransomware attackers.

"This year's M-Trends report reveals fresh insight into how threat actors are evolving and using new techniques to gain access into target environments. While exploits continue to gain traction and remain the most frequently identified infection vector, the report notes a significant increase in supply chain attacks. Conversely, there was a noticeable drop in phishing this year, reflecting organizations' improved awareness and ability to better detect and block these attempts."

"Chinese cyber espionage activity ramped up significantly in recent years, with Asia and the U.S. remaining the most targeted regions. This year's M-Trends report notes a specific focus on government organizations as well as the use of the same malware families among multiple cyber espionage actor sets, likely due to resource and tool sharing by disparate groups. Further, with the implementation of China's 14th Five-Year Plan in 2021, we expect to see cyber espionage activity continue to accelerate in support of China's national security and economic interests over the next few years," said Charles Carmakal, SVP and CTO, Mandiant.


News URL

https://www.helpnetsecurity.com/2022/04/22/adversaries-innovating-and-adapting/

Related news