Ride the Lightning

FireEye’s Mandiant Issues M-Trends 2021 Report

April 20, 2021

The M-Trends 2021 Report was published by FireEye’s Mandiant division on April 13 and is free to download. The data is based on Mandiant investigations between October 1, 2019 and September 30, 2020.

Some of the highlights:

59% of the cyber incidents Mandiant investigated were discovered by the affected organizations themselves, an improvement of 12% over the previous year’s report.

The global median dwell time was 24 days, the first time it has dipped below one month. This may have been caused by flood of ransomware which was quickly identified as such.

Ransomware was involved in 25% of the investigations, up from 14% in the previous year.

What John and I call version 2.0 of ransomware, Mandiant now calls “multifaceted extortion.” That works too.

What does it involve?

It still encrypts the victim’s data but now it steals the victim’s data as well.

The cyber criminals publish the data on a “name and shame” website.

They notify the media.

They notify the people whose data has been stolen, prompting data breach disclosures.

They call and harass employees.

They conduct denial of service attacks on the victim to further disrupt operations.

All of this, you’ll be shocked to hear, causes disruption and brand damage.

There is a very long list of proactive steps that organizations can take to reduce their risk. Guaranteed that most of the folks who read those steps won’t understand them – and that’s the problem with trying to help organizations help themselves!

HT to Dave Ries.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email:  Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson