Mandiant, Inc. has recently released its annual Mandiant M-Trends report, which provides current statistics and recommendations generated from the company's own investigations of high-impact cyber across the globe, according to a Mandiant press release.
The research lists China as a serious worry owing to its 14th five-year plan implementation targets at the national level for 2021.
According to Mandiant, this plan indicates a future surge in China-connected entities using infiltration techniques against intellectual property and other strategically important economic concerns.
“Chinese cyber espionage activity ramped up significantly in recent years, with Asia and the U.S. remaining the most targeted regions," Mandiant SVP and chief technology officer Charles Carmakal said in the release. "This year’s M-Trends report notes a specific focus on government organizations as well as the use of the same malware families among multiple cyberespionage actor sets, likely due to resource and tool-sharing by disparate groups.
In 2021, Mandiant monitored over 1,100 new threat groups and 733 new malware families, according to the report. In 2022, supply chain challenges rose to 17% from the less than 1% recorded in 2021.
"Several trends from previous years continued into 2021; Mandiant encountered more threat groups than any previous period, to include newly discovered groups," Mandiant executive vice president Sandra Joyce said in the release. "In a parallel trend, in this period we began tracking more new malware families than ever before."
The report reveals that the global dwell time, or the length of time a hacker spends in a system before being discovered, dropped from 24 days in 2020 to 21 days in 2021.
"Overall, this speaks to a threat landscape that continues to trend upward in volume and threat diversity," Joyce said.
In addition, Mandiant revealed that security exploits accounted for 37% of incidents, whereas phishing was responsible for 11%.
The Mandiant press release also stated extortion and ransomware attackers were utilizing new methods to deploy ransomware in business environments.