MANDIANT Releases M-Trends: When Prevention Fails at U.S. Department of Defense: Cyber Crime Conference 2011

M-Trends delivers in-depth analysis and insight based on hundreds of advanced threat investigations conducted over the past year for the U.S. government, the defense industrial base and commercial organizations

M-Trends delivers in-depth analysis and insight based on hundreds of advanced threat investigations conducted over the past year for the U.S. government, the defense industrial base and commercial organizations. (Graphic: Business Wire)

ATLANTA--()--MANDIANT, the leader in incident response and computer forensics solutions and services, today announced formal distribution of its second annual M-Trends report at the U.S. Department of Defense Cyber Crime Conference 2011 at the Hyatt Regency Hotel in Atlanta.

The M-Trends series spans more than a decade of lessons learned on the front lines of intrusion investigations for the U.S. government, defense industrial base and commercial organizations. When Prevention Fails spotlights malware capabilities and techniques and other highly complex and sophisticated attack schemes used by the Advanced Persistent Threat (APT)1 across a breadth of organizations. Content presented in M-Trends has been derived by MANDIANT from unclassified environments and sanitized to protect victim identity and data.

Some excerpted trends and conclusions from M-Trends: When Prevention Fails:

It is no longer acceptable to rely solely on preventive measures. Combating targeted threats requires a sustained effort and the capability to perform rapid threat detection and response.

The majority of victims were either compromised by a targeted e-mail campaign or were victims of a prior intrusion that was never appropriately remediated.

Threats have evolved faster than our ability to reliably safeguard our assets. To better protect our information and intellectual property, we must adapt our organizational security programs to meet the emerging challenges.

Done right, threat detection and response provides IT security teams the situational awareness to rapidly detect incidents, suppress their impact, develop their own threat intelligence and rely on other timely intelligence to proactively inspect your networks for the fingerprints of compromise.

“In more than fifteen years of responding to incidents I have learned combating targeted threats requires a sustained effort and the capability to perform rapid threat detection and response,” said MANDIANT Chief Executive Officer Kevin Mandia, one of the report’s principal authors.

M-Trends is written for information security professionals in the enterprise and to increase our collective understanding of the advanced threat landscape. The report continues to break new ground in our collective understanding, information sharing and evolution of the APT and other sophisticated attacks targeted at government and commercial organizations.

“Between Aurora, Stuxnet, and the Wikileaks distribution of classified wires, 2010 should have made it abundantly clear that the stakes have changed," said Josh Corman, Research Director for Enterprise Security at The 451 Group. "We are well beyond casual attackers whose attacks conform to mainstream 80/20 rules and compliance checkboxes. Adaptive Persistent Adversaries know you are compliant and do not care. It's time to refresh your models and to invest in greater visibility for early detection and prompt, agile response. Industry reports like M-Trends can help increase broader awareness and understanding of the advanced threat landscape.”

To download a copy of M-Trends: When Prevention Fails, please visit: http://www.mandiant.com/news_events/forms/m-trends_2011

About MANDIANT

MANDIANT is the information security industry’s leading provider of incident response and computer forensics solutions and services. Headquartered in Alexandria, Va., with offices in New York, Los Angeles and San Francisco, MANDIANT provides products, professional services and education to Fortune 500 companies, financial institutions, government agencies, domestic and foreign police departments, and leading U.S. law firms. MANDIANT comprises one of the industry’s largest incident response and forensics forces. The authors of nine books, and quoted frequently by leading media organizations, MANDIANT security consultants and engineers hold top government security clearances and certifications and advanced degrees from some of the most prestigious computer science universities. To learn more about MANDIANT visit www.mandiant.com, read M-Unition, the company blog: http://blog.mandiant.com, follow on Twitter @MANDIANT or on Facebook at www.facebook.com/mandiantcorp.

1 The Advanced Persistent Threat (APT) is a term used to describe a specific group of threat actors that have been targeting the U.S. Government, Defense Industrial Base (DIB) and the financial, manufacturing and research industries for nearly a decade. Mandiant does not use this term in its diluted sense — as a generic category of threats. As increased awareness of the APT blossomed from Google’s public disclosure of the attacks in early 2010, and explosive marketing around “Operation Aurora”, organizations less familiar with the APT created a more diluted definition of the term APT, and changed its meaning to “advanced and persistent threats”. Mandiant considers the APT a type of “targeted attack”. The threat detection and response capabilities we describe will combat targeted attacks.

Photos/Multimedia Gallery Available: http://www.businesswire.com/cgi-bin/mmg.cgi?eid=6588374&lang=en

Contacts

MANDIANT
Anne Mroczynski, Director of Marketing
703-224-2926
anne.mroczynski@mandiant.com
or
e-Rainmaker PR
Jim Engineer, 630-728-1387
jim.engineer@e-rainmaker.com

Release Summary

M-Trends: When Prevention Fails, is the second report of its kind from MANDIANT, the leader in incident response, computer forensics. M-Trends summarizes years of experience fighting advanced threats.

Contacts

MANDIANT
Anne Mroczynski, Director of Marketing
703-224-2926
anne.mroczynski@mandiant.com
or
e-Rainmaker PR
Jim Engineer, 630-728-1387
jim.engineer@e-rainmaker.com