Over the past two years there has been an awakening across the public and private sector concerning targeted threats. Even organizations that have made expensive, responsible, and sustained efforts to defend their infrastructure are getting breached. Intrusion prevention systems, firewalls (and "next generation" firewalls) create "friction" for attackers. But they don't stop them. Look no further than the Nortel breach reported last week. It's worth asking if their ten-year compromise was a contributing factor to their demise.
In an interview with Bob Orr, Homeland Security Correspondent at CBS News, Mandiant's CEO, Kevin Mandia discusses how attacks by targeted threats can lead to billions, perhaps even trillions, of dollars in lost revenue.
Recently, Larry Clinton, President of the Internet Security Alliance, testified before the House Energy and Commerce subcommittee regarding the changing threat landscape. In his address he stated that we're dealing with sophisticated attackers including organized criminals and nation states that, "leverage sophisticated tools and inherent vulnerabilities in technology to gain long-term footholds on systems."
Mandiant's own Chief Security Officer, Richard Bejtlich, went even further in an interview with Tom Gjelten from National Public Radio last weekend describing just how persistent nation-state actors can be "If you try kicking them out of your network on a Friday, they're back on a Monday," he told Gjelten.
We've been hard at work summarizing the key trends we've seen over the last year in our annual threat report, M-Trends. The report will be out next week so stay tuned. We'll be talking about all of the highlights right here on M-unition.