M-Trends #5 – Some Assembly Required: Attackers Are Targeting Companies That Collaborate Within a Supply Chain

Our fifth M-Trend, taken from this year's M-Trends report, is a mouthful: attackers are targeting companies that collaborate within a supply chain in order to assemble a comprehensive intellectual property portfolio. However, our short title, Some Assembly Required, sums it up pretty well. What it boils down to is that attackers have moved beyond simply targeting individual companies for a single technology. Since 2011, we have seen clear indications that attackers are being instructed to go after more complex technologies that span multiple organizations.

One of our most memorable investigations last year was at a company that makes some innovative technologies. Our consultants determined that the organization had lost substantial amounts of intellectual property-decades worth of proprietary, accumulated technology. This is horrible news on its own. It got worse, however, when another supplier called us a couple of weeks later, and we found that they had lost the complementary technology that a new entrant into this market would need to get started. It is important to remember your organization's intellectual property is at risk no matter the size of your company.

On that note, I wanted to make an additional point with this blog post: the culture here at Mandiant.

Some of you may know I'm just in my fourth month at the company, and I am still fascinated as I learn more about our people and our work. When I was interviewing various people at Mandiant to learn about this particular M-Trend, it was interesting how many people described the aforementioned investigation in emotionally charged terms. My notes have phrases such as, "it killed us to see that they'd lost most all of their IP.", "this company makes such great stuff, and it's so sad to think that someone is going to rip off this stuff they invented," and "we felt horrible when we learned that their primary supplier had also been breached and lost their IP too." The tone of the remarks was similar to what you would hear from a doctor talking about a patient's condition. Mandiant people really care about our customers beyond the bits and bytes, and are passionate about how our work finding evil fits into the bigger picture of the economy, national security, and crime.