Attackers Get Through Conventional Safeguards Every Day
Malware Only Tells Half of the Story
When your defenses are circumvented you want to be the first to know. To respond, you need evidence of the compromise. While malware is an element, 46% of compromised machines have no malware on them. To scope and combat targeted attacks you need to
find all evidence of compromise.
Unauthorized Use of Valid Accounts
Trace Evidence & Partial Files
Command & Control Activity
Known & Unknown Malware
Suspicious Network Traffic
Valid Programs Used for Evil Purposes
Files Accessed by Attackers
Evidence of Compromise. It’s Much More than Malware.
It's a "Who" not a "What";
Targeted Attackers Are Professional,
Organized & Well-Funded.
When a determined attacker has targeted you they can be relentless. They pick their targets for a reason. They know what they are looking for and they move with lightning speed to get what they want.
Targeted malware and spear phishing are just the latest tools attackers use to initiate an intrusion. While the attacker only needs to succeed once, security organizations must prevent 100% of attacks – an unrealistic goal.
Once inside, persistent attackers execute a series of activities to entrench themselves and compromise your systems. If you manage to kick them out, rest assured they will be back.
The Facts Speak for Themselves
There is no such thing as perfect security. Attackers get smarter and change tactics all of the time.
Companies who have made responsible and sustained investments in IT continue to be compromised.
Different Threat Actors Have Different Motivations... And Tactics
To combat advanced attackers you need to know what they are looking for and how they operate.
Mandiant understands the threats you face because we’re on the front lines every day.
Launch Points & NuisanceExamples
Neither targeted nor persistent.
- Anyone, including individuals, small companies and large enterprises.
- Advanced Persistent Threat
- Virtually any industry with an emphasis on blue chip companies.
- Expanding target industries.
- Targeting companies that collaborate accross a supply chain.
- Credit Card Theft
- Enterprises that process credit cards or handle money such as retailers, banks & credit card processors.
- Pursuing longer-term persistence on victim networks.
Defamation & Public PolicyExamples
- Any organization.