M-unition -

A Look Back at APT1, Threat Actors, and Security

By on December 18, 2013

It’s hard to believe that we’ve reached the end of another year. In the realm of cybersecurity, 2013 was a memorable year not for breaches, but for tectonic-level shifts that completely changed how we perceive cybersecurity and its impact on how we run our businesses, how our leaders govern, and more importantly, how we understand national security.

In other words, for those in the C-Suite, technical issues were tangible business problems. This was highlighted by our APT1 report and the growing awareness that cybersecurity threats aren’t just irritating, they severely impact an organization’s bottom line.

In case you missed some of our most read posts, here is a list that will give you insight into what content was top of mind with our Suite Spot M-Unition readers:

Mandiant Exposes APT1 – One of China’s Cyber Espionage Units & Releases 3,000 Indicators
The Mandiant® Intelligence Center™ released an unprecedented report exposing APT1′s multi-year, enterprise-scale computer espionage campaign.  APT1 is one of dozens of threat groups Mandiant tracks around the world and we consider it to be one of the most prolific in terms of the sheer quantity of information it has stolen.

Chinese Leadership Change and the Advanced Persistent Threat
We at Mandiant have considered the strategic impact of the Chinese change in leadership and its impact on Advanced Persistent Threat (APT) groups and the current cyber espionage campaign that has been traced back to the PRC. We have determined that the new leaders will only enhance the influence that the People’s Liberation Army (PLA), State Owned Enterprises (SOE), and national-level central planning initiatives have already had in contributing to an environment which produces and nurtures APT.

APT1 Three Months Later – Significantly Impacted, Though Active & Rebuilding
Three months later, Mandiant has observed a decrease in APT1’s operations. However, we can confirm that APT1 continues cyber espionage operations against targeted computer networks. While Mandiant’s APT1 report seems to have affected APT1 operations, APT1 is still active using a well-coordinated and well-defined attack methodology against a wide set of industries — with a discernible post-report shift towards new tools and infrastructure.

Richard Bejtlich on His Latest Book, “The Practice of Network Security Monitoring”
Everyone wants to know how to find intruders on their networks. In this post, Richard Bejtlich writes about his first experiences learning to find intruders when he served in the Air Force Computer Emergency Response Team (AFCERT). These experiences spurred the decision to start writing books and to share his knowledge with the information security community. He also previews his latest book, “The Practice of Network Security Monitoring.”


Category: The Suite Spot


    Leave a Comment

Get M-Unition in Your Inbox:

Follow @mandiant

Follow @mandiant on twitter.

Career Opps @ Mandiant

We’re growing fast, but we’re as demanding as ever. Our clients come to us in their hours of need, so we need the best. That means more than just the right education and the right experience in information security.

As Mandiant continues to grow, we are able to offer certain positions in multiple locations. For details on the location(s) of each opening, please refer to the position descriptions.

Click here to view available positions.