The Channel logo


By | John Leyden 24th February 2015 13:02

Don't be fooled! He's not from the IT crowd... he's a CYBERSPY – FireEye

Is that Tom the techie or a Chinese spear-phisherman?

Impersonating IT departments in spear-phishing attacks is becoming an increasingly popular tactic among hackers, particularly in cyber-espionage attacks.

IT staff themed phishing emails comprised 78 per cent of observed phishing schemes picked up by FireEye in 2014, compared to just 44 per cent in 2013.

The sixth annual FireEye Mandiant M-Trends report, published on Tuesday, reports that organisations are getting slightly speedier at picking up trespassers in their network. Breach detection times dropped from 229 days in 2013 to 205 days last year. The slight improvement still means that successful hacker attacks remain undetected for months.

In some cases breaches can go undetected for years. One unnamed organisation that Mandiant helped in 2014 had been unknowingly breached for more than eight years, an admittedly extreme case that spotlights a more general failing to pick up breaches before vast data caches are compromised and extracted.

Mandiant’s security incident response work picked up a common thread in major retail breaches last year. Retailers reckoned their virtual machines were sufficiently secured but did not implement two-factor authentication, meaning a single stolen user credential could make their entire network vulnerable.

Hackers are adopting more sophisticated and stealthy tactics. Mandiant said it had witnessed more attackers utilising complex tactics including using Windows Management Instrumentation to avoid detection.

More details can be found in the 2015 Mandiant M-Trends report (PDF). ®

comment icon Read 9 comments on this article or post a comment alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe