SASIG, the Security Awareness Special Interest Group, has issued a security alert to UK businesses, following a new report which warned China is ramping up its espionage technology.
The group said it was issuing the call to encourage businesses to review and strengthen their security resilience procedures as a result of increasing cyberattacks.
The security alert follows the publication of the latest threat intelligence warnings about cyber attackers adapting and innovating in order to breach business systems and access valuable and sensitive digital assets.
SASIG cited the latest Mandiant M-Trends 2022 annual report which provides data and insights about high-impact cyberattacks worldwide. The 2022 report, which tracks investigation metrics between October 2020 and December 2021, revealed that while significant progress has been made in threat detection and response, Mandiant continues to see adversaries innovate and adapt to achieve their mission in targeted environments.
Martin Smith founder and chairman of SASIG said: “Cybersecurity resilience is at the forefront of the industry. For years we’ve talked about security, which is protection and stopping things from happening, but resilience is much more than that, it’s about understanding what the threats are.
“Preparing to defend your business is essential but when an attack happens, recovering and getting back to business is critical. The M-Trends Report highlights the evolving cyber threat landscape. This is why UK businesses would benefit from regularly updating cybersecurity resilience policies and procedures to ensure that they are protected and futureproof firms.”
The M-Trends report warned there was evidence of increased cyber activity emanating from China
“Mandiant continues to expand its extensive threat knowledge base through frontline investigations, access to the criminal marketplace, security telemetry and the use of proprietary research methods and datasets, analysed by more than 300 intelligence professionals across 26 countries,” it said. “As a result of relentless information gathering and analysis, Mandiant experts began tracking 1,100+ new threat groups during this M-Trends reporting period. Mandiant also began tracking 733 new malware families, of which 86% were not publicly available, continuing the trend of availability of new malware families being restricted or likely privately developed, according to the report.
“M-Trends 2022 also notes a realignment and retooling of China cyber espionage operations to align with the implementation of China’s 14th Five-Year Plan in 2021.”
The report warns that the national-level priorities included in the plan “signal an upcoming increase in China-nexus actors conducting intrusion attempts against intellectual property or other strategically important economic concerns, as well as defence industry products and other dual-use technologies over the next few years.”
Business and professional services and financial were the top two industries targeted by adversaries (14%, respectively), followed by healthcare (11%), retail and hospitality (10%) and tech and government (both at 9%).
It added multifaceted extortion and ransomware attackers using new tactics, techniques and procedures (TTPs) to deploy ransomware rapidly and efficiently throughout business environments, noting that the pervasive usage of virtualization infrastructure in corporate environments has made it a prime target for ransomware attackers.
“Multifaceted extortion and ransomware continue to pose huge challenges for organizations of all sizes and across all industries, with this year’s M-Trends report noting a specific rise in attacks targeting virtualization infrastructure. The key to building resilience lies in preparation. Developing a robust preparedness plan and well-documented and tested recovery process can help organizations successfully navigate an attack and quickly return to normal business operations,” said Jurgen Kutscher, executive vice president, service delivery, Mandiant
Sandra Joyce, executive vice president, Mandiant Intelligence, added: “Several trends from previous years continued into 2021. Mandiant encountered more threat groups than any previous period, to include newly discovered groups.
“In a parallel trend, in this period we began tracking more new malware families than ever before. Overall, this speaks to a threat landscape that continues to trend upward in volume and threat diversity. We also continue to witness financial gain be a primary motivation for observed attackers.”