Holiday in Cambodia for a Year and a Half if You Breach an Asia Pacific Network


Organizations in the Asia-Pacific (APAC) region are often unprepared to identify data breaches, let alone respond to them, and allow attackers to remain inside networks for three-times longer than the global median, according to a Mandiant report.

The report, titled M-Trends 2016: Asian Pacific, is the first M-Trends report put out by Mandiant (owned by FireEye Inc.) that focuses solely on the APAC region.

The report is broadly consistent with a recent RSA Security LLC report that found that 75 percent of respondents worldwide faced significant cybersecurity risk, but it found the APAC plus Japan region as the second most prepared of the three regions surveyed.

Mandiant found that “most organization depended only on antivirus software to detect malicious persistence mechanisms,” which is malware that continues to act after computers are re-booted or logged-off. Despite tools to monitor persistent mechanisms being commercially available, APAC organization often had not yet reached the security maturity to use them, the report found.

One of the more stunning findings is that the median time it takes APAC organizations to even discover an attack is nearly a year and half (520 days), while the global median is 146 days. The region is also 80 percent more likely to be the target of cyberattacks than other parts of the world, according to the report.

Mandiant’s report also found that, due to a lack of breach disclosure laws, most breaches in APAC are never publicized in local, national or regional media.

Mandiant attributes the “heightened levels of cyber threat activity” in the region to “regional geopolitical tensions, relatively immature network defenses and response capabilities and a rich source of financial data, intellectual property and military and state secrets.”

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.