Quick, answer off the top of your head – which industries are the most likely to be targeted by cybercriminals?

Mandiant, the company who exposed the Chinese Army’s APT assault on US government and industry targets, recently did a data analysis to reveal which industries are most likely to be the target of cybercrime.   Based on data Mandiant researchers collected in Q2 2013, the results revealed both the expected and unanticipated.  It goes without saying, for example, that cybercriminals are motivated by financial gain, but the type of financial gain that is being pursued has evolved from short term payoff to longer term benefit.  Moreover the change in motivation is, as the Mandiant research reveals, also altering the way in which cybercriminals are executing their attacks and supported by rogue states.

Here’s an excerpt of the Mandiant findings:

On the cybercriminal side, we’re also seeing tactics that look like more traditional APT behavior. Some cybercriminals are willing to spend the time doing network reconnaissance, installing backdoors, and moving laterally through a victim’s environment to get what they want, rather than the typical “smash and grab” approach. In a recent Mandiant investigation, cybercriminals repeatedly accessed backdoors that they had placed in a victim’s environment every 2-3 days. We believe these targeted cybercriminals have the resources to allow them to undertake more intensive–and potentially more damaging—operations.

To read the full article and subscribe to the Mandiant Threat Intelligence Center click here…