FireEye has unveiled the sixth annual M-Trends report from Mandiant that outlines the emerging tactics and trends in the cyber threat landscape based on data from advanced threat investigations over the past year.
“[Threat] actors have continued to evolve, up their game, and utilize new tools and tactics to compromise organizations, steal data and cover their tracks,” Kevin Mandia, senior vice president and chief operating officer of FireEye, said Tuesday.
The “M-Trends 2015: A View from the Front Lines” report found that companies are getting faster at discovering threats, dropping from 229 days in 2013 to 205 days last year.
It also noted that breaches still can remain undiscovered for years as fewer organizations are able to leverage their own resources to detect breaches.
According to the report, attacks on online retailers in 2014 are due to vulnerabilities in their virtual application servers and the lack of two-factor authentication for access, and are centered on payment processors that use chip-and-PIN technology.
FireEye said some of the recurring tactics of threat actors are the use of phishing schemes wherein they pose as the IT department, as well as the ability to utilize system components to access its most complex parts and avoid detection.