Since 2010, Mandiant, a FireEye company, has presented trends,
statistics and case studies of some of the largest and most
sophisticated cyber attacks. In February 2016, we released our annual
report based on data from the breaches we responded to in 2015.
Now, we are releasing M-Trends
Asia Pacific, our first report to focus on this very diverse and
Some of the key findings include:
Most breaches in the Asia Pacific region never became public.
Most governments and industry-governing bodies are without
effective breach disclosure laws, although this is slowly
The median time of discovery of an attack was 520 days after the
initial compromise. This is 374 days longer than the global
median of 146 days.
Mandiant was engaged by many organizations that have already
conducted forensic investigations (internally or using third
parties), but failed to eradicate the attackers from their
environments. These efforts sometimes made matters worse by
destroying or damaging the forensic evidence needed to understand
the full extent of a breach or to attribute activity to a specific
Some attacker tools were used to almost exclusively target
organizations within APAC. In April 2015, we uncovered the
malicious efforts of APT30, a suspected China-based threat group
that has exploited the networks of governments and organizations
across the region, targeting highly sensitive political, economic
and military information.
Asia Pacific to learn more.