A trends report noted when organizations are most likely to take malicious email bait sent from threat actors.
In the company's M-Trends report (PDF), released Thursday, which analyzed points of initial compromise leading to breaches in 2013, Mandiant also found that 44 percent of phishing emails targeting companies were made to look like correspondence from firms' IT departments.
On Friday, Laura Galante, manager of threat intelligence for Mandiant, told SCMagazine.com in an interview that the social engineering trend remained a common attack method through the first quarter of this year, as well.
“We were able to go in and see the initial compromise, in this case, [by] looking at spear phishing emails,” Galante said.
In the M-Trends report, Mandiant studied security incidents impacting hundreds of clients throughout more than 30 sectors.
Of note, the firm saw a spike in threat actor activity targeting the financial services and media and entertainment industries last year, as compared to 2012. Last year, 15 percent of attacks struck the finance sector, while 13 percent of malicious activity occurred at media and entertainment organizations, the report said.
Galante added that, regardless of the attack method used, that enterprises must begin to take note of the wide range of data stolen by advanced persistent threat (APT) groups, which use the information to assemble profiles on target organizations.
In particular, the report revealed the wealth of data obtained by China-based APT groups, which often doesn't make headlines.
“These Chinese threat groups want a more holistic, programmatic understanding of companies,” Galante said. “The Chinese attackers are doing that by taking executive emails, business processes, information from meeting minutes and organizational charts. What this means is that organizations should think of how to redefine their information assets,” she said.