Mandiant Report: Iran APT Groups Emerge As Major Cyber Threat

Of the four new advanced persistent threat (APT) groups christened by FireEye last year, three were out of Iran. Mandiant, the incident response services arm of FireEye, witnessed a major increase in nation-state hacking activity by Iranian attackers in 2017, especially on the cyber espionage side of things. Iranian groups now are maintaining and keeping a foothold in victim organizations for months and sometimes years, demonstrating their sophistication, according to Mandiant's newly published M Trends Report on its incident investigations in 2017. "In a way, it felt like Iran was the new China," notes Charles Carmakal, a vice president at Mandiant. "There were so many Chinese threat actors in operations [in previous years], it felt like everyone had at least one Chinese actor" attacking them, he notes.