2. Mandiant APT1 Report
Security researchers have long pointed to China as the source of the bulk of cyberespionage activity against U.S. companies. But the Mandiant APT1 report, which came out in March, provided a definitive link to the Chinese government. The group was responsible for targeting hundreds of companies, remaining on systems for up to a year or longer before being detected.
The report preceded the discovery of a bevy of new targeted attacks designed to steal intellectual property from a variety of companies. The advanced persistent threats targeted businesses large and small, government agencies, defense contractors and manufacturers.
While custom malware, zero-day attacks and new watering hole techniques have been documented, nation-state attackers use fairly common techniques to gain a foothold in an organization. Mandiant found the group targeting configuration weaknesses, common vulnerabilities in browsers and browser components, and carrying out phishing attacks against employees.