Information Technology

​The global technology market has grown considerably in recent years. According to the Forbes Global 2000 , the 184 technology companies on the list represent more than $9 trillion in market value, $4 trillion in assets, and nearly $3 trillion in sales.

These high-tech organizations, as well as those not on the top 2,000 list, come from a wide range of sub-industries, from electronics manufacturing and software development to digital media and space. Although they apply their skills and knowledge to different sectors, high-tech organizations all have something in common: they operate at the cutting edge of technology. Innovation, secrecy, intellectual property and, most importantly, security are imperative.

FireEye researchers most frequently detected threat actors using the following targeted malware families to compromise organizations in the high tech and IT industry.

​

​

• Computer Software
• Information Technology Services
• Control, Electromedical, Measuring & Navigational Instruments Manufacturing
• Consumer Electronics & Personal Computer Manufacturing
• Electronics Component Manufacturing & Wholesalers
• Logic Device Manufacturing
• Network Access & Communications Device Manufacturing
• Networking & Connectivity Software
• Routing & Switching Equipment Manufacturing
• Search, Detection, Navigation & Guidance System Manufacturing
• Security Software
• Semiconductor Equipment Manufacturing
• Storage & Systems Management Software

•  Blueprints
•  Proprietary Product & Service Information
• Testing Results & Reports
•  Production Processes
•  Hardware & Software Descriptions & Configurations
• Security & Risk Management Documents
• Diagrams and Instruction Manuals
• Marketing Strategies & Plans

The cloud security threat landscape highlighted threat actors’ continued efforts to shift targeting into cloud environments. Data gathered showed that threat actors used a variety of methods to gain initial access into organizations’ cloud assets, with nearly a quarter of incidents stemming from threat actors pivoting into the cloud from on-premise networks. In addition, API misconfiguration issues were involved in nearly two-thirds of studied incidents. This targeting coincided with a robust underground marketplace for cloud-related credentials, with tens of thousands of accounts for sale online. As organizations move into the cloud, threat actors are following right alongside. Maintaining properly hardened systems, enacting effective password policies, and ensuring policy compliance is critical to maintaining a robust cloud security posture.