High-Tech Sector - Overtakes Finance as Cyber Attack Target
Basically, high-tech companies are now the main targets for cyber-attacks instead of banks.
In a surprising turn, the high-tech sector has become the top target for cyber-attacks in 2025, surpassing finance. This shift raises concerns for tech companies and their data security. Mandiant's report highlights the need for enhanced cybersecurity measures across industries.
What Happened
In a significant shift, the high-tech sector has emerged as the most targeted industry for cyber-attacks in 2025, according to Mandiant's latest report. This change marks a notable transition from previous years when financial services held the top spot. Mandiant's M-Trends 2026 Report reveals that high-tech companies accounted for 17% of all investigations, while finance dropped to 14.6%. Other sectors like business services and healthcare also faced considerable threats, indicating a broadening attack landscape.
The report highlights the rise in cyber campaigns and events, with 83 malicious campaigns identified and eight global cyber events impacting organizations across 73 countries. This increase in targeted attacks underscores the urgent need for enhanced security measures across industries, especially in high-tech.
Who's Being Targeted
The high-tech sector's rise as a primary target reflects the increasing value of technology companies in the digital economy. As these firms innovate and expand, they also attract more attention from threat actors. Mandiant's findings indicate that attackers are adapting their strategies to exploit vulnerabilities in this sector. Businesses and professional services, along with healthcare, are also under siege, showing that no industry is immune to cyber threats.
The data suggests that attackers are focusing on initial access techniques, with vulnerability exploits leading the charge. This trend emphasizes the need for organizations to prioritize their cybersecurity frameworks to protect sensitive data and maintain operational integrity.
Tactics & Techniques
Mandiant's report reveals a concerning increase in dwell time, which rose from 11 to 14 days. Dwell time refers to the duration an attacker remains undetected within a compromised environment. This increase is attributed to sophisticated cyber espionage campaigns, particularly those linked to North Korean threat actors, who exhibited median dwell times of 122 days.
Additionally, the report points to the emergence of the ClickFix social engineering technique, where attackers lure users into executing harmful commands under the guise of fixing issues. This method has gained traction, with various tactics employed to deceive users, such as fake software updates and compliance verifications. The rise of such techniques highlights the need for continuous user education and robust security protocols.
Defensive Measures
Organizations must take proactive steps to bolster their defenses against these evolving threats. Implementing a multi-layered security approach is essential. This includes regular vulnerability assessments, employee training on recognizing phishing attempts, and advanced threat detection systems.
Moreover, businesses should stay informed about emerging threats and adapt their strategies accordingly. Collaborating with cybersecurity firms like Mandiant can provide valuable insights into the latest attack vectors and help organizations fortify their defenses. As cyber threats continue to evolve, staying ahead of attackers will be crucial for safeguarding sensitive information and maintaining trust in the high-tech sector.
Infosecurity Magazine