Asian Companies have the World's Worst Cybersecurity

According to a year-long investigation by the U.S. Security company Mandiant, Asian companies are the least defended against cyber attacks.

Mandiant said the median time between a breach and its discovery at an Asian company is around 520 days, three times the global average. In each attack, an average of 3.7 GB in data has been equaling tens of thousands of documents.

As part of the investigation, Mandiant hacked into a company’s network with their permission to see how vulnerable it was. The company explains that within three short days, they had accessed “the keys to the kingdom,” and showed concern that a cyber theft could potentially do the same and stay undetected for over a year.

In a report published by the company, Mandiant explained how leaving breaches undiscovered or unreported for too long can ultimately compromise a country’s economic competitiveness or national security. Hackers could take over key infrastructure such as power stations and potentially even transport systems in “smart cities.”

Mandiant believes the bulk of the attacks on Asian companies are state-sponsored and target areas with heightened geopolitical tensions, such as the South China Sea. There has been a decrease in the number of attacks in the U.S. and western Europe by Chinese hackers, Mandiant believes that’s because they’re focusing their efforts on other parts of Asia.

Mandiant concludes by saying Asian organizations are ill-equipped to defend their networks from attackers because “they frequently lack basic response processes and plans, threat intelligence, technology and expertise.”