Mandiant, a division of Google Cloud, finds that cybersecurity has improved globally, according to its new annual M-Trends 2024 report, which details its investigations into cyberattacks and its workers’ response actions over the past year. The company highlights that the time it took for the attacked organization to detect the intrusion was reduced in 2023 to just 10 days, compared to 16 in 2022, something that was related to an improvement in communications with external agents who notify it and also with the ‘ransomware’. This type of malicious program or computer virus, which takes control of the infected system and demands a ransom to return it to its owner, accounted for 23% of Mandiant's investigations in 2023, compared to 18% in 2022. By sector of activity, cyberattacks focused on financial organizations (17%), business services (13%), high technology (12%), retail (9%) and health (9%), the report states. Mandiant's vice president, Jurgen Kutscher, stressed, quoted in a statement, that "attackers are constantly looking for ways to evade detection and stay in systems longer" and one of the ways they use, also on the rise, is the "zero-day vulnerability". A zero-day vulnerability is an undiscovered flaw in a computer application or operating system that opens a security hole for which there is no defense because the software manufacturer does not know it exists, as defined by Hewlett Packard Enterprise. These vulnerabilities are no longer limited to advanced actors, but are positioned as a trend due to factors such as ransomware, data extortion groups and increased exploitation by "government-sponsored agents," Mandiant noted in its note. Mandiant also points specifically to an "intensification of espionage activity by agents with links to China" who take advantage of these zero-day vulnerabilities and, like other hackers, focus on devices, such as firewalls, that have less security. Read Also: The Netherlands accuses China of spying on technologies (Portuguese version)