This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Businesses being hit with malware attacks every three minutes

Share this article:

Businesses are being targeted by cyber attacks once every three minutes with methods that traditional security tools are struggling to cope with, according to new research.

The figures come from security firm FireEye's 2H 2012 Advanced Threat Report and are pulled from a combination of 89 million malware samples and research from its security team, FireEye said. The malware events this study looked at are the ones that would “routinely” bypass what FireEye calls legacy defences, including technology such as firewalls, next-generation firewalls, anti-virus and security gateways.

These sorts of cyber attacks are now so prevalent that FireEye says businesses are facing, on average, a malware event once every three minutes. For technology companies that figure is even worse, with attacks coming every minute. Malicious email files and web links are the primary means used by cyber criminals to transmit malware, the study said.

FireEye's research also revealed that spear phishing is the most common attack vector for these advanced malware campaigns. This usually involves sending an email with a malicious attachment to a specific person. The attachment is given a name that is likely to tempt the recipient into opening the file. According to the company, shipping and delivery, finance and general business are the most common subjects, while 92 per cent of malware is delivered via a Zip file.

The report also exposed some of the techniques malware writers are using to ensure their attacks get through security defences. One method is to incorporate a virtual machine detector into the malware, so it can bypass sandboxing. Similarly, FireEye said it has detected malware that only executes once a user moves the mouse, a “tactic which could dupe current sandbox detection systems since the malware doesn't generate any activity.”

“This report provides an overview of how attacks have become much more advanced and successful at penetrating networks, regardless of industry,” said Ashar Aziz, FireEye founder and CTO.

“As cyber criminals invest more in advanced malware and innovations to better evade detection, enterprises must rethink their security infrastructure and reinforce their traditional defences with a new layer of security that is able to detect these dynamic, unknown threats in real-time,” Aziz added.

FireEye is run by former McAfee CEO Dave DeWalt, who first joined the company's board of directors in June 2012. Earlier this year former Symantec CEO Enrique Salem also joined the board of directors at FireEye.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

Google and Facebook offer free cyber-security tools

Google and Facebook offer free cyber-security tools

Google and Facebook have both launched free open-source cyber-security tools this week, designed to help security professionals spot malware and cyber-attacks.

Mixed results for key Government cyber-initiatives

Mixed results for key Government cyber-initiatives

The Government's Verify scheme to confirm IDs is behind scheuduled uptake, but its CISP threat intelligence sharing scheme is ahead of target.

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU ...

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers ...