Every three minutes, the average company encounters malware activity that exposes its information systems to attack, according to the latest report released by threat-protection firm FireEye.
Attackers are also increasingly using tactics aimed at escaping detection by standard defenses such as antivirus software, according to FireEye’s Advanced Threat Report for the second half of 2012.
While law firms only see an event every 30 minutes, technology firms are attacked in some way every minute on average.
Based on data from 89 million incidents over six months, FireEye classified malicious activity as a drive-by download, a compromised computer contacting a botnet controller over the Internet or the receipt of an email with a malicious attachment or link.
Attacks against companies in industries such as banking and legal services had wide variances in the number of incidents they faced each month. While other industries, such as technology and telecommunications, faced a much more consistent threat, the report found.
While the company did not release data on the trends, it found that increasing numbers of malware either detects the virtual machines (VMs) used as an environment to analyse malicious code or used delaying tactics to outlast the typical time that software programs are analysed. In addition, more malware is signed by a digital certificate to seem more legitimate.
“There is actually a very strong effort by malware writers to evade a lot of defences – not just antivirus anymore, but bypassing a lot of traditional sandboxing methods,” Rob Rachwald, senior director of market research FireEye told eWEEK.”
FireEye appliances are typically placed inside a company’s firewalls and email security gateways, so the events detected by the company are those that passed the first line of defences.
Malware that waits for actual user activity before executing will get passed to the user as a non-malicious file, Anup Ghosh, chief executive and founder of Invincea, an endpoint security firm.
“Companies have to be careful that if they are doing the analysis in a virtual environment, (the malware) may detect the VM and decide not to run,” said Anup Ghosh, chief executive and founder of Invincea. “Then you are passing it onto the user, indicating that it’s no threat, and that is a problem.”
FireEye also found that ZIP-compressed files are the most common form of email attachment, encompassing 92 percent of all malicious file types found appended to email messages.
The study represents only a snapshot of the data FireEye collected, but other security firms have made similar findings.
On 25 March, network security firm Palo Alto Networks released its own report finding that nearly 40 percent of malware escapes detection and makes it into the network.
Are you a security pro? Try our quiz!
Originally published on eWeek.
Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…
Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…
Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…
Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…
Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…
Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…