Malware attacks tech companies every minute

By on

FireEye report points to intellectual property hijack attempts.

Technology firms are targeted by malware once a minute according to a security firm.

FireEye's Advanced Threat report  Theanalysed 89 million "malware events" over the last half of 2012 and also found organisations across industries are targeted an average of once every three minutes. 

It defined events as activity that attempted to break through traditional defenses, such as firewalls, anti-virus and intrusion prevention systems. It takes the form of malicious file, attachment or web link that tries to infiltrate a company's network, and if successful, it engages in command-and-control communications.

Technology companies, along with other top targeted industries, like telecommunications and manufacturing, were deemed attractive because of valuable intellectual property attackers hoped to access.

“Due to the high concentration of intellectual property, technology firms are hit with an intense barrage of malware campaigns, nearly double the next closest vertical,” the report said.

FireEye research senior director Zheng Bu said advanced attackers have begun using multi-layered approaches to infiltrate organisations.

“Most of the time, when [malware is] introduced to the IT security environment, there are security protections in place already,” said Bu, citing mainstays such as endpoint AV and firewall security solutions. “Even with so many existing technologies, their protections are still not enough.”

The report also highlighted that spear phishing attacks, targeted email ruses that include weaponised attachments, are the most common tactic used for initiating advanced malware campaigns.

F-secure researchers said recently that spear phishing emails with malicious HTML-based attachments were used to spread a data-wiping trojan that targeted several South Korean corporations.

The report also concluded that .zip files were the delivery method of choice for malware in 92 percent of attacks. Another finding, however, showed an emerging phishing tactic that leveraged data definition language (.ddl) files, which often skirt detection in comparison to commonly used .exe file types.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
fireeye malware security
In Partnership With

Most Read Articles

Australia gets world-first encryption busting laws

Australia gets world-first encryption busting laws
NAB's public cloud expansion ran without internal IT staff

NAB's public cloud expansion ran without internal IT staff
Ban Chrome as default browser, limit Facebook user data harvesting: ACCC crackdown

Ban Chrome as default browser, limit Facebook user data harvesting: ACCC crackdown
NBN Co may have to pay users stuck in congested wireless cells

NBN Co may have to pay users stuck in congested wireless cells
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

Automate and secure IOT for Business
Automate and secure IOT for Business
Data Science and AI Solutions for Cybersecurity
Data Science and AI Solutions for Cybersecurity
Intro to AI for Security Professionals
Intro to AI for Security Professionals
Digital Transformation: Hope, or Hype?
Digital Transformation: Hope, or Hype?
How to choose a trusted IT provider
How to choose a trusted IT provider

Events

Log In

Username / Email:
Password:
  |  Forgot your password?