Malware tries to invade technology companies once every 60 seconds

Share this article:
FBI ransomware scam finds new home on the Mac
FBI ransomware scam finds new home on the Mac

Technology firms are targeted by malware threats at least once every minute on average, according to security firm FireEye's “Advanced Threat Report," released Wednesday.

The report, which analyzed 89 million "malware events" over the last half of 2012, also found that organizations across industries are targeted an average of once every three minutes. 

FireEye defines these events as activity that attempts to break through traditional defenses, such as firewalls, anti-virus and intrusion prevention systems. It takes the form of malicious file, attachment or web link that tries to infiltrate a company's network, and if successful, it engages in command-and-control communications.

Technology companies, along with other top targeted industries, like telecommunications and manufacturing, were deemed attractive because of valuable intellectual property attackers hoped to access.

“Due to the high concentration of intellectual property, technology firms are hit with an intense barrage of malware campaigns, nearly double the next closest vertical,” the report said.

Zheng Bu, senior director of research at FireEye, told Wednesday that advanced attackers have begun using multi-layered approaches to infiltrate organizations – even those considered security-minded.

“Most of the time, when [malware is] introduced to the IT security environment, there are security protections in place already,” said Bu, citing mainstays such as endpoint AV and firewall security solutions. “Even with so many existing technologies, their protections are still not enough.”

The report also highlighted that spear phishing attacks, targeted email ruses that include weaponized attachments, are the most common tactic used for initiating advanced malware campaigns.

For example, researchers at Finnish security firm F-secure recently said that spear phishing emails with malicious HTML-based attachments were used to spread a data-wiping trojan that targeted several South Korean corporations.

The report also concluded that .zip files were the delivery method of choice for malware in 92 percent of attacks. Another finding, however, showed an emerging phishing tactic that leveraged dynamic link library (.dll) files, which often skirt detection in comparison to commonly used .exe file types.

[An earlier version of this story incorrectly stated .ddl files were used in phishing attacks].
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.