Menu
Hackers attack enterprise every 1.5 seconds: FireEye

Hackers attack enterprise every 1.5 seconds: FireEye

In the first half of 2013, Java was the most common zero-day focus for attackers

Malware activity has become so pervasive globally that attack servers communicating with Malware are now hosted in 206 countries and territories.

That’s according to the latest FireEye Advanced Threat Report which details malicious activities captured by the FireEye Security Platform through 2013.

The report draws on data gathered from nearly 40,000 unique cyber attacks (more than 100 per day) and over 22 million malware command and control (CnC) communications.

It provides a global picture of cyber attacks that routinely bypass traditional defenses such as firewalls, next-generation firewalls, IPS, antivirus and security gateways.

It found enterprises are attacked on average once every 1.5 seconds, compared to 2012, when malware attacks occurred once every three seconds. The increased frequency of use highlights the bigger role malware is playing in cyber attacks.

Malware attack servers, command and control (CnC) infrastructure are now in 206 countries and territories, up from 184 in 2012.

The U.S., Germany, South Korea, China, Netherlands, United Kingdom, and Russia were home to the most CnC servers.

The top ten countries that were most frequently targeted by APTs in 2013 in order of highest to lowest frequency were the US, South Korea, Canada, Japan, United Kingdom, Germany, Switzerland, Taiwan, Saudi Arabia and Israel.

The top ten verticals targeted by the highest number of unique malware families were government, services/consulting, technology, financial services, telecommunications, education, aerospace/defense, government (State/Local), chemicals and energy.

In the first half of 2013, Java was the most common zero-day focus for attackers.

In the second half of 2013, FireEye observed a burst of Internet Explorer (IE) zero-days used in "watering hole" attacks.

FireEye identified five times more web-based attacks than email-based attacks globally, and that per country, there were three times more web attacks than email attacks.

FireEye senior global threat analyst, Kenneth Geers, said the increasing frequency in occurrence of cyber attacks illustrated the allure of malware to those with malicious intentions.

"Across the board, we are seeing a global expansion of APTs, malware, CnC infrastructure, and the use of publically available tools to facilitate the attack process,” he said.

“The global scale of the threat has put cyber defenders in the very difficult position of not having any clue where the next attack will come from."

Follow Us

Join the ARN newsletter!

Error: Please check your email address.

Tags zero-day exploitsKenneth GeersjavaInternet ExplorermalwareFireEye senior global threat analyst

Upcoming

Slideshows

IN PICTURES: VMworld 2015 Asia-Pacific and Japan party (+ 32 photos)

IN PICTURES: VMworld 2015 Asia-Pacific and Japan party (+ 32 photos)

VMware recently held an Asia-Pacific and Japan party for its partners in San Francisco following two days of keynotes and sessions. Whilst mingling and enjoying drinks and finger food, the partners were joined by VMware management who also took the opportunity to let their hair down to have some fun.

IN PICTURES: VMworld 2015 Asia-Pacific and Japan party (+ 32 photos)
IN PICTURES: VMworld 2015 sponsor and partner showcase (+41 photos)

IN PICTURES: VMworld 2015 sponsor and partner showcase (+41 photos)

VMware's sponsors and partners used the opportunity at VMworld 2015 to showcase some of their technologies. At an exhibition hall, these vendors educated those that popped by their stands on these solutions and addressed some of the issues surrounding mobility, datacentres, and the Cloud. SOme of the big names there included f5, Palo Alto Networks, HP, Intel, Samsung, and Symantec.

IN PICTURES: VMworld 2015 sponsor and partner showcase (+41 photos)

iasset.com is a channel management ecosystem that automates all major aspects of the entire sales, marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Show Comments