All the latest UK technology news, reviews and analysis


Malware attacks hitting firms every three minutes

03 Apr 2013
Data security

Cyber crooks are targeting businesses once every three minutes with advanced malware capable of avoiding detection from traditional tools such as firewalls and anti-virus software.

Security firm FireEye reported the figure in its H2 2012 Threat Report, released on Wednesday, based on data gathered from 89 million malware events, along with intelligence from its research team.

The firm reported that spear phishing remained the most common attack strategy for getting malware into an enterprise.

Spear phishing is a common form of attack that looks to dupe its victims into downloading malware by sending messages using common business terms designed to entice them to click on a malicious email file attachment or web link.

FireEye said most of messages it detected masqueraded as shipping and delivery, finance, and general business topics and that the top term in malware files names was UPS. The firm said that while attack methods remain simple the malware being used is getting more sophisticated.

"Several innovations have appeared to better evade detection. Instances of malware are uncovered that execute only when users move a mouse, a tactic which could dupe current sandbox detection systems since the malware doesn't generate any activity," FireEye warned.

"In addition, malware writers have also incorporated virtual machine detection to bypass sandboxing."

FireEye chief technology officer Ashar Aziz said that the malware evolution is proof businesses need to adopt new intelligence based defence strategies.

"As cybercriminals invest more in advanced malware and innovations to better evade detection, enterprises must rethink their security infrastructure and reinforce their traditional defences with a new layer of security that is able to detect these dynamic, unknown threats in real time," said Aziz

FireEye's call for change mirrors those of numerous other security vendors.

Most recently security agency Europol reported that the increased success rate of cyber attacks is doubly dangerous as organised crime groups (OCGs) are using them to fund other darker real world activities.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

Tech gifts for Christmas 2014

Is a new tablet on your wish list this festive season, or have they become yesterday’s fad?
12%
23%
11%
6%
48%

Popular Threads

Powered by Disqus
iPhone 6 is available in silver gold and space grey

iPhone 6 video review

The best iOS handset to date

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Desktop Support EMEA

The MediaMath IT team is current seeking a Desktop Support...

Head of IT Security

As the primary technical expert in IT Security within...

.Net Developer - VB, C#, MVC, SQL, jQuery.

.Net Developer required for Bristol-based (Keynsham...

Cisco CCNA/CCNP Voice Engineer | Cisco Gold Partner

Cisco CCNA/CCNP Voice Engineer The Role: The...
To send to more than one email address, simply separate each address with a comma.