Security firm Symantec has warned that five out of six large enterprises suffered an attack of some kind in the past year, and that the future does not look any brighter.
The Symantec Internet Security Threat Report Volume 20 (PDF) said that advanced attacks are using new "deceptive" powers to defeat defences by exploiting the human element of the security landscape.
"Attackers don't need to break down the door to a company's network when the keys are readily available," said Kevin Haley, director of Symantec Security Response.
"We're seeing attackers trick companies into infecting themselves by trojanising software updates to common programs and patiently waiting for their targets to download them, giving attackers unfettered access to the corporate network."
Attackers have made the most of assaults on a number of networks and enterprises in recent months, and the industry will be well aware of the threat. Symantec has even more for them to worry about.
Attacks have increased across the board, and companies have been subjected to a rise in phishing attacks and ransom-type demands.
"Cyber criminals are inherently lazy; they prefer automated tools and the help of unwitting consumers to do their dirty work," added Haley.
"Last year, 70 percent of social media scams were shared manually, as attackers took advantage of people's willingness to trust content shared by their friends."
The hackers are also being aided by poor security patching programmes, according to Symantec.
The company found that a number of threats were enabled by a slow patch release response from the industry.
Some providers took as long as 59 days to create and roll out patches last year, despite a surge in zero-day threats. By comparison, it took around four days in 2013.
Another problem is that companies are failing to apply patches even when they are made available.
Symantec advises consumers and businesses to choose strong passwords and to shore up their security protection systems and practices.
Bug means Siri can be asked to read aloud all your hidden notifications
Yeah, sorry about all that, simpers Zuckerberg