The security firm has released its H2 2012 Advanced Threat Report

Apr 4, 2013 18:31 GMT  ·  By

Security firm FireEye has released its Advanced Threat Report for the second half of 2012. Based on data collected from over 89 million events, the study focuses on malware, and the way cybercriminals distribute it and defend it against security products.

According to the figures, on average, organizations experience a malware event up to one time every three minutes. However, the rate of malware activity varies depending on the industry.

For instance, tech companies experience one malware event per minute.

It’s also worth noting that spear phishing continues to be the most common malware distribution method. To make their campaigns as successful as possible, cybercriminals use common business terms as filenames.

For example, the most utilized term in malware file names in the second half of 2012 was “UPS.”

The study also shows that in 92% of attacks, the malware is hidden inside a ZIP archive file.

In an effort to prolong infections, cybercriminals are using DLL files instead of .exe files. In addition, malware authors have put some extra effort into ensuring that their creations avoid running in sandbox environments.

“This report provides an overview of how attacks have become much more advanced and successful at penetrating networks, regardless of industry,” said Ashar Aziz, FireEye founder and CTO.

“As cybercriminals invest more in advanced malware and innovations to better evade detection, enterprises must rethink their security infrastructure and reinforce their traditional defenses with a new layer of security that is able to detect these dynamic, unknown threats in real time.”

“The high rate at which cyber attacks are happening illustrates the allure of malware.” said Zheng Bu, senior director of research.

“Today, malware writers spend enormous effort on developing evasion techniques that bypass legacy security systems. Unless enterprises take steps to modernize their security strategy, most organizations are sitting ducks.”

The complete report from FireEye is available for download here (registration required).