Over a quarter of attacks which bypass traditional defenses are advanced persistent threats (APTs), according to new research from security vendor FireEye.
Although the firm specializes in preventing such attacks, its new report is nonetheless interesting in what it says about the ability of organizations to deal with sophisticated targeted attacks.
Over 1600 firms participated in the study, which spanned the first half of 2014, the vendor said in its Maginot Revisited report.
Some 27% of the breaches that resulted from the tests were consistent with APTs.
All of the participants from the retail, agriculture, auto/transportation, education, and healthcare/pharmaceutical sectors were breached and 91% of those in the entertainment and media industry were hit, FireEye said.
The aerospace/defense sector was found to be the most secure, with only 76% of organizations compromised in the tests.
FireEye claimed organizations need to be more proactive when it comes to security, in order to combat this new generation of targeted attacks.
“They need a tightly integrated, nimble architecture that enables big-picture vigilance,” it added in the report. “Today’s security organizations can’t afford to passively wait for attacks. Instead, they should take a lean-forward approach that actively hunts for new and unseen threats.”
Last year in particular saw multiple high profile data breaches reported in the US, especially in the retail sector.
Targeted attacks aiming malicious code at POS systems were to blame for the majority, with numerous malware families including Soraya, BackOff and Alina responsible.
It’s a trend observed across the industry.
Trend Micro had the following, for example, in a report last year:
“Many PoS terminals are built using embedded versions of Microsoft Windows. This means that it is trivial for an attacker to create and develop malware that would run on a PoS terminal, if he can gain access to that terminal and bypass or defeat any running security solutions present. Sufficiently skilled and determined attackers can thus go after a business’s PoS terminals on a large scale and compromise the credit cards of thousands of users at a time.”
The switch over to chip and PIN, which is set to gather speed in the US later this year, will likely reduce attacks via this vector although most analysts agree that targeted threats will be a growing concern in 2015.