FireEye in 2013 recorded more than 40,000 unique cyber-attacks (more than 100 per day) and more than 22 million malware command-and-control (CnC) communications, which routinely bypass traditional defenses such as firewalls, next-generation firewalls, IPS, anti-virus and security gateways with evolving advanced persistent threat (APT) tactics.
According to the company's Advanced Threat Report for 2013, enterprises are attacked globally on average once every 1.5 seconds. That’s double the frequency seen just one year prior: in 2012, FireEye reported that malware attacks occurred once every three seconds.
“The increasing frequency at which cyber-attacks are happening illustrates the allure of malware to those with malicious intentions,” said Kenneth Geers, senior global threat analyst at FireEye, in a statement. “Across the board, we are seeing a global expansion of APTs, malware, CnC infrastructure, and the use of publically available tools to facilitate the attack process. The global scale of the threat has put cyber-defenders in the very difficult position of not having any clue where the next attack will come from.”
Malware attack servers and CnC infrastructure have been placed in 206 countries and territories, up from 184 in 2012. The US, Germany, South Korea, China, Netherlands, UK, and Russia were home to most of them. And the targets? The US has the dubious honor of topping the list for number of targets, followed by uber-wired South Korea, Canada, Japan, the UK, Germany, Switzerland, Taiwan, Saudia Arabia and Israel.
In the first half of 2013, Java, unsurprisingly, was the most common zero-day focus for attackers. In the second half of 2013, FireEye observed a burst of Internet Explorer (IE) zero-days used in “watering hole” attacks.
Also, FireEye identified five times more web-based attacks than email-based attacks globally, and, per country, there were three times more web attacks than email attacks.
Government topped the list for verticals that were targeted by the highest number of unique malware families. Interestingly, the much-covered financial services segment came in at No. 4, behind services and technology. Telecom, education, aerospace/defense, state and local government, chemical and energy rounded out the top 10. Healthcare and retail, which tend to nab headlines, didn’t make the list of top targets.