At the same time, says the analysis – the security vendor's H1 2011 advanced threat report - the `Top 50' malware families now account for over 80% of successful infections seen in the wild.
In addition, says the research, the most prevalent attacks are fake anti-virus scams and information stealing malware, acting as a conduit for more serious malware infections and information stealing malware that targets user credentials, so enabling the theft of key intellectual property and sensitive data.
All of this, asserts FireEye, is against a backdrop of $20 billion a year being spent on IT security and, as a result of the shortcoming, the report says that cybercriminals are easily evading traditional defences to compromise the vast majority of enterprise networks
The problem, adds the report, is that there is a significant gap in today’s enterprise IT defences, as advanced malware and targeted attacks are easily evading traditional defences, such as firewalls, intrusion prevention systems, anti-virus, and Web/email gateways.
99% of enterprises, notes the research, have had malicious infections entering the network each week with 80% of the enterprises facing more than a hundred new cases per week.
The bottom line?
FireEye reports that today’s existing traditional enterprise IT defences are not keeping up with highly dynamic, multi-stage attacks that cybercriminals now use to attack today’s enterprises and federal agencies.
Ashar Aziz, the founder and CEO of the company, said that the statistics in the report should be a wake-up call to enterprises.
“They need to closely examine their current IT defence perimeter and see if advanced malware is entering their networks unimpeded and determine if they need to add an extra layer of defence to cover this harmful and costly security gap”, he said.
“Organisations worldwide will need to augment their defences to address the dynamic-nature of today’s malware that is extremely successful at penetrating today’s networks”, he added.