Wednesday, August 31, 2011

FireEye Advanced Threat Report 1H2011

Via FireEye Blog -

This report [PDF] really illuminates the sophistication of the new breed of cyber-attacks and the success cyber criminals are having penetrating today’s corporate networks. Based on 1H 2011 data, we found a significant gap in today’s enterprise IT defenses. After reviewing hundreds of thousands of infection cases, 99% of enterprises had malicious infections in their network. Plus, 80% of the enterprises facing more than a hundred new infections per week. The bottom line: Today’s existing traditional enterprise IT defenses are not keeping up with highly dynamic, multi-stage attacks that cyber-criminals now use to attack today’s enterprises and federal agencies. We highlight the top infections for 2011, and the (not-so-surprising) fact that attackers continue to rely on customized malicious code toolkits to develop and distribute their threats.


Key findings:
  • 99% of enterprise networks have a security gap despite $20B spent annually on IT security.
  • Successful attacks employ dynamic, “zero-day” malware tactics. 90% of malicious binaries and domains change in just a few hours; 94% within a day.
  • The fastest growing malware categories are Fake-AV programs and Info-stealer executables.
  • The “Top 50” of thousands of malware families generate 80% of successful malware infections.

No comments:

Post a Comment