Pace of malware attacks doubled in 2013

Malware attacks on enterprises occurred on average once every 1.5 seconds in 2013, up from once every 3 seconds in 2012, according to new research from FireEye.

And malware has truly become a global problem, with FireEye uncovering command and control (CnC) servers in nearly every country in the world throughout the year.

The vendor's latest Advanced Threat Report shows that attack servers communicating with malware are now hosted in 206 countries and territories. This does not mean there are attackers originating from every country, as malware operators often route their traffic through intermediate servers.

The largest number of CnC servers were found in the US, Germany, South Korea, China, Netherlands, the UK and Russia. These countries were also among the 10 most targeted by advanced persistent threats (APTs) in 2013.

Java was the most common zero-day focus in the first half of 2013, but by the second half a burst of watering hole attacks was launched targeting zero-day Internet Explorer exploits.

“The increasing frequency at which cyberattacks are happening illustrates the allure of malware to those with malicious intentions,” FireEye senior global threat analyst Dr Kenneth Geers said.

“Across the board, we are seeing a global expansion of APTs, malware, CnC infrastructure and the use of publicly available tools to facilitate the attack process. The global scale of the threat has put cyber defenders in the very difficult position of not having any clue where the next attack will come from.”

Image courtesy of Intel Free Press under CC