Despite $20 billion invested annually in IT security, cyber criminals are easily evading traditional defenses to compromise the vast majority of enterprise networks

MILPITAS, Calif.--(BUSINESS WIRE)-- FireEye, Inc., the leader in protecting enterprises from advanced malware, zero-day and targeted APT attacks, today announced findings from their 1H 2011 Advanced Threat Report. The report, the first of its kind, illuminates the sophistication of the new breed of cyber-attacks and the success cyber criminals are having penetrating today’s corporate networks. According to FireEye Research, there is a significant gap in today’s enterprise IT defenses, as advanced malware and targeted attacks are easily evading traditional defenses, such as firewalls, intrusion prevention systems, antivirus, and Web/email gateways. 99% of enterprises have had malicious infections entering the network each week with 80% of the enterprises facing more than a hundred new cases per week. The bottom line: Today’s existing traditional enterprise IT defenses are not keeping up with highly dynamic, multi-stage attacks that cyber-criminals now use to attack today’s enterprises and federal agencies.

The Advanced Threat Report is based upon FireEye’s Malware Protection Cloud threat data shared by thousands of FireEye appliances and direct malware intelligence uncovered by our research team. The report provides a global view into cyber attacks that routinely bypass traditional defenses. The report covers the first half of calendar year 2011.

The report finds that cyber criminals are using highly dynamic malware to circumvent traditional signature-based defenses with 94% of malicious executables and malicious domains changing within 24-hours. The report highlights the top infections for 2011, and that attackers continue to rely on customized malicious code toolkits to develop and distribute their threats. The “Top 50” malware families account for over 80% of successful infections seen in the wild. In addition, the most prevalent attacks are Fake Antivirus scams and information stealing malware. Fake AV programs act as a conduit for more serious malware infections and information stealing malware targets user credentials enabling the theft of key intellectual property and sensitive data.

Key Findings from the FireEye Advance Threat Report – 1H 2011

• 99% of enterprise networks have a security gap despite $20B spent annually on IT security.
• Successful attacks employ dynamic, “zero-day” malware tactics. 90% of malicious binaries and domains change in just a few hours; 94% within a day.
• The fastest growing malware categories are Fake-AV programs and Info-stealer executables.
• The “Top 50” of thousands of malware families generate 80% of successful malware infections.

As criminals develop and invest in advanced malware, enterprises must also reinforce traditional defenses with a new layer of dynamic security that can detect these threats in real-time, and thwart malware communications back to command and control centers. This extra defense layer needs to be designed specifically to fight the unknown and zero-day tactics that dominate targeted and advanced, persistent threat (APT) attacks.

Methodology

This report was created by the FireEye Malware Intelligence Labs who analyzed several hundred thousand of cases of malware infections detected by the company’s Malware Protection System (MPS). The data in this report was obtained from customers that subscribe to FireEye’s Malware Protection Cloud.

Quotes

“The statistics in this report should be a wake-up call to enterprises,” said Ashar Aziz, Founder, CEO, and CTO, FireEye. “They need to closely examine their current IT defense perimeter and see if advanced malware is entering their networks unimpeded and determine if they need to add an extra layer of defense to cover this harmful and costly security gap.”

“Organizations worldwide will need to augment their defenses to address the dynamic-nature of today’s malware that is extremely successful at penetrating today’s networks,” said Aziz. “Advanced threats use a multi-stage infection cycle to maximize their chances to evade detection and successfully steal confidential information, particularly user credentials and intellectual property data.”

SOCIAL MEDIA:

• To download the entire report, go to http://www.fireeye.com/resources/pdfs/FireEye_Advanced_Threat_Report_1H2011.pdf
• View FireEye’s Research Team at blog.FireEye.com
• Find us on Twitter and Facebook
• For logos, executive pictures and other images, please visit FireEye’s media kit.

About the FireEye Malware Protection Cloud

FireEye and its customers have formed one of the most reliable sources of real-time threat data in the world. The FireEye Malware Protection Cloud interconnects FireEye appliances deployed within customer networks, technology partner networks, and service providers around the world. This worldwide cloud efficiently shares auto-generated malware security intelligence, such as covert callback channels, as well as new threat findings from the FireEye Malware Intelligence Lab. The 2011 takedown of the largest spamming botnet in the world, Rustock, was based on FireEye Malware Protection Cloud data and work with Microsoft, Pfizer, and the University of Washington.

About FireEye, Inc.

FireEye is the leading provider of next-generation threat protection focused on combating advanced malware, zero-day and targeted APT attacks. FireEye's solutions supplement security defenses such as traditional and next-generation firewalls, IPS, antivirus and Web gateways, which can't stop advanced malware. These technologies leave significant security holes in the majority of corporate networks. FireEye's Malware Protection Systems feature both inbound and outbound protection and a signature-less analysis engine that utilizes the most sophisticated virtual execution engine in the world to stop advanced threats that attack over Web and email. Our customers include enterprises and mid-sized companies across every industry as well as Federal agencies. Based in Milpitas, California, FireEye is backed by premier financial partners.

FireEye is a trademark of FireEye, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners

CONTACT:

Agency Contact:
Loughlin/Michaels Group
Woody Mosqueda, 408-738-9148
woody@lmgpr.com
or
Company Contact:
FireEye, Inc.
Phillip Lin, 408-321-6300
pr@fireeye.com

KEYWORDS:   United States  North America  California

INDUSTRY KEYWORDS:   Technology  Data Management  Internet  Networks  Telecommunications  Security  Defense  Other Defense

MEDIA: