Businesses need to realise that cyber criminals will never stop in their quest to compromise systems to obtain data, a new report from Trustwave has established.
The 2013 Global Security Report pointed out that new threats are arising just as fast as businesses can implement steps to combat them, so they always need to be on their guard.
Statistics revealed that web applications are now the most popular target for attacks, although mobile malware has also become a growing threat over recent months.
Attackers have acknowledged the fact that a growing number of organisations are embracing mobility and as a result are designing attacks that can infiltrate these systems.
Trustwave reports that the Android operating system in particular is under attack, with the number of samples detected increasing 400 per cent over the past year alone.
One of the greatest defences for preventing breaches is to detect them as quickly as possible – the figures showed that in 2012, the average time it took to recognise an attack stood at 210 days.
This is 35 days longer than the previous year, with 64 per cent of people taking more than 90 days to become aware of the intrusion. In five per cent of cases, it had taken in excess of three years.
The need for companies to carry out a security audit is therefore growing, especially as attacks becoming increasingly more sophisticated and frequent.
Even the most basic of security features is being overlooked in some cases – Trustwave found that Password1 is still the most common password used by global organisations.
Out of the three million user passwords analysed by the group, half of them were using the bare minimum, suggesting there are plenty of vulnerabilities for attackers to exploit.
As the report stated, organisations need to be more aware of where they are leaving themselves most open to a security breach, before taking the necessary steps to plug the gap.
SQL injection and remote access made up nearly three-quarters (73 per cent) of the infiltration methods adopted by cyber criminals last year.
Not only this, versions of the Blackhole exploit kit comprised more than 70 per cent of all client-side attacks throughout the course of 2012.
It is simply no longer enough for businesses to implement basic security systems – with these attacks showing little sign of slowing down, the need for complex layers of security has never been greater.