Cyberattacks and cybercrime against large companies rose 40 percent globally in 2014, according to Symantec's annual Internet Security Threat study published Tuesday.
Five out of every six large companies – those with over 2,500 employees – were targeted with spear-phishing attacks or e-mail fraud in 2014, up 40 percent on year, the report showed. Attacks on small- and medium-sized companies, which accounted for 60 percent of targeted attacks, increased 26 and 30 percent, respectively.
Nearly 1 million new malware threats including a variety of hostile software such as viruses, spyware, trojan horses and malicious programs were released every day, according to the report, which analyzed emerging trends in attacks, malicious code activity, phishing and spam.
Meanwhile, ransomware attacks, which restrict access to the computer systems they infect, increased 113 percent, driven by an over 4,000 percent increase in crypto-ransomware attacks. Victims are offered a key to decrypt their files, but only after paying a ransom that can range from $300-$500—and there's no guarantee their files will be unlocked.
The mining industry, which includes oil & gas, was the most-targeted sector globally in 2014, Symantec said. Other high risk targets were the manufacturing, transportation and communications industries.
Internet security is an ever-changing and volatile landscape as cyberattacks become more prevalent, innovative and harder to prevent, Symantec said.
"If there is one thing that can be said about the threat landscape, and internet security as a whole, it is that the only constant is change," the report said. "This can clearly be seen in 2014: a year with far-reaching vulnerabilities, faster attacks, files held for ransom, and far more malicious code than in previous years."
Perhaps most worrying is that while attackers moved faster last year, companies did not.
"Cybercriminals are leapfrogging the defences that companies are putting in place to defend themselves and we're seeing a heightened level of sophistication in their techniques," Symantec cyber security strategist, James Hanlon, told CNBC Monday.
For instance, Symantec found that advanced attackers deployed legitimate software onto compromised computers to continue their attacks without risking discovery by anti-malware tools. Attackers also used commonly available crimeware tools to disguise themselves and built custom attack software inside their victim's network and on their servers.
"The complexity of the attacks is also increasing and cybercriminals are actively using the technology that companies have implemented to protect themselves, to do so," Hanlon said. "We're also seeing attackers moving and adapting much faster to vulnerabilities than they used to."