The intensity of attacks also stepped up with the number of very large brute force attacks – defined as more than 30,000 malicious requests in a 10 minute period – ended on an unprecedented high of over 1.5 attacks daily after starting the year at half that level.

In a brute force attack, cyber criminals use automated software such as botnets to make multiple guesses about possible passwords to gain access to data or personal details.

Benjamin Hosack Chief Commercial Officer at Foregenix comments: ‘Brute force attacks were once an occasional occurrence – typically we would see around one every three months or so. This data confirms what we are seeing on the ground. There is a very clear upward trend, not only in the frequency but also the intensity. Automated massive attacks are now the norm.

‘Hackers are targeting organisations of all types in the public and private sectors. Smaller firms are seen as prime targets as their servers are often more vulnerable and, once breached, they can be used to launch new automated attacks that appear to come from a legitimate source.’

Hosack recommends organisations should strengthen their defences, for example by enforcing complex passwords, using challenge response tests such as solving a simple maths problem and accountlockouts if a password is incorrect on a specific number of attempts.

Foregenix CEO Andrew Henwood comments: ‘There’s little reason to believe the trend will be reversed. The difficulty in catching the cyber criminals, the ease with which they can launch attacks and weak cyber defences especially in growth areas like the Internet of Things means brute force attacks are a long-term issue.