A quarter of all organisations are vulnerable to being breached by advanced persistent threats (APTs), according to the security company FireEye.

A study conducted by the firm over the first half of last year found 27% of groups were hit by advanced malware, known to be used by state-sponsored hackers, which is often able to bypass firewalls, intrusion prevention systems (IPS), sandboxes, web gateways and antivirus.

Dave DeWalt, chief executive of FireEye, said: "As we have seen over the last year, when just one advanced attack slips past the existing defences of companies, it can have both a costly and debilitating impact that takes months to repair."

"The results of our Maginot studies clearly show that there are gaps in the way many global businesses are secured, opening the door for aggressive threat actors to conduct anything from state-sponsored espionage to cybercrime."

Advanced malware became more prevalent across many sectors, becoming doubly common in the legal industries, which handles some of the most sensitive data.

Every firm studied in retail, agriculture, education, healthcare and transport groups had suffered a regular or advanced breach in the period, as well as three-quarters of the defence and aerospace industry, which was the most the secure sector studied.

"As our newest data shows, data breaches remain commonplace," the report said. "As we said in the original report, organisations must consider a new approach to securing their IT assets."

"They need to move away from passive, poorly integrated defences that provide a fragmented view of threats and cannot connect the dots in advanced attacks. They need a tightly integrated, nimble architecture that enables big-picture vigilance."