Nearly one in five organisations has been hit by hackers or keyloggers this year, a rise of five per cent on last year, research shows.

The Web@Work survey of 400 IT decision makers and employees conducted by vendor Websense, found that hackers stealing passwords and confidential information that can then be used to provide full access to corporate systems and files is increasing.

The research has also highlighted a growing threat of bots, software that can be unknowingly installed on a user’s PC and communicates with a command and control centre.

This centre takes unauthorised control of many bot-infested PCs from a single point and can be used for launching distributed denial of service attacks, acting as a spam proxy and hosting malicious content and phishing exploits.

Only 34 per cent of IT decision-makers said they are very or extremely confident that they can prevent bots from infecting employees’ PCs when not connected to the corporate network.

Evaluating how the IT security landscape has changed in the past 12 months, spyware continues to be a problem, with 92 per cent saying the organisation had been infected.

The threat of phishing has stayed relatively constant, with 81 per cent reporting a phishing attack via email or instant messaging (IM).

IT decision makers said the biggest threats to their jobs are system downtime due to viruses, lost or stolen intellectual property and internet security breaches.

‘Although employee awareness of web-based threats such as phishing attacks and keyloggers is improving, the vast majority of employees still do not know that they could fall prey to these tactics in the workplace,' said Dan Hubbard, senior director of security and technology research at Websense.

‘Organisations need to implement a proactive approach to web security which includes both technology to block access to these types of infected websites and applications, as well as rigorous employee internet security education programs.’