Hackers many times use basic malware to gain partial access to a secure system. Once this has been successful the hackers can start to try to find additional information specific to that business or data they are trying to access since they now have a foothold into the system. By gaining more specific information using the malware already infecting a compromised server(s), they can begin to construct custom malware to further exploit the system.
Custom malware is quickly becoming a new laser targeting method of breaching secure systems as hackers find specific weak points in a supposedly secure system.
Dedicated server defenses need to thwart attacks every single time, were a single breach from a hacker is all it takes for a successful intrusion.
Malware is not always the crude email phishing attempts that are in most cases easy to spot even for novices in the Internet of Things world we now live in. Custom malware could begin to be customized to a specific online business by even just basing phishing emails or sites on similar industries as the target is in involved in. An online business accepting PayPal payments from its customers would receive PayPal like phishing emails instead of nude photo links in an email.
Successful attacks need to go undetected for as long as possible to be deemed successful by the attackers. Not knowing how an attack was successful once discovered is just as bad since it will in most cases simply happen again. Opening a backdoor for communication between the hackers and the dedicated servers without administrators knowing about it or triggering any intrusion alerts is a worst case scenario for any online business.