Company says only 10% of attacks are likely to be based on profiling.
Kaspersky Lab has warned that firms are too focused on the potential for targeted hacking, and should be more concerned about random attacks.
Speaking at a roundtable, the firm estimated that around one in ten attacks may be targeted towards specific individuals or vertical industries, with the remainder aimed at hitting anybody who might be vulnerable.
David Emm, senior security researcher at Kaspersky, said: "If you think of the threat landscape as a pyramid, 90% of that is still made up of random, speculative attacks not aimed at individuals because of who they are, but just because they’re unfortunate enough to get infected."
State-sponsored attacks were thought to account for a mere 0.1% of attacks in the wild, although Emm noted that while such attacks are rare they can be "huge in terms of fallout".
Bob Tarzey, director at the research firm Quocirca, echoed his comments, adding: "I think the press find targeted attacks very compelling, but they comprise probably about 10% of the attacks actually out there."
Kaspersky’s comments follow only a week after its report on the Darkhotel virus, which targeted high profile businessmen staying in hotels through phoney software downloads, ultimately seeking company data or intellectual property.