Epidemic of unknown malware on enterprise networks
Check Point has issued a report uncovering the major security events that occurred and impacted organizations across the world in 2013. The report is based on analysis of monitored security events from over 10,000 organizations worldwide, across a range of industry sectors.
Malware activity increased in speed and quantity
Malicious software was downloaded every ten minutes in 84% of the organizations under analysis. Last year, 58% of organizations experienced users downloading malware every two hours or less, compared with just 14% in 2012.
“Unknown’ malware grows
Smarter and more resilient malware emerged in 2013. 33% of organizations downloaded at least one infected file with unknown malware between June and December 2013. Of those infected file types, 35% were PDFs. New tools called “crypters’ enabled malware writers to bypass detection by anti-malware software, so that organizations were hit by 2 pieces of unknown malware every hour – one every 27 minutes.
Bot infestations
Bot infections continued to grow, with a host infected by a bot every 24 hours. In 2013, at least one bot was detected in 73% of organizations, an increase from 63% in 2012. Organizations also struggled with containing bots, as 77% of bots are active for more than four weeks. Bots communicated with their “Command & Control’ every three minutes.
Data losses mount
Check Point found that 88% of organizations had experienced at least one potential data loss event, up from 54% in 2012. In fact, in 33% of the financial institutions surveyed by Check Point, credit card information was sent outside of the organization while 25% of healthcare and insurance institutions sent HIPAA-protected information.
Risky applications result in risky business
Use of high risk applications continued to be on the rise in 2013, with torrents, anonymizers, peer-to-peer (P2P) file sharing applications being used every nine minutes on an average day. P2P file sharing usage increased to 75% in 2013 from 61% of firms in 2012. Also, 56% of firms ran anonymizer proxy applications in 2013, up from 43% in 2012.
“Our 2014 Security Report peeled back more layers to reveal the infiltration and sophistication of malware in 2013. We found organizations at more risk with both the new threats of today, as well as the old threats identified in last year’s Security Report,” said Amnon Bar-Lev, president of Check Point Software Technologies. “It is clear that organizations need more understanding of, and protections for the threats that endanger their networks, with security based on real-time threat intelligence.”
The Check Point 2014 Security Report is based on collaborative research from Check Point Security Checkup assessments, Check Point Threat Emulation sensors, Check Point ThreatCloud and Endpoint Security reports, and includes analysis of 200,000+ hours of monitored network traffic from 996 organizations worldwide and over 9,000 security gateways deployed across various industries.