Actu
Check Point’s 2014 Security Report Shows Exponential Increase in New and Unknown Malware on Enterprise Networks
May 2014 by Check Point
Check Point has issued its 2014 Security Report, its second annual
report uncovering the major security events that occurred and impacted organisations
across the world in 2013. The report is based on analysis of monitored security
events from over 10,000 organisations worldwide, across a range of industry sectors.
It shows the network security events that actually occurred within firms during
2013, and the security risks that companies are exposed to.
Key findings include:
Malware activity increased in speed and quantity
Malicious software was downloaded every ten minutes in 84% of the organisations
under analysis. Last year, 58% of organisations experienced users downloading
malware every two hours or less, compared with just 14% in 2012.
’Unknown’ malware grows
Smarter and more resilient malware emerged in 2013. 33% of organisations downloaded
at least one infected file with unknown malware between June and December 2013. Of
those infected file types, 35% were PDFs. New tools called ’crypters’ enabled
malware writers to bypass detection by anti-malware software, so that organisations
were hit by 2 pieces of unknown malware every hour - one every 27 minutes.
Bot infestations
Bot infections continued to grow, with a host infected by a bot every 24 hours. In
2013, at least one bot was detected in 73% of organisations, an increase from 63% in
2012. Organisations also struggled with containing bots, as 77% of bots are active
for more than four weeks. Bots communicated with their ’Command & Control’ every
three minutes.
Data losses mount
Check Point found that 88% of organisations had experienced at least one potential
data loss event, up from 54% in 2012. In fact, in 33% of the financial institutions
surveyed by Check Point, credit card information was sent outside of the
organisation while 25% of healthcare and insurance institutions sent HIPAA-protected
information.
Risky applications result in risky business
Use of high risk applications continued to be on the rise in 2013, with torrents,
anonymisers, peer-to-peer (P2P) file sharing applications being used every nine
minutes on an average day. P2P file sharing usage increased to 75% in 2013 from 61%
of firms in 2012. Also, 56% of firms ran anonymizer proxy applications in 2013, up
from 43% in 2012.
"Our 2014 Security Report peeled back more layers to reveal the infiltration and
sophistication of malware in 2013. We found organisations at more risk with both
the new threats of today, as well as the old threats identified in last year’s
Security Report," said Amnon Bar-Lev, president of Check Point Software
Technologies. "It is clear that organisations need more understanding of, and
protections for the threats that endanger their networks, with security based on
real-time threat intelligence."
The Check Point 2014 Security Report is based on collaborative research from Check
Point Security Checkup assessments, Check Point Threat Emulation sensors, Check
Point ThreatCloud and Endpoint Security reports, and includes in-depth analysis of
200,000+ hours of monitored network traffic from 996 organisations worldwide and
over 9,000 security gateways deployed across various industries.
