Check Point Software Technologies published 2014 Security Report to highlight major security events occurred last year and show current malware trends. The data were collected monitoring network traffic from 996 organizations of various industries.
Nearly 84 percent of organizations found infected with malicious code, the experts at Check Point estimated that 2.2 pieces of unknown malware hitting enterprises once every hour.
The repercussions under security perspective are serious, 88 percent of organizations suffered a data breach at least once last year, an increment of 34 percent respect 2012. As it has been reported by other studies of other security firms, financial institutions, healthcare and insurance companies were the most affected enterprises.
In 2013 we assisted to a significant increase of botnet infections, they increased by about 10%, from 63 percent in 2012 to 73 percent in 2013, less than 10 percent of antivirus software had detected unknown malware with serious consequences.
“It is important to distinguish between unknown malware and what are often referred to as “zeroday” exploits. Zero-day malware exploits a previously unknown and unreported vulnerability for which there is no patch.Unknown malware refers to malicious code that exploits a known vulnerability or weakness, but cannot be detected at the time of its discovery even by up-to-date antivirus, anti-bot or Intrusion Prevention System (IPS) solutions. The window of effectiveness for an unknown malware is often only 2–3 days, because its existence in the wild gives antivirus vendors time to detect it on their global networks and build signatures for it.” states the study.
According 2014 Security Report, nearly 33 percent of organizations have downloaded at least one file infected by unknown malicious code, 35 percent of infected file were PDF files, 33 percent were .EXE files and 27 percent archive.
It is a scaring scenario, if we consider that enterprise systems and networks were infected by a malware very 24 hours, 60 percent of organizations downloads malware every two hours or less (in 2012 the percentage was 14%), while the researchers detected a bot communication with its command and control server every three minutes.
“The prevalence of bot infections within enterprises is staggering,””Check Point also found that 77 percent of bots were active within enterprises for more than four weeks. With all of this in mind, it is important for organizations to deploy threat prevention technologies to identify and contain the spread of malware, as well as even prevent initial infection.” said Kellman Meghu, head of security engineering at Check Point.
The 2014 Security Report confirmed that risky applications in enterprises are becoming a serious issue, for example, 63 percent of enterprises found BitTorrent use internally, a significant jump respect 40 percent in 2012.
Patch management is another security lack for some enterprises, 14 percent of their endpoints were not running the most recent Windows service packs, and 33 percent of endpoints were running out-of-date versions of common applications like Adobe and Java software or Internet Explorer.
Wrong habits concur to aggravate the situation as explained in the report.
“Clients are often left vulnerable by important protection capabilities that have been disabled,” “For example, almost one quarter (23 percent) of enterprise endpoints analyzed by Check Point did not have a desktop firewall enabled, and more than half (53 percent) had enabled Bluetooth, exposing them to wireless attacks in public spaces.” states the report.
Let’s close with curious insights provided in Check Point 2014 Security Report:
As usual, I suggest you to read the report.
(Security Affairs – Check Point 2014 Security Report, malware)