Bot Born Every 24 HoursBot Born Every 24 Hours
Nearly 85 percent of enterprises are harboring malware, and a new bot emerges each day, new Check Point report says.
May 9, 2014
Nearly three-fourths of enterprises have at least one bot-infected endpoint living in their corporate networks, and every three minutes a bot communicates with its command and control server.
New data from Check Point Software Technologies highlights the botnet and malware infestation within the enterprise, with 84 percent of organizations found infected with malware, and 2.2 pieces of unknown malware hitting them once every hour. Less than 10 percent of antivirus products had detected unknown malware, and the number of organizations found with bots jumped from 63 percent in 2012 to 73 percent in 2013.
An enterprise computer is infected with bot malware every 24 hours, according to the report.
"The prevalence of bot infections within enterprises is staggering," says Kellman Meghu, head of security engineering at Check Point. "Check Point also found that 77 percent of bots were active within enterprises for more than four weeks. With all of this in mind, it is important for organizations to deploy threat prevention technologies to identify and contain the spread of malware, as well as even prevent initial infection."
Meanwhile, some 88 percent of organizations suffered a data loss incident at least once last year, versus 54 percent in 2012. Around one-third of financial institutions had credit card information leaked, and one-fourth of healthcare and insurance companies leaked HIPAA-protected information, according to the Check Point "2014 Security Report," based on analysis of network event data gathered from 10,000 organizations worldwide.
CheckPoint also boiled down some of its data into some telling stats about security woes in the enterprise:
Every 49 minutes, sensitive data is sent outside an organization
Every minute, a host visits a malicious website
Every nine minutes, a high-risk application is being used (think BitTorrent)
Every 27 minutes, unknown malware is downloaded
In nearly 60 percent of organizations, an end-user downloads malware every two hours or less. That's a major jump from 2012, when it was 14 percent. And some 33 percent of organizations have downloaded at least one file with unknown malware, 35 percent of which were PDF files. EXE (33 percent) and archive (27 percent) also were the top formats for unknown malware.
Risky applications are on the rise in enterprises, too. Some 63 percent say they found BitTorrent use among users, versus 40 percent in 2012.
Regular patching of endpoints is still not practiced in some organizations, either: 14 percent of enterprise endpoints were not running the most recent Windows service packs, and 33 percent of endpoints were running out-of-date versions of Adobe Reader, Flash Player, Java, and Internet Explorer.
Adding to the vulnerability of endpoints: Some organizations aren't using built-in security features or best-practices. "Clients are often left vulnerable by important protection capabilities that have been disabled," the report says. "For example, almost one quarter (23 percent) of enterprise endpoints analyzed by Check Point did not have a desktop firewall enabled, and more than half (53 percent) had enabled Bluetooth, exposing them to wireless attacks in public spaces."
The full report is available here for download.
About the Author(s)
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Everything You Need to Know About DNS Attacks
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks
How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment