Member Article

Check Point Uncovers Hidden Security Threats on Networks

New 2013 Security Report defines security priorities for organisations worldwide: highlights hidden threats and employees’ risky online activities which create vulnerabilities on corporate networks

• 63% of organisations globally are infected with bots: 70% of these bots communicate with their control centre at least every 2 hours. 58% of control centres are in the USA, just 4% in China
• 53% had malware downloaded onto their networks from existing infections
• US-based organisations host the majority of malware (71%), followed by Canada (8%) and the UK (4%)
• 61% of organisations were found to use P2P file-sharing, and 43% use anonymizer apps
• 54% of organisations had at least one data-loss event by email or posting online

Check Point has issued its 2013 Security Report, uncovering the major security risks and threats that impact organizations worldwide. The new report examines the leading security threats, the risky web applications that compromise network security, and incidences of unintentional loss of data caused by employees.

The Check Point 2013 Security Report is based on research from 888 companies worldwide, gathered from Check Point ThreatCloud, the first collaborative network to fight cybercrime; Check Point 3D security reports; and the company’s global network of threat sensors in 2012. It gives insight into the network security events that occurred within organizations during 2012, and the security risks that companies are exposed to.

Key findings from the report are:

Hidden security threats

The research revealed that 63% of organisations globally were infected with bots, and 53% were infected with new malware at least once a day as a result of existing infections on their networks. 70% of the bots detected communicated with their external command centres at least every 2 hours. 58% of command centres are based in the USA, with just 4% in China.

It also highlighted that 75% of organisations are not using the latest software versions in popular software (Acrobat Reader, Flash, Internet Explorer, Java), which can lead to security vulnerabilities. Also, 44% were not using the latest Microsoft Windows Service Packs, which include the latest Microsoft security updates.

Risky Web 2.0 applications

91% of organizations used applications with potential security risks, giving hackers an unprecedented range of options for penetrating corporate networks. 61% of organisations were found to be using P2P file-sharing, and 43% using anonymizer applications: in the majority of cases, this usage conflicted with the organisation’s web usage and security policies, and can potentially open a backdoor to networks. 69% of organisations were found to be using Dropbox for cloud storage.

Data loss incidents

54% of organisations had at least one potential data loss incident as a result of emails being sent in error to an external recipient, or information being incorrectly posted online. Credit card information was the most common type of sensitive information sent outside organisations (29%), and public sector bodies and financial companies were the most likely to do this.

“Our research uncovered many alarming vulnerabilities and security threats on networks that most organizations were not aware of,” said Amnon Bar-Lev, president of Check Point. “With clearer visibility of these, IT professionals can now better define a security blueprint to protect their organizations from the constant stream of evolving security threats, ranging from botnets, to employees using risky web applications like anonymisers, to data loss.”

Check Point Security Gateways running Check Point Software Blades, such as IPS, Application Control, URL Filtering, Antivirus and Anti-Bot, can detect and prevent the latest threats. Check Point ThreatCloud feeds software blades with real-time intelligence and signatures. Additionally, Check Point Secure Web Gateway blocks access to malware infested websites and usage of high risk applications like anonymisers. Check Point DLP Software Blade helps organizations pre-emptively protect sensitive information from unintentional loss and leakage.

To read the full report, visit: http://www.checkpoint.com/campaigns/security-report/index.html

For more information on conducting an onsite security analysis of threats, visit: http://www.checkpoint.com/campaigns/3d-analysis-tool/index.html

This was posted in Bdaily's Members' News section by Check Point .