Malware found on 84% of enterprise systems

Every minute of every day the average enterprise organization accesses a malicious website, every 10 minutes a known malware is downloaded and every 27 minutes an unknown malware is downloaded.

These are just some of the sobering findings in a new report from Check Point Systems.

In a world of ever-changing cyber threats, organizations need to better understand the nature of the latest exploits and how their networks are potentially impacted, concludes the Check Point 2014 Security Report. Enterprises need to arm themselves with both cyber threat awareness and the appropriate security architecture to address these evolving challenges.

The 2014 Security Report reveals the prevalence and growth of threats on enterprise networks. All the information was gathered during 2013 from more than 200,000 hours of monitored network traffic, from more than 9,000 Threat Prevention gateways, across organizations in 122 countries.

And it found a massive increase in new and unknown malware on the networks.

Malware activity has grown dramatically year-over-year, according to the report. The research found malicious software within 84 percent of the organizations, and this malware was downloaded at an average rate of one every ten minutes.

It's a big increase from 2012, when the same study found just 14 percent of organizations experienced a user downloading malware every two hours or less. This year, that number increased more than three-fold to 58 percent of organizations.

"Unknown" malware rules the threat-scape, as smarter and more resilient malware emerged in 2013. Check Point's Threat Emulation sensors revealed that 33 percent of organizations downloaded at least one infected file with unknown malware for the period between June and December 2013. Of those infected files, 35 percent were PDFs.

Data loss is top-of-mind, particularly for retailers, due to the recent breaches and mass theft targeting consumer data at retailers such as Target, Neiman Marcus and Michaels. Check Point research found that 88 percent of the organizations analyzed experienced at least one potential data loss event, growing from the 54 percent observed in 2012.

Bot infections were also prevalent, with a host infected by a bot every 24 hours. In 2013, at least one bot was detected in 73 percent of the surveyed organizations, up from 63 percent the prior year. Check Point found that 77 percent of bots were active for more than four weeks and communicated with their Command and Control every three minutes.

Use of high-risk applications continued to be on the rise in 2013, with torrents, anonymizers and P2P file sharing applications being used every nine minutes on an average day. P2P file sharing usage increased from 61 percent of organizations in 2012 to 75 percent in 2013. Additionally, 56 percent of organizations ran anonymizer proxy applications in 2013, up from 43 percent in 2012.

"Our 2014 Security Report provides a bird's eye view into the degree of infiltration and sophistication of new threats. We found that organizations are often surprised by the severity of bot infections and the various threats that lurk on their networks," said Amnon Bar-Lev, president of Check Point Software Technologies. "It is clear that customers need an architectural approach to deal with these issues. Customers can rely on our revolutionary security architecture Software-defined Protection (SDP) to prevent the spread of attacks, and protect in real-time against new and existing threats."

For more:
-See this Check Point Systems press release
-See this CIO story

Related stories:
Target, JCPenney, RILA members form group to fight cyber crime
EMV migration won't save retail
Steinhafel's departure leaves Target looking for redemption
Target: Timeline of a data breach
Shoppers blame retailers for data breaches, Congress blames Target