Findings of 2014 Check Point Security Report

In a world of ever-changing cyber threats, organisations must understand the nature of the latest exploits and how their networks are potentially impacted on.

Enterprises need to arm themselves with both cyber threat awareness and the appropriate security architecture to address these evolving challenges. The 2014 Security Report reveals the prevalence and growth of threats on enterprise networks, through information obtained over the course of 2013.

The report is based on collaborative research and in-depth analysis of over 200,000 hours of monitored network traffic, from more than 9,000 threat prevention gateways, across organisations in 122 countries.

Key findings include:

1. Malware activity increased in speed and quantity: Overall malware activity grew dramatically year over year. The research found malicious software within 84% of the organisations under analysis; this malware was downloaded at an average rate of one every 10 minutes. In fact, 14% of organisations experienced a user downloading malware every two hours or less in 2012. This year, that number increased by over threefold to 58% of organisations.

2. "Unknown" malware ruled the threat-scape: Smarter, sophisticated, and more resilient malware emerged in 2013. Check Point's Threat Emulation sensors revealed that 33% of organisations downloaded at least one infected file with unknown malware for the period between June and December 2013. Of those infected files, 35% were PDFs. New obfuscation tools called "crypters" enabled malware writers to bypass detection by anti-malware software.

3. The bot infestation: Bot infections continued in prevalence, with a host infected by a bot every 24 hours. In 2013, at least one bot was detected in 73% of surveyed organisations, an increase from 63% in 2012. Organisations also struggled with containing bots. Check Point found that 77% of bots were active for more than four weeks. Bots also communicated with their Command and Control (C&C) every three minutes.

4. Risky applications resulted in risky business: Use of high-risk applications continued to be on the rise in 2013, with torrents, anonymisers, peer-to-peer (P2P) file-sharing applications being used every nine minutes on an average day. P2P file sharing usage increased from 61% of organisations in 2012 to 75% in 2013. Additionally, 56% of organisations ran anonymiser proxy applications in 2013, up from 43% in 2012.

5. Taking the "confident" out of confidential: Data loss was top of mind in 2013, with recent breaches and mass theft targeting consumer data at well-known brands like Target, Neiman Marcus and Michaels. Check Point research found that 88% of the organisations analysed experienced at least one potential data-loss event, growing from the 54% observed in 2012. In fact, in 33% of the financial institutions surveyed by Check Point, credit card information was sent outside of the organisations, while 25% of health care and insurance institutions researched sent HIPAA-protected information outside of their walls.
   

"Our 2014 Security Report provides a bird's-eye view into the degree of infiltration and sophistication of new threats. We found that organisations are often surprised by the severity of bot infections and the various threats that lurk on their networks," said Amnon Bar-Lev, president of Check Point Software Technologies. "It is clear that customers need an architectural approach to deal with these issues. Customers can rely on our revolutionary security architecture Software-defined Protection (SDP) to prevent the spread of attacks, and protect in real time against new and existing threats."

For a full copy, go to www.checkpoint.com/securityreport