As the arms race between attackers and IT professionals unfolded in 2012, it has become clear that many of the most serious threats stayed hidden from network administrators.
These threats come from ever-changing techniques deployed by criminal hackers in addition to risky online activities by employees, which unintentionally create vulnerabilities on the corporate network. In order to develop a strong security blueprint, organisations must first be aware of and fully understand the activities occurring on their networks.
Based on research of nearly 900 companies, the Check Point 2013 Security Report sheds light on what is hiding on corporate networks, and the major security risks organisations are exposed to on a daily basis:
* Hidden security threats – from crime-ware to hacktivism, cyber-attacks will continue to evolve this year, impacting organisations of all sizes.
The research revealed that 63% of organisations were infected with bots, and more than half were infected with new malware at least once a day. The report reveals a list of top threats, including the most infamous botnets, top malware location by country, top vendor vulnerabilities and exposures, and SQL injection events by source country, among other surprising findings.
* Risky Web 2.0 applications – the surge in Web 2.0 applications has given criminal hackers unprecedented options to penetrate corporate networks. The research found 91% of organisations used applications with potential security risks.
These risky Web applications are brought to light in the report, including frequency and usage of anonymisers, P2P applications, file storage and sharing applications, and top social networks – all of which can potentially open a backdoor to enterprise networks.
* Data loss incidents – corporate information is more accessible and transferable today than ever before, leading to higher risk of data loss or leakage.
More than half of the organisations studied had at least one potential data loss incident. The report exposes the different types of sensitive data leaked and lost, including PCI related information as well as HIPAA–protected health information. It also sheds light on the industries with the highest tendency toward data loss.
“Our research uncovered many alarming vulnerabilities and security threats on networks that most organisations were not aware of,” says Amnon Bar-Lev, president of Check Point Software Technologies.
“With clearer visibility, IT professionals can now better define a security blueprint to protect their organisations from the constant stream of evolving security threats, ranging from botnets, to employees using risky Web applications like anonymisers, to data loss.”