Check Point research reveals massive increase in new and unknown malware on enterprise networks


Check Point® Software Technologies Ltd, the worldwide leader in securing the Internet, has issued its 2014 Security Report, the company’s second annual report uncovering the major threat trends that impacted organisations across the world.

For a full copy of this year’s Security Report, visit:

In a world of ever-changing cyber threats, organisations must understand the nature of the latest exploits, and how their networks are potentially impacted. Enterprises need to arm themselves with both cyber threat awareness and the appropriate security architecture to address these evolving challenges. The 2014 Security Report reveals the prevalence and growth of threats on enterprise networks, through information obtained over the course of 2013. This report is based on collaborative research and in-depth analysis of over 200,000 hours of monitored network traffic, from more than 9,000 Threat Prevention gateways, across organisations in 122 countries.

Key findings include:

Malware activity increased in speed and quantity

Overall malware activity grew dramatically year-over-year. Our research found malicious software within 84% of the organisations under analysis; this malware was downloaded at an average rate of one every ten minutes. In fact, 14% of organisations experienced a user downloading malware every two hours or less in 2012. This year, that number increased by over three-fold to 58% of organisations.

“Unknown” malware ruled the threat-scape

Smarter, sophisticated, and more resilient malware emerged in 2013. Check Point’s Threat Emulation sensors revealed that 33% of organisations downloaded at least one infected file with unknown malware for the period between June and December 2013. Of those infected files, 35% were PDFs. New obfuscation tools called “crypters” enabled malware writers to bypass detection by anti-malware software.

The bot infestation

Bot infections continued in prevalence, with a host infected by a bot every 24 hours. In 2013, at least one bot was detected in 73% of our surveyed organisations, an increase from 63% in 2012. Organisations also struggled with containing bots. Check Point found that 77% of bots were active for more than four weeks. Bots also communicated with their Command and Control (C&C) every three minutes.

Risky applications resulted in risky business

Use of high-risk applications continued to be on the rise in 2013, with torrents, anonymisers, peer-to-peer (P2P) file sharing applications being used every nine minutes on an average day. P2P file sharing usage increased from 61% of organisations in 2012 to 75% in 2013. Additionally, 56% of organisations ran anonymiser proxy applications in 2013, up from 43% in 2012.

Taking the “confident” out of confidential

Data loss was top-of-mind in 2013, with recent breaches and mass theft targeting consumer data at well-known brands like Target, Neiman Marcus and Michaels. Check Point research found that 88% of the organisations analysed experienced at least one potential data loss event, growing from the 54% observed in 2012. In fact, in 33% of the financial institutions surveyed by Check Point, credit card information was sent outside of the organisations, while 25% of health care and insurance institutions researched sent HIPAA-protected information outside of their walls.

“Our 2014 Security Report provides a bird’s eye view into the degree of infiltration and sophistication of new threats. We found that organisations are often surprised by the severity of bot infections and the various threats that lurk on their networks,” said Kurt Hansen, managing director at Check Point Software Technologies Australia and New Zealand. “It is clear that customers need an architectural approach to deal with these issues. Customers can rely on our revolutionary security architecture Software-defined Protection (SDP) to prevent the spread of attacks, and protect in real-time against new and existing threats.”



Comments are closed.