Content

Malicious websites visited every five seconds by enterprise workers, report

A user at an enterprise organization accesses a malicious website every five seconds, according to research published by CheckPoint Software Technologies.

The 2016 Security Report highlights the difficulties security pros at enterprise organizations encounter as they attempt to strengthen vulnerable systems. The researchers used data from 1,100 ‘security checkups,' which were connected to 31,000 different security gateways, Check Point vice president of product management Gabi Reish told SCMagazine.com.

Malware was downloaded every 81 seconds by the average enterprise organization in 2015, compared to every 6 minutes in 2014.

The report set off a debate among security researchers over the classification of known and unknown malware. Core Security threat researcher Nick Buchholz noted that new variants of malware are created rapidly, but wrote in an email to SCMagazine.com that these “are largely variants of existing malware” that employ minor code, command and control server, or crypting changes.

Other security pros have noted a similar pattern. Jeff Harris, vice president of security solutions at Ixia, told SCMagazine.com that while the number of unknown malware was growing “exponentially for many years, it is still growing, but now incrementally” because malware developers are using old malware with minor updates.

“I would consider that known malware, although some would call it unknown,” Ixia CMO Marie Hattar told SCMagazine.com, referring to the slight variants to familiar strains of malware.

The complex risks have prompted a growing number of enterprise organizations to employ multiple layers of security technologies that function in alignment and provide a consolidated view, Reish told SCMagazine.com. “They are in a better position to mitigate these threats and respond faster,” he said.

Enterprises are lately scrambling to secure flawed systems after vulnerabilities affecting firewalls were leaked the Shadow Brokers group last month.

High-risk applications such as VPNs, BitTorrent, and Anonymizers are used every four minutes by the average enterprise organization, Reish told SCMagazine.com, and the study found that 50 percent of enterprises do not restrict access to these high-risk applications.

The report underscored the need for information security training, noting that sensitive data is sent outside of the organization every 32 minutes at the average enterprise organization.

Other security pros noted the ongoing success of malicious e-mail. Spam e-mail is “a prime vector for attackers because it takes little effort to craft a payload that can bypass spam filters” and entice victims, Buchholz said.

Invincea CEO Anup Ghosh said spear phishing attacks continue to be a successful attack vector for malware distribution. Spear phishing “always works,” he told SCMagazine.com. “That's why they keep using it.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.