Malicious Web access skyrockets
Hackers have stepped up their game so as to infiltrate organisations, mainly for financial gain.
So said Doros Hadjizenonos, sales manager for SA at security solutions provider Check Point Technologies, presenting the findings of the Check Point Security Report 2014 to ITWeb.
The report notes that in an average enterprise organisation, a host accesses a malicious Web site every minute, adding that once every three minutes, a bot is communicating with its command and control centre; and every nine minutes, a high risk application is being used.
According to the report, a known malware is downloaded once every 10 minutes; while every 27 minutes, an unknown malware is downloaded; every 49 minutes, sensitive data is sent outside an organisation; and a host is infected with a bot every 24 hours.
Hadjizenonos said, based on these findings, the fight against cyber crime will be lost unless organisations put in place adequate defence mechanisms as well as promote awareness among the end-users.
Traditional security technologies such as anti-virus and intrusion prevention systems are the most effective in detecting attempts to exploit known software and configuration vulnerabilities; however, with unknown malware, these solutions can fall short, he noted.
He added that hackers understand this and have the luxury of testing their new malware and exploits against these technologies to check whether they are detected.
"The arms race between security vendors and hackers leads to a fast-paced evolution in the techniques used by hackers, who are continuously trying to use both unknown vulnerabilities - zero-day exploits - and unknown infection methods in order to circumvent security defences," Hadjizenonos said.
With the increased infiltration rates, Check Point says there was also a notable increase in bot infections and activity in 2013.
It adds that bot communications with command and control servers increased dramatically in frequency in 2013 with 47% of the organisations detecting such communication attempts at a rate of one per hour, an 88% increase over 2012.
Hadjizenonos explained that each of these communication attempts is an occasion for the bot to receive instructions and potentially exfiltrate sensitive data outside the affected organisation.
To mitigate the risk, he said, organisation must be able to detect and block malware as well as attempts to connect sites that are known malware distributors. In addition to detecting malware, organisation must make use of security solutions with the intelligence to mitigate botnet communications.
According to the report, application control also represents an internal challenge that complements and compounds external challenges posed by cyber attacks. Applications are essential to productivity and routine operation of every organisation but they also create degrees of vulnerability, said Hadjizenonos.
The report reveals that 86% of organisations have at least one high-risk application and these include peer-to-peer file sharing applications as well as anonymisers, which provide users with a means to surf the Internet and view Web sites while preserving their anonymity.
Hadjizenonos urged organisations to put in place control measures and promote awareness among users about the risks posed by these apps.