IT Security
A Host of IT Security Challenges
Every minute a host accesses a malicious Website, and every 24 hours a host is infected by a bot. What’s more, 33% of hosts are not running the latest software versions.
Battling the Bots
73% of organizations are infected by at least one bot; 49% have seven or more infected hosts. Sites infected by more than 22 infected hosts increased 200%. Every three minutes, a bot communicates with its command-and-control center.
Length of Botnet Activity
On average, 77% of bots are active for more than four weeks.
Malware Infestation
There was a 144% increase in new types of malware from 2012 to 2013. Every 10 minutes an unknown piece of malware is being downloaded. On average, 2.2 pieces of malware hit an organization per hour.
The Trouble With Files
33% of organizations have downloaded at least one file infected with unknown malware, of which 35% of those files are PDFs. 58% of organizations download a file loaded with malware every two hours or less.
Email as a Malware Distribution Mechanism
Analysis of detections in 2013 showed that the majority of unknown malware was targeted at customers via email, most often embedded in attachments.
Antivirus Software
Less than 10% of antivirus software engines can detect unknown malware, and 18% of hosts studied did not have the latest signatures for antivirus solutions.
Risky Behavior
Every nine minutes, a high-risk application is being used, and every 49 minutes, sensitive data is being sent outside the organization. 63% of organizations, for example, have BitTorrent on their networks and 85% have Dropbox.
Vulnerabilities Decline
Databases show a decrease in the number of reported vulnerabilities to 5,191 for the year, a modest 2% year-over-year change from 2012, including a 9% drop in the number of “critical” vulnerabilities reported.
Top Sources of IT Security Vulnerabilities
Oracle led all vendors in disclosures, with 496; followed by Cisco, with 433; IBM, with 394; and Microsoft, with 345.
Endpoint Challenge
14% of the endpoints analyzed did not have the latest Microsoft Windows service packs; 33% of all enterprise endpoints did not have the current versions for client software.
Endpoint Vulnerabilities
Of the enterprise endpoints analyzed, a full 38% were configured with local administrator permissions, enabling malware to run in the system (root) context when it executes.
Servers Are the Primary Target
Despite endpoint weaknesses, servers were still the primary target by a margin of 2:1.
Top Attack Vectors
Code execution tops the list, at 51%; followed by memory corruption, at 47%; and buffer overflow, at 36%.
Attacks Grow in Sophistication
Attackers were employing automated mechanisms for creating evasive, unknown malware on a large scale and now target organizations through global coordinated campaigns.
Data Loss Still Rampant
88% of organizations experienced at least one potential data loss incident.