Bot Born Every 24 Hours

Nearly 85 percent of enterprises are harboring malware, and a new bot emerges each day, new Check Point report says.

Dark Reading Staff, Dark Reading

May 9, 2014

3 Min Read
Dark Reading logo in a gray background | Dark Reading

Nearly three-fourths of enterprises have at least one bot-infected endpoint living in their corporate networks, and every three minutes a bot communicates with its command and control server.

New data from Check Point Software Technologies highlights the botnet and malware infestation within the enterprise, with 84 percent of organizations found infected with malware, and 2.2 pieces of unknown malware hitting them once every hour. Less than 10 percent of antivirus products had detected unknown malware, and the number of organizations found with bots jumped from 63 percent in 2012 to 73 percent in 2013.

An enterprise computer is infected with bot malware every 24 hours, according to the report.

"The prevalence of bot infections within enterprises is staggering," says Kellman Meghu, head of security engineering at Check Point. "Check Point also found that 77 percent of bots were active within enterprises for more than four weeks. With all of this in mind, it is important for organizations to deploy threat prevention technologies to identify and contain the spread of malware, as well as even prevent initial infection."

Meanwhile, some 88 percent of organizations suffered a data loss incident at least once last year, versus 54 percent in 2012. Around one-third of financial institutions had credit card information leaked, and one-fourth of healthcare and insurance companies leaked HIPAA-protected information, according to the Check Point "2014 Security Report," based on analysis of network event data gathered from 10,000 organizations worldwide.

CheckPoint also boiled down some of its data into some telling stats about security woes in the enterprise:

  • Every 49 minutes, sensitive data is sent outside an organization

  • Every minute, a host visits a malicious website

  • Every nine minutes, a high-risk application is being used (think BitTorrent)

  • Every 27 minutes, unknown malware is downloaded

In nearly 60 percent of organizations, an end-user downloads malware every two hours or less. That's a major jump from 2012, when it was 14 percent. And some 33 percent of organizations have downloaded at least one file with unknown malware, 35 percent of which were PDF files. EXE (33 percent) and archive (27 percent) also were the top formats for unknown malware.

Risky applications are on the rise in enterprises, too. Some 63 percent say they found BitTorrent use among users, versus 40 percent  in 2012.

Regular patching of endpoints is still not practiced in some organizations, either: 14 percent of enterprise endpoints were not running the most recent Windows service packs, and 33 percent of endpoints were running out-of-date versions of Adobe Reader, Flash Player, Java, and Internet Explorer.

Adding to the vulnerability of endpoints: Some organizations aren't using built-in security features or best-practices. "Clients are often left vulner­able by important protection capabilities that have been disabled," the report says. "For example, almost one quarter (23 per­cent) of enterprise endpoints analyzed by Check Point did not have a desktop firewall enabled, and more than half (53 percent) had enabled Bluetooth, expos­ing them to wireless attacks in public spaces."

The full report is available here for download.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights