Story image

Employees download new malware every four seconds, says Check Point

21 Sep 16

New research from Check Point has revealed that among other things,  employees download new malware every four seconds.

This finding comes after the company’s release of two research projects titled the Check Point 2016 Security Report and Exploits at the Endpoint: SANS 2016 Threat Landscape Study.

This research reveals critical challenges and key recommendations for IT leaders, as businesses continue to build-up protections against evolving cyber threats.

Check Point researchers analysed the activity of more than 31,000 Check Point gateways worldwide, which the company says revealed details on what enterprises are encountering in known and unknown malware, attack trends, and the impact of more mobile devices in the enterprise.

Researchers were also able to measure the impact successful breaches have had on organisations, and the added expenses that go beyond remediation costs.

Amnon Bar-Lev, president of Check Point, says that with billions of new connections formed every minute, the world is more globally linked than ever.

“Innovations like cloud, mobility and IoT are changing the way we deploy, the way we consume, and the way we secure technology,” he says.

“More and more malware is being put into our ecosystem that traditional security techniques are powerless to prevent,” explains Bar-Lev.  

“Given this, staying a leader requires being one step ahead of things you cannot see, know or control – and preventing attacks before they happen.”

According to Check Point, both reports present a comprehensive view of the entire threat landscape - from the network to the endpoint - offering key findings that include:

  • Unknown malware continues its exponential and evolutionary growth. Researchers found a 9x increase in the amount of unknown malware plaguing businesses. This was fuelled by the employees, who downloaded a new unknown malware every four seconds. In total, there were nearly 12 million new malware variants discovered every month, with more new malware discovered in the past two years than the previous decade.
  • Security is lagging behind the speedy, on-the-go mobile device. With smartphones and tablets accounting for 60 percent of digital media time spent, businesses’ mobile devices present both an access curse and a business productivity blessing. While employees do not want to be the cause of a company network breach, 1-in-5 will cause one through either mobile malware or malicious Wi-Fi.
  • Endpoints represent the starting points for most threats. Among the businesses surveyed, endpoints were the most common cause of breaches and the most critical component in cyber defences, with attackers leveraging email in 75 percent of cases. Also, 39 percent of endpoint attacks bypassed the network gateway firewalls, and routine operations uncovered 85 percent of threats after they had already gotten inside the enterprise.

Both reports conclude that in order for organisations to be fully prepared, they need to have a best-of-breed architecture. 

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.