A strike by a piece of new and unknown malware took place every 27 minutes in 2013, analysis of security events around the world has revealed.
A third of the 10,000+ organisations surveyed downloaded at least one infected file with unknown malware between June and December 2013, according to the latest annual threat report by security firm Check Point.
Of these infected file types, 35% were PDFs, said the report, which is based on data on hundreds of millions of security events gathered from the firm’s global network of threat sensors.
The data reveals that new tools called ‘crypters’ are enabling malware writers to bypass detection by anti-malware software.
According to the report, malicious software was downloaded every ten minutes in 84% of the organisations under analysis.
For 58% of the organisations, users downloaded malware every two hours or less in 2013, compared with just 14% the year before.
The report said bot infections continued to grow, with a host infected by a bot every 24 hours and at least one bot detected in 73% of organisations, up from 63% in 2012.
Organisations also struggled to contain bots, 77% of which were active for more than four weeks. On average, bots communicated with their command & control server every three minutes.
Check Point found that 88% of organisations had experienced at least one potential data loss event, up from 54% in 2012.
The study revealed that in a third of financial institutions surveyed, credit card information was sent outside of the organisation.
The use of high-risk applications continued to be on the rise in 2013, with torrents, anonymisers, peer-to-peer (P2P) file-sharing applications being used every nine minutes on an average day.
P2P file sharing usage increased to 75% in 2013 from 61% of firms in 2012, and 56% of firms ran anonymiser proxy applications in 2013, up from 43% in 2012.
“Our 2014 security report peeled back more layers to reveal the infiltration and sophistication of malware in 2013,” said Amnon Bar-Lev, president of Check Point Software Technologies.
“We found organisations at more risk with both the new threats of today, as well as the old threats identified in last year’s report,” he said.
According to Bar-Lev, organisations need more understanding of, and protections for the threats that endanger their networks, with security based on real-time threat intelligence.
The data shows that on an average day in an average enterprise business:
Every 3 minutes, a bot infection on a company network communicates with its C&C server
Every 10 minutes, a known malware variant is being downloaded to company networks
Every 27 minutes, a new, unknown malware variant is being downloaded to company networks
Every 49 minutes, sensitive data is sent outside organisations
Every 24 hours, company networks are infected with a new bot
Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Related content from ComputerWeekly.com
RELATED CONTENT FROM THE TECHTARGET NETWORK