Calgary, Alta.-based Check Point Software Technologies Ltd. has uncovered major security risks in so called Web 2.0 applications.
In Check Point’s new report, the company found risky web applications that compromise network security, and loss of data caused by employees unintentionally.
According to Check Point, as the arms race between attackers and IT professionals unfolded in 2012, it has become clear that many of the most serious threats stayed hidden from network administrators. These threats come from ever-changing techniques deployed by criminal hackers in addition to risky online activities by employees, which unintentionally create vulnerabilities on the corporate network. In order to develop a strong security blueprint, organizations must first be aware of and fully understand the activities occurring on their networks.
Based on research of nearly 900 companies, the Check Point 2013 Security Report shed light on what is hiding on corporate networks, and the major security risks organizations are exposed to on a daily basis:
The research revealed that 63 per cent of organizations were infected with bots, and more than half were infected with new malware at least once a day. The report reveals a list of top threats, including the most infamous botnets, top malware location by country, top vendor vulnerabilities and exposures, and SQL injection events by source country, among other surprising findings.
The surge in web 2.0 applications has given criminal hackers unprecedented options to penetrate corporate networks. The research found 91 per cent of organizations used applications with potential security risks. These risky web applications are brought to light in the report, including frequency and usage of anonymizers, P2P applications, file storage and sharing applications, and top social networks – all of which can potentially open a backdoor to enterprise networks.
Corporate information is more accessible and transferable today, the company said, leading to higher risk of data loss or leakage. More than half of the organizations studied had at least one potential data loss incident. The report exposes the different types of sensitive data leaked and lost, including PCI related information as well as HIPAA–protected health information. It also sheds light on the industries with the highest tendency toward data loss.
Paul Comessotti, Canadian Regional Director, Check Point Software Technologies, said the research uncovered many alarming vulnerabilities and security threats on networks that most organizations were not aware of. With clearer visibility, IT professionals can now better define a security blueprint to protect their organizations from the constant stream of evolving security threats, ranging from botnets, to employees using risky web applications like anonymizers, to data loss.