Enterprises face an increasingly uphill struggle keeping their networks free of malware and cyber attacks designed to steal data, according to a state of the market survey from Palo Alto Networks.
In the EMEA region, while common applications such as IM, email and social media and video account for nearly one third of applications on networks, they only represent five percent of threat activity.
The survey revealed that social media is being used with more regularity as a door for entering networks because social media users tend to have a misplaced sense of trust about social networking, with many not realising that it can be used by hackers as a means to discreetly gain access to enterprise networks and then steal data.
The survey also revealed that while SSL offers robust encryption and is good at protecting privacy it can also be used by hackers to hide their attacks along with the use of other protocols such as FTP, RDP and NetBios.
The survey points out that with 30% of all applications running over networks use SSL, organisations have no way of ensuring that encrypted traffic is actually free of malicious activity.
This was recently exposed with the discovery of the Heartbleed bug. If network administrators don’t know how many applications running on their networks are using SSL, they don’t know how many are using OpenSSL which could expose them to Heartbleed.
“Our research shows an inextricable link between commonly-used enterprise applications and cyber threats. Most significant network breaches start with an application such as e-mail delivering an exploit. Then, once on the network, attackers use other applications or services to continue their malicious activity – in essence, hiding in plain sight. Knowing how cyber criminals exploit applications will help enterprises make more informed decisions when it comes to protecting their organizations from attacks," said Matt Keil, senior research analyst, Palo Alto Networks.