Over half of botnet control centres in the US, says Check Point

News

Over half of botnet control centres in the US, says Check Point

Warwick Ashford

The command and control centres (C&C) for more than half of the world’s botnets are in the US, not China, says security firm CheckPoint.

A recent report by US cyber security firm Mandiant said a Chinese military base in Shanghai is one of the world's "most prolific cyber espionage groups," yet only 4% of botnets are controlled from China.

Conversely, 58% of botnets that have hijacked computers in 63% of organisations worldwide have their C&C centres in the US, according to latest enterprise security report from CheckPoint.

The report highlights that 53% of those hijacked computers were infected with new malware at least once a day as a result of existing infections on their networks.

Some 70% of the bots detected in 2012, across more than 800 companies worldwide, communicated with their external C&C centre at least every two hours. 

It also highlighted that 75% of organisations are not using the latest software versions in popular software such as Adobe Acrobat Reader, Adobe Flash Player, Microsoft Internet Explorer and Java.

This exposes enterprises to unnecessary risk as the software they are using does not include  the latest security protections.  

Also, 44% were not using the latest Microsoft Windows Service Packs, which include the latest Microsoft security updates. 

According to the report, 91% of organisations used applications with potential security risks, giving hackers an unprecedented range of options for penetrating corporate networks.

Some 61% of organisations were found to be using P2P file-sharing, 43% using anonymiser applications, and 69% of organisations were found to be using Dropbox for cloud storage.

In the majority of cases, the report said this usage conflicted with the organisation’s web usage and security policies, and could potentially open a backdoor to networks. 

The report said 54% of organisations had at least one potential data loss incident as a result of emails being sent in error to an external recipient, or information being incorrectly posted online. 

Credit card information was the most common type of sensitive information sent outside organisations (29%), and public sector bodies and financial companies were the most likely to do this.

“Our research uncovered many alarming vulnerabilities and security threats on networks that most organisations were not aware of,” said Amnon Bar-Lev, president of CheckPoint.

“With clearer visibility of these, IT professionals can now better define a security blueprint to protect their organisations from the constant stream of evolving security threats, ranging from botnets, to employees using risky web applications like anonymisers, to data loss,” he said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy