A strike by a piece of new and unknown malware took place every 27 minutes in 2013, analysis of security events around the world has revealed.
A third of the 10,000+ organisations surveyed downloaded at least one infected file with unknown malware between June and December 2013, according to the latest annual threat report by security firm Check Point.
Of these infected file types, 35% were PDFs, said the report, which is based on data on hundreds of millions of security events gathered from the firm’s global network of threat sensors.
The data reveals that new tools called ‘crypters’ are enabling malware writers to bypass detection by anti-malware software.
According to the report, malicious software was downloaded every ten minutes in 84% of the organisations under analysis.
For 58% of the organisations, users downloaded malware every two hours or less in 2013, compared with just 14% the year before.
The report said bot infections continued to grow, with a host infected by a bot every 24 hours and at least one bot detected in 73% of organisations, up from 63% in 2012.
More on unknown malware
- Antivirus systems fail to detect unknown viruses, study shows
- Microsoft, Adobe address zero-day exploits that bypass ASLR
- Microsoft warns of new zero-day Internet Explorer flaw
- New Cisco managed security services detects hackers, zero-day threats
- Businesses ignore unknown threats despite cost, study shows
- New approach blocks all zero-day malware, says Trusteer
Organisations also struggled to contain bots, 77% of which were active for more than four weeks. On average, bots communicated with their command & control server every three minutes.
Check Point found that 88% of organisations had experienced at least one potential data loss event, up from 54% in 2012.
The study revealed that in a third of financial institutions surveyed, credit card information was sent outside of the organisation.
The use of high-risk applications continued to be on the rise in 2013, with torrents, anonymisers, peer-to-peer (P2P) file-sharing applications being used every nine minutes on an average day.
P2P file sharing usage increased to 75% in 2013 from 61% of firms in 2012, and 56% of firms ran anonymiser proxy applications in 2013, up from 43% in 2012.
“Our 2014 security report peeled back more layers to reveal the infiltration and sophistication of malware in 2013,” said Amnon Bar-Lev, president of Check Point Software Technologies.
“We found organisations at more risk with both the new threats of today, as well as the old threats identified in last year’s report,” he said.
According to Bar-Lev, organisations need more understanding of, and protections for the threats that endanger their networks, with security based on real-time threat intelligence.
The data shows that on an average day in an average enterprise business:
- Every 3 minutes, a bot infection on a company network communicates with its C&C server
- Every 10 minutes, a known malware variant is being downloaded to company networks
- Every 27 minutes, a new, unknown malware variant is being downloaded to company networks
- Every 49 minutes, sensitive data is sent outside organisations
- Every 24 hours, company networks are infected with a new bot