GajShield Security Times - New Research Reveals 43 Percent of Bittorrent Applications on Corporate Network Contain Malicious Software

The report uncovered that 43 percent of applications and 39 percent of games contained malicious software that could infect corporate and vendor networks – highlighting that P2P file sharing can pose a major security threat to organizations and their vendors.

While the sharing and downloading of copyrighted or pirated content and applications over peer-to-peer typically violates most corporate policies, the behavior continues to occur at a high rate. Movies and games often come to mind when organizations think about P2P file sharing; however, the majority of infected applications that was uncovered were either Adobe Photoshop, Microsoft Office or various versions of the Microsoft Windows operating system.

Key Findings

  • 23 percent of organizations analyzed have evidence of some P2P file sharing activity on their networks.

  • 43 percent of torrented application files and 39 percent of torrented games contained malicious software.

  • Adobe Photoshop and Grand Theft Auto V are the top torrented applications and games respectively.

  • Industries such as Government, Education, and Energy/Utilities are poor performers; more than a quarter of companies in these industries have observed BitTorrent file sharing activity in the last six months.

  • Companies with more file sharing activity were likely to have more compromised machines due to botnet infections.

Many employees use the Bittorrent network to download and share copyrighted materials. The presence of such materials on workstations and computers can lead to potential liabilities and embarrasements for coporate organisations as well as fines levied too. Enterprises should ensure that these applications and sites are blocked at their firewall to secure their network.

Phishing Emails Targeting Chinese Users

Chinese people are increasingly getting online and adopting mobile services. 2014 was a pivotal year, with the massive adoption of mobile services by over 560 million users. It is anticipated that more than half of the entire population of China will have a smartphone by 2018 as the number edges past 700 million.

Additionally, China is one of the most developed markets in e-commerce and with mobile commerce via WeChat, the dominance of Alipay and a strong online shopping behavior is arguably more developed than Western markets.

Chinese users are therefore a very attractive target for phishing attacks: These attacks trick unsuspecting users into giving away their username and password for leading Chinese e-commerce brands and banks.

Find out more; check out this new blog article: Phishing Emails Targeting Chinese Users

Q3 INTERNET THREATS TREND REPORT SUMMARY

In the third quarter of 2014, attention was focused on celebrity account hacking and corporate data breaches. By the end of the quarter, cybersecurity professionals had received yet another agonizing reminder that no system is perfect with the announcement of the Shellshock bug affecting the BASH shell. Cybercriminals also used global tragedies, such as Ebola and airline disasters, to further enhance their phishing, spam, and malware distribution efforts.

The High-profile Data Breach Quarter

From celebrity Apple iCloud accounts to Home Depot and the possibility of a Backoff-type virus attack on their point-of-sale systems (POS), virtually no one went unscathed as a result of this wide-spread and high-profile hacking. Consumers found that cybercriminals once again had access to their credit card numbers, celebrities learned that personal and private information had been shared worldwide via the Internet, and corporate CEOs began to count individual data breach losses in the hundreds of millions of dollars.

Bugs and Malware Left Unchecked

The announcement of the discovery of a major flaw in the BASH shell left computer programming and cybersecurity professionals reeling. Having gone unnoticed for over 20 years, the Shellshock bug leaves hundreds of millions of devices, including servers and computers, vulnerable to major attack. As consumers learned that once again their personal credit and banking information had been stolen from a major corporate retailer, news reports began to circulate that Home Depot had a long history of failing to update security systems and fully fund cybersecurity staff. Coincidentally (or not) a few weeks prior to the Home Depot announcement, the U.S. federal government released a warning about the Backoff malware indicating that it was the focus of several POS data breach investigations. It seems that while all top antivirus providers had updated their antivirus services to protect from Backoff, retailers had not been updating their systems.

 

Page 2 of 4