Feeds

Pah! Social, file-sharing apps are SAFE compared to biz apps

Malware threats not where corporates think they are

Build a business case: developing custom apps

Threats from social networking, video and filesharing pale in comparison to malicious content in business critical apps, according to a survey by network security firm Palo Alto Networks.

While 339 social networking, video, and file-sharing applications represent 20 per cent of network bandwidth use, they account for less than 1 per cent of threat logs.

Contrary to popular belief, exploits continue to target enterprises via commonly used business applications. Of the 1,395 applications studied, 10 were responsible for 97 per cent of all exploit logs observed and nine of them are business critical applications.

The top 10 applications by threat are: MS SQL; MS RPC; Web Browsing; Server Message Block; MS SQL Monitor; MS Office Communicator; SIP; Active Directory; Remote Procedure Call; and DNS.

The study, based on an analysis of network traffic of more than 3,000 organisations between May and December 2012, involved making sense of 12.6 petabytes of data, 5,307 unique threats and 264 million threat logs. Malware often hides inside custom applications, traffic analysis by Palo Alto suggests. Custom or unknown applications are the leading type of traffic associated with malware communications, accounting for 55 per cent of malware logs, but only consuming less than 2 per cent of network bandwidth.

SSL is used as both a security mechanism and a masking agent, with 356 applications that appeared in the study using SSL in one way or another. SSL by itself represented 5 per cent of all bandwidth and the sixth highest volume of malware logs. HTTP proxy, used both as a security component and to evade controls, exhibited the seventh highest volume of malware logs.

"The volume of exploits targeting business critical applications was stunning and serves as a data centre security wake-up call,” said Matt Keil, senior research analyst at Palo Alto Networks and author of the report. "These threats will continue to afflict organisations until they isolate and protect their business applications by bringing threat prevention deeper into the network.”

Correlating threats with specific applications allows security teams to get a better handle on risks in their networks, allowing them to adopt smarter security controls and procedures.

The latest Palo Alto Application Usage and Threat Report, the first version to correlate data on application usage and threat activity, can be downloaded here (registration required). A blog post summarising the main findings is here.

Data from the report can be explored using an interactive data visualisation tool, available here. ®

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Plug and PREY: Hackers reprogram USB drives to silently infect PCs
BadUSB instructs gadget chips to inject key-presses, redirect net traffic and more
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?