Security sweep firm links botnet infestation and file sharing
Public sector apparently suffers most from idle P2Pers
Updated There’s high degree of correlation between organisations with P2P activity and system compromises via malware infections, according to a new study by BitSight Technologies.
Correlation is, of course, different from causation. However, the booby-trapping of Torrents to tricks freetards into sucking down on malicious code is a well-known tactic, so it’s possible that BitSight might be onto something beyond saying that firms with lax security controls in general get infected more often.
BitSight provides security sweeps of corporate networks – or, as its marketing blurb would have it, helps clients to “manage cyber risk by continuously monitoring the infosec of their business ecosystem”, a service that includes a recently introduced file-sharing monitoring component. Its study examines the P2P file sharing activity of about 30,700 companies.
The tech firm’s key findings were that 43 per cent of application files and 39 per cent of games contained malicious software (figures that seem high, to El Reg’s security desk, at least). Grand Theft Auto V and Adobe Photoshop lead the list of top torrented games and applications, respectively.
BitSight's representatives were keen to stress the obvious point (to Reg readers, at least) that peer-to-peer file sharing and downloading illegal content didn’t end in the Napster era. The firm reckon its work provides evidence of a correlation between botnet activity and file sharing activity.
In addition, BitSight’s study suggested government, education and utilities organisations have a larger BitTorrent problem than other sectors of the economy.
More details on the research into what BitSight describes as the “Peer to Peer Peril” can be found in a blog post here. ®
Since the publication of this story, a representative from BitTorrent contacted The Reg to defend the technology against BitSight's criticism. The rep said:
BitTorrent is not introducing malware or botnets into corporate environments nor inducing employees to download malware or botnets. It is also disingenuous to assert that BitTorrent only exists to be exploited for copyright infringement.
BitTorrent is of course an Internet protocol, an HTTP replacement, a better way for file transfer. It is the most efficient way to do the heavy lifting. As such is used by just about every core platform on the Internet. This includes companies such as Facebook, Twitter, and Wikipedia for server updates; the BBC, Amazon, and Blizzard Entertainment for moving content; scientists working on the Large Hadron Collider, the Human Genome Project, and Cancer research for moving massive data sets.