Even if 97% of companies take security measures, they are being invaded by malware

By tin

Security company "FireEye"When"Mandiant"Conducted a survey on network security for six months, while many companies that gathered data for investigation were taking security measures with defense-in-depth protection, about 97% of the total were malware and other It has become clear that it has been invaded.

Fireeye-real-world-assessment.pdf
http://www2.fireeye.com/rs/fireye/images/fireeye-real-world-assessment.pdf

Study: 97% of companies using network defenses get hacked anyway | Ars Technica
http://arstechnica.com/security/2014/05/study-97-of-companies-using-network-defenses-get-hacked-anyway/

From October 2013 to March 2014, FireEye installed 1614 monitoring devices on the worldwide network to collect real-time data from the network and e-mail. We investigated the current status of network security.


According to the survey,C & C serverTraffic from the central server (the central server that serves as the commander to control malware) occupies three quarters of the data collection system, and about 35,000 or more C & C servers in the middle of performing unauthorized access Also found. Also, in the network of higher education institutions (school-related), the amount of traffic by the botnet reached the maximum.

Many companies take security measures by "defense-in-depth" that combines firewalls, intrusion detection (IDS), intrusion prevention (IPS) systems, anti-virus software and the like, but both of which securely prevent intrusion of malware It turned out that it was not. The FireEye device detected the download of 208,000 malware from the network he was monitoring and found 124 thousand different malware variants.


Even after security breach, 1.6 security breaches have been attempted every week on average, and a quarter of organizationsAPTI found that I was experiencing attacks. The purpose of the attack ranges from short-term cyber spy to long-term network destruction activity.


FireEye anticipates that these cyber attacks are being conducted by state support organizations and professional criminal organizations.