03
_ APPLICATIONS IN THE ENTERPRISE WORKSPACE
024
Sharing is Not Always Caring
The term ‘Sharing is caring’ usually means that if a
person shares something with another, it’s an expression
of care. When sharing files using file storage and
sharing appliations in workplace environments, the
term may carry a different meaning. One prominent
characteristic of Web 2.0 is its ability to generate
Top File Storage & Sharing Applications
(% of Organizations)
More info on top File Storage and Sharing Applications is available in Appendix B.
Source: Check Point Software Technologies
51
%
Windows Live Office
9
%
Microsoft SkyDrive
22
%
YouSendIt
13
%
Sugarsync
10
%
PutLocker
69
%
Dropbox
Chart 3-G
An attack campaign named “Nitro” took place
between July to September 2011. Attackers used an
off-the-shelf Remote Access Tool called Poison Ivy
to steal secrets from nearly 50 companies, many of
which were in the chemical and defense industry
sectors. Poison Ivy was conspicuously embedded on
Windows PC machines whose owners were victims
of an email scam. The emails touted meeting requests
from reputable business partners, or in some cases,
updates to anti-virus software or Adobe Flash Player.
When users opened the message attachment, they
unknowingly installed Poison Ivy onto their machines.
From there, the attackers were able to issue instructions
to the compromised computers, troll for high-level
passwords to gain access to servers hosting confidential
information, and eventually offload the stolen content
to hacker-controlled systems. 29 of the 48 firms
attacked were in the chemical and advanced materials
industry, while the remaining 19 represented a variety
of business fields, including the defense sector
21
.
Nitro was not the only example of RAT misuse.
Other examples include RSA breach, ShadyRAT and
Operation Aurora. In all these cases, Poison Ivy was
utilized to carry out the crime.
HACKED BY REMOTE ACCESS TOOLS
content and share it, but this also presents a risk.
Sensitive information can land in the wrong hands
when sharing confidential files. We researched high-
risk file storage and sharing applications that may cause
data leak or malware infection without user knowledge.
Our data shows that 80% of organizations we tested had
at least one file storage or file sharing application running
on their networks, and that 69% of these organizations
used Dropbox. Windows Live Office was second most
popular as it was used by 51% of companies.
High-Risk Applications Usage by Industry
Check Point analyzed the usage of high-risk applications
from an industry point of view. Chart 3-E indicates that
Industrial and Governmental organizations were the
most extensive users of high-risk applications. As there
are legitimate business usage cases for some of these
applications (such as the usage of Remote Administration
Tools by the help desk), the shaded area in the chart
represents the probable level of legitimate use.
80% OF THE
ORGANIZATIONS SCANNED
USED
FILE STORAGE &
SHARING
APPLICATIONS
