2013 CHECK POINT ANNUAL SECURITY REPORT
004
01
“just as water retains no
constant shape, so in warfare
there are no constant
conditions.”
1
Although this sentence is 2,600
years old, surprisingly it is
still VERY relevant, reflecting
today’s modern warfare -
cyber warfare.
Hackers’ techniques are constantly changing. As
these nefarious assaults become more advanced and
sophisticated, security challenges are raised to new
heights. Data centers, employees’ computers and
mobile phones are prime targets for hackers who deploy
an endless variety of malware such as bots, trojans
and drive-by downloads. Hackers use ruse and social
engineering to manipulate innocent users’ identities
to access corporate information such as internal
documents, financial records, credit card numbers and
user credentials, or to simply shut down services with
denial of service attacks. This modern war of advanced
threats and attacks is here to stay. Corporate information
stored in data centers, servers, PCs and mobile phones is
ever increasing ; with more data and platforms implying
added risks for corporations. Finally, the list of security
threats is not getting shorter, and each new attack
reveals a deeper level of attacker sophistication.
What were the main security risks that your network
faced last year? What are the risks it will face next
year? These were the key questions that kept Check
Point’s security research team busy over the past several
months. While gathering answers to these questions,
Check Point conducted an intensive security analysis
spanning over 800 of its client organizations.
This report provides an analysis of 2012 network
security events that occurred in organizations
worldwide, with examples of published incidents,
explanations on how some of the attacks were carried out
followed by recommendations on how to protect against
such assaults. The report is divided into three parts. Each
part is dedicated to a different aspect of security. The
first part focuses on security threats such as bots, viruses,
security breaches and attacks. The second part discusses
risky web applications that compromise organizational
network security. The final part is dedicated to loss of
data caused by unintentional employee actions.
Methodology
Check Point’s 2013 Security Report is based on a
collaborative research and analysis of security events
gathered from four main resources: Check Point Security
Gateways Analysis Reports
2
, Check Point ThreatCloud™
3
,
Check Point SensorNet™ network and Check Point
Endpoint Security reports.
A meta-analysis of network security events at 888
companies was conducted using data collected from Check
Point Security Gateways, which scanned the companies’
incoming and outgoing live network traffic. This traffic
was inspected by Check Point’s multi-tier Software Blades
technology to detect a variety of security threats such as
high-risk applications, intrusions attempts, viruses, bots,
INTRODUCT ION
AND METHODOLOGY
