03
_ APPLICATIONS IN THE ENTERPRISE WORKSPACE
024
Sharing is Not Always Caring
The term ‘Sharing is caring’ usually means that if someone
shares with others, they care about them. When sharing
files using File Storage and Sharing Applications in
workplace environments, this is not always the case. One
Top File Storage & Sharing Applications
(% of Organizations)
More info on top File Storage and Sharing Applications is available in Appendix B.
Source: Check Point Software Technologies
51
%
Windows Live Office
9
%
Microsoft SkyDrive
22
%
YouSendIt
13
%
Sugarsync
10
%
PutLocker
69
%
Dropbox
Chart 3-G
From July to September 2011, an attack campaign
tagged as :“Nitro” took place. Attackers used an off-
the-shelf Remote Access Tool called Poison Ivy to sniff
out secrets from nearly 50 companies, many of them
in the chemical and defense industries. Poison Ivy was
planted onWindows PCs whose owners were victims of
a scam delivered via email. The emails touted meeting
requests from reputable business partners, or in some
cases, updates to antivirus software or Adobe Flash
Player. When users opened the message attachment,
they unknowingly installed Poison Ivy on their
machines. From there the attackers were able to issue
instructions to the compromised computers, troll for
higher-level passwords to gain access to servers hosting
confidential information, and eventually offload the
stolen content to hacker-controlled systems. 29 of the
48 firms that were successfully attacked were in the
chemical and advanced materials trade - some of the
latter with connections to military vehicles - while
the other 19 were in a variety of fields, including the
defense sector21. Nitro is not the only example of the
misuse of RAT, other examples are the RSA breach,
ShadyRAT and Operation Aurora. In all these cases
Poison Ivy was utilized.
HACKED BY REMOTE ACCESS TOOLS
of the prominent characteristics of Web 2.0 is the ability
to generate content and share it, but this also presents a
risk. Sensitive information can get into the wrong hands
by sharing confidential files. Our research includes high
risk File Storage and Sharing applications that may cause
data leak or malware infection without user knowledge.
Our research shows that 80% of organizations have at
least one file storage or file sharing application running on
their network. We found that 69% of events are a result
of Dropbox usage. Windows Live Office is on the second
place with 51%.
High Risk Applications Usage per Industry
Check Point analyzed the usage of high risk applications
from an industry point of view. Chart 3-E indicates that
Industrial and Governmental organizations are the most
extensive users of high risk applications. There are cases
where the use of some of these applications might be a
legitimate use in an organization, for example the use of
remote administration tools by help desk, therefore the
horizontal bar in the chart indicates the probability level
of legitimate usage in a business environment.
80% OF ORGANIZATIONS
USE
FILE STORAGE &
SHARING
APPLICATIONS
1...,13,14,15,16,17,18,19,20,21,22 24,25,26,27,28,29,30,31,32,33,...50