2013 CHECK POINT ANNUAL SECURITY REPORT
004
01
“just as water retains no
constant shape, so in warfare
there are no constant
conditions.”
1
Although this sentence is 2,600
years old, surprisingly it is still
more than relevant, reflecting
today’s modern warfare -
cyber warfare.
Hackers’ technics are constantly changing, using more
advanced and sophisticated attack methods, raising
the security challenge to new levels. Data centers,
employees’ computers and mobile phones are prime
targets for hackers who deploy an endless variety of
malware such as bots, trojans and drive-by downloads.
Hackers use ruse and social engineering to manipulate
innocent users to gain access to corporate information
such as internal documents, financial records, credit
card numbers and user credentials, or to simply shut
down services with denial of service attacks. This
modern war of advanced threats and attacks is here
to stay. Corporate information stored in data centers,
servers, PCs and mobile phones is increasing at the
speed of light, and more data and platforms imply more
risks. Finally, the list of security threats is not getting
any shorter, and each new attack reveals a deeper level
of sophistication.
What were the main security risks your network
environment faced in the last year? What are the risks
it will be exposed to next year? These were the key
questions that kept Check Point’s security research team
busy in the past few months. While gathering answers to
these questions, Check Point has conducted an intensive
security analysis.
This report provides a peek into 2012 network security
events that occurred in organizations worldwide.
The report presents the security events found at these
organizations, with examples of incidents published
publically, explanations on how some of the attacks
were conducted, followed with recommendations on
how to protect against such security threats. The report
is divided into three parts. Each part is dedicated to a
different aspect of security. The first part focuses on
security threats such as bots, viruses, security breaches
and attacks. The second part discusses risky web
applications that compromise organizational network
security. The last part is dedicated to loss of data caused
by unintentional employee actions.
Methodology
Check Point’s 2013 Security Report is based on a
collaborative research and analysis of security events
gathered from four main resources: Check Point Security
Gateways Analysis Reports
2
, Check Point ThreatCloud™
3
,
Check Point SensorNet™ network and Check Point
Endpoint Security reports.
A meta-analysis of 888 companies’ network security events
was done using data collected from Check Point Security
Gateways, which scanned the companies’ incoming and
outgoing live network traffic. The traffic was inspected
with Check Point’s multi-tier Software Blades technology
INTRODUCT ION
AND METHODOLOGY