Top internal network threats in 2008 so far

Promisec announced its findings from security audits of more than 100,000 corporate endpoints. These audits were conducted in the first six months of 2008 in enterprises of different sizes and revealed that not even one organization was completely clean from internal threats, and the minimum number of threats found was three.

Promisec’s security audits were done across a number of industries, including finance, healthcare, insurance, manufacturing, etc. and found that:

• Use of unauthorized removable storage continues to rise in organizations.
• The number of endpoints that do not apply threat management agents or are not updated with the latest build or signatures continues to rise.
• Instances of unauthorized instant messaging continue to increase in all organizations.

Promisec discovered that 12% of infected computers had a missing or disabled anti-virus program, 10.7% had unauthorized personal storage like USB sticks or external hard drives, 9.1% had unauthorized peer-to-peer (P2P) applications installed, 8.5% had a missing 3rd party desktop agent, 2.6% had unprotected shared folders, 2.2% had unauthorized remote control software, and 2% had missing Microsoft service packs.

One of the most alarming findings of the audit was how rapidly these internal security threats have increased over the past year. Compared to a similar study Promisec conducted in 2007, Promisec found that in the first half of 2008, the percentage of infected computers with unauthorized remote control software had increased by more than 200-fold, those without a working anti-virus program had increased 12-fold, and the number with unauthorized storage had increased by 10-fold. Other threats had increased by anywhere from two to eight times as many when compared to the previous year.