View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Design issues major cause of virus attacks: Kaspersky Lab

Biggest mistake of corporate IT policy is to ignore network share access rights, finds study

By CBR Staff Writer

Computer security company Kaspersky Lab has released the results of a study conducted to find out main IT security policy mistakes of corporates.

The study was conducted by the company’s Global Emergency Response Team (GERT) – a consulting service for the company’s corporate users. It found that majority of virus-related incidents occur due to underestimated design issues or unnoticed weaknesses in corporate security policies.

GERT is a globally distributed team with two major locations: Moscow, Russian Federation, and Seattle, US. The data that was garnered while serving corporate customers.

It found that the biggest mistake of corporate IT policy is to ignore network share access rights, which is responsible for 35% of incidents.

Use of multiple vendor antimalware tools (15% of incidents) may lead to a situation where it is hard to mitigate malware attacks, found the study. This primarily happens if one of the vendors does not respond fast enough to attacks, allowing malware to attack from the unprotected side.

GERT chief Alexey Polyakov said that security admin spends a lot of time working with multiple vendors’ support services in finding and fixing a problem.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

Another major mistake causing 15% of incidents is a partially protected environment — where an antimalware tool is installed on part of the network, leaving other resources unprotected.

Firmware vulnerability accounted for 5% of incidents, while reliance on software downloaded from the Web also led to 5% of incidents, found the study.

Polyakov said, "In the past, our corporate support team received complaints unrelated to product functionality."

Polyakov continued, "For example, some customers complained that our products could not remove all the viruses from a network. After some quick analysis we discovered that the products did in fact successfully detect and remove malware, but this malware kept coming back – over and over again.

"So over the last 12 months, by actively engaging with our corporate users we have noticed that the majority of virus-related incidents occur due to underestimated design issues or unnoticed weaknesses in corporate security policies."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU