Brian Pennington

A blog about Cyber Security & Compliance


Juniper Networks

90 Percent of Businesses Fell Victim to a Cyber Security Breach

The Ponemon Institute has released the the results of a study conducted to determine what IT and IT security practitioners in the US, UK, France and Germany think about how well their organizations are responding to threats against network security. Sponsored by Juniper Networks, they believe the research is important because “it can provide insights from those who are dealing daily with the prevention and detection of these attacks. Specifically, what do they think about the current threat landscape and what are the most effective strategies to keep networks secure”.

Some of the topics addressed include:

  • Are threats to network security increasing in frequency and sophistication?
  • Is their organization’s IT infrastructure secure enough to prevent successful attacks?
  • What is the nature of the attacks and are the attackers and attack vectors known?
  • Do organizations see complexity as a barrier to effective enterprise-wide network security?

They surveyed 583 IT and IT security practitioners in there US with an average of 9.57 years of experience. More than half (51 percent) are employed by organizations with more than 5,000 employees.

The study found the number of successful network security breaches over the past 12 months were:

None 10%
1 time 21%
2 to 3 Times 32%
4 to 5 Times 18%
More than 5 times 9%
Cannot determine 10%

Some of the most salient findings are as follows:

The financial impact of a security breach can be severe. According to 41% of respondents, the financial impact of these breaches was $500,000 or more. However, 16% cannot determine the amount. Respondents were asked to consider cash outlays, internal labor, overhead, business disruption, revenue losses and other expenses.

Security breaches most often occur at off-site locations but the origin is not often known. Mobile devices and outsourcing to third parties or business partners seem to be putting organizations at the most risk for a security breach. 28% say the breaches occurred remotely and 27% say it was at a third party or business partner location.

Attacks are coming from external agents but insider abuse is prevalent. External agents and insiders (employees) are most commonly behind the security breaches according to 55% and 49% of respondents, respectively. Respondents also report that multiple sources can be blamed for the breaches.

Employee mobile devices and laptops are seen as the most likely endpoint from which serious cyber attacks are unleashed against a company. 34% of respondents say attacks occurred from infected laptops or remotely due to an employee’s insecure mobile device. Further, the top two endpoints from which these breaches occurred are employees’ laptop computers (34%) and employees’ mobile devices (29%). 28% say it is employees’ desktop computers.

Complexity and availability of resources are the most serious challenges to combating cyber attacks. 48% cite complexity as one of their biggest challenges to implementing network security solutions. The same percentage of respondents 48% says it is resource constraints. These challenges are followed by lack of employee awareness, which contributes to the insider risk. In addition to simplifying their security operations and increasing available resources, organizations should consider the importance of training and awareness.

Attacks are becoming more frequent and severe. IT practitioners in the study are worried about continuing and more serious attacks. 78% of respondents say there has been a significant increase in the frequency of cyber attacks during the 12 months, and 77% say these attacks have become more severe or difficult to detect, or contain.

Given the current threat landscape, organizations should make prevention and detection of security breaches a primary focus. Only 32% of respondents say their primary focus or approach to network security is on preventing attacks. 16% say it is on fast detection and containment and 15% say it is on network intelligence. 23% say their network security strategy is to baseline their approach against best practices and 14% say it is IT governance.

Ponemon’s Conclusions

They believe their research provides evidence that many organizations are lacking the right strategy to prevent cyber attacks against networks and enterprise systems. Their study suggests conventional network security methods need to improve in order to curtail internal and external threats.

They believe organizations should consider incorporating the following recommendations in their network security strategy:

  • Understand the risk employees’ mobile devices create in the workplace. In addition to problems created when inappropriately being connected to the network, breaches involving lost or stolen laptop computers or other mobile data-bearing devices remain a consistent and expensive threat. According to Ponemon Institute’s 2010 Annual Cost of a Data Breach Study, 35 percent of organizations report that a lost or stolen mobile device caused the data breach they experienced.
  • Create a comprehensive policy (including detailed guidelines) for all employees and contractors who use mobile devices in the workplace. The policy should address the risks associated with each device and the security procedures that should be followed. Guidelines can range from such topics as to what types of data should not be stored on these devices, how to determine if an application can be safely downloaded and how to report a lost or stolen device.
  • Improve ability through expertise and enabling technologies to detect and prevent breaches. Understanding the source of the breaches can help organizations strengthen their cyber security strategy.
  • Address the insider threat through the creation of an enterprise wide security policy that includes the responsibilities of employees to help protect network security. The policy should be easily accessible. In addition, there should be a training and awareness program to ensure employees understand the various risks to the network and how they can contribute to preventing security breaches.
  • Complexity is recognized as a barrier to effective network security strategy. Organizations should assess their current procedures and technologies to understand how best to streamline their approach and have an end-to-end (holistic) approach to network security. The studies consistently show that the cost of cyber attacks is increasing. Reducing an organization’s vulnerability to such attacks through the combination of proper staffing, enabling technologies and training programs can help prevent the pattern of multiple breaches experienced by so many in our study.

The full study can be downloaded here


Mobile Device Vulnerabilities at an all time high

Juniper Networks @ Sunnyvale, CA
Image by via Flickr

In study commissioned by Juniper Networks the study found that enterprise and consumer mobile devices are being exposed to a record number of security threats.

The study’s key findings Include:

  • App Store Anxiety: The single greatest distribution point for mobile malware is application download, yet the vast majority of Smartphone users are not employing an antivirus solution on their mobile device to scan for malware
  • Wi-Fi Worries: Mobile devices are increasingly susceptible to Wi-Fi attacks, including applications that enable an attacker to easily log into victim email and social networking applications
  • The Text Threat: 17 percent of all reported infections were due to SMS Trojans that sent SMS messages to premium rate numbers, often at irretrievable cost to the user or enterprise
  • Device Loss and Theft: 1 in 20 Juniper customer devices were lost or stolen, requiring locate, lock or wipe commands to be issued
  • Risky Teen Behavior: 20 percent of all teens admit sending inappropriate or explicit material from a mobile device
  • “Droid Distress”: The number of Android malware attacks increased 400 percent since Summer 2010

“These findings reflect a perfect storm of users who are either uneducated on or disinterested in security, downloading readily available applications from unknown and unvetted sources in the complete absence of mobile device security solutions,” said Dan Hoffman, chief mobile security evangelist at Juniper Networks.

“App store processes of reactively removing applications identified as malicious after they have been installed by thousands of users is insufficient as a means to control malware proliferation. There are specifics steps users must take to mitigate mobile attacks. Both enterprises and consumers alike need to be aware of the growing risks associated with the convenience of having the Internet in the palm of your hand.”

“The last 18 months have produced a non-stop barrage of newsworthy threat events, and while most had been aimed at traditional desktop computers, hackers are now setting their sights on mobile devices. Operating system consolidation and the massive and growing installed base of powerful mobile devices is tempting profit-motivated hackers to target these devices”, Jeff Wilson, principle analyst, Security at Infonetics Research.

“In a recent survey of large businesses, we found that nearly 40 percent considered smartphones the device type posing the largest security threat now. Businesses need security tools that provide comprehensive protection: from the core of the network to the diverse range of endpoints that all IT shops are now forced to manage and secure.”

The study specifically reports the following:-

  • 400 percent increase in Android malware since summer 2010
  • 1 in 20 mobile devices was lost or stolen, requiring locate, lock, or wipe commands
  • 20% of all teens admit sending inappropriate or explicit pictures or videos of themselves from a mobile device
  • 61% of Juniper Networks-detected malware infections are from spyware
  • 17% of Juniper Networks-detected mobile malware infections are from SMS Trojans
  • Mobile malware grew 250% from 2009 to 2010
  • 1 in 20 mobile devices is lost or stolen, risking loss of confidential and sensitive data.
  • 83% of teens use mobile technology to stay connected with friends and family.
  • 20% of all teens have been cyberbullied through a mobile device.
  • 20% of all teens admit to sending inappropriate or explicit pictures or videos of themselves from a mobile device.
  • 20% of teens admit to having sent inappropriate or explicit pictures or videos from their cell phones
  • 39% of teens admit to sending sexually suggestive messages from their device
  • 29% of teens admit that they are sending suggestive messages, or inappropriate and explicit pictures or videos to someone they have never met
  • 44% of teens admit that it is common for suggestive messages that were received to be shared with someone else

The study recommends the following: 

For Consumers:

  • Install an on-device anti-malware solution to protect against malicious applications, spyware, infected SD cards, and malware-based attacks on the device
  • Use an on-device personal firewall to protect device interfaces
  • Require robust password protection for device access
  • Implement anti-spam software to protect against unwanted voice and SMS/MMS communications
  • For parents, use device usage monitoring software to oversee and control pre-adult mobile device usage and protect against cyberbullying, cyberstalking, exploitative or inappropriate usage, and other threats

For Enterprises, Government agencies and SMBs:

  • Employ on-device anti-malware to protect against malicious applications, spyware, infected SD cards and malware-based attacks against the mobile device
  • Use SSL VPN clients to effortlessly protect data in transit and ensure appropriate network authentication and access rights
  • Centralize locate and remote lock, wipe, backup and restore facilities for lost and stolen devices
  • Strongly enforce security policies, such as mandating the use of strong PINs/Passcodes
  • Leverage tools to help monitor device activity for data leakage and inappropriate use
  • Centralize mobile device administration to enforce and report on security policies

For further details, click here


A short history of Android security issues

In its recent study, Juniper Networks uncovered some very interesting facts on the growing risk to Android base mobile devices.

The time line for the development of the threats is as follows

Android Attacks: 2010

  • January 2010: First bank phishing application for Android
  • March 2010: First Android “botnet”
  • July 2010: GPS monitoring embedded in Tap Snake game
  • August 2010: First Android SMS Trojan
  • November 2010: “Angry Birds” proof-of concept malware demonstrated
  • December 2010: First pirated Android application, Geinimi

Android Attacks: 2011

  • January 2011: ADRD and PJApps available in China
  • March 2011: Myournet/DroidDream, the first Android malware available and distributed through Android Market on a large scale, affects 50,000 users.
  • Google’s solution, the Android Market Security Tool, was also pirated and turned into malware in China.
  • April 2011: Walk-and-Text pirate puts egg on users’ faces.
  • April 2011: Research at IU Bloomington results in “Soundminer” proof-of-concept communications interception application.

Overall there was a 400% increase in Android malware since summer 2010

In summary, the bad guys have see the growth of the Smartphone market and are turning their skills into the development of tools and attack vectors for the operating systems on them, including Android.


Create a free website or blog at

Up ↑

%d bloggers like this: