- Knowledge Center
- About Us
TechJournal, Allan Maurer, July 25, 2012
Research shows that 18 of the 24 largest banks in the world continue to be infected with malware such as Conficker, DNS Changer, Gameover Zeus, BlackHole Exploit Kit, Fake AV and others, says Lookingglass Cyber Solutions, an appliance-based security company.
Since January 2012, Lookingglass researchers have tracked over 104 million unique malicious IP addresses, many of which are associated with malware for which there are known fixes.
Even after three years of mitigation and remediation, the Conficker worm still has a strong presence in the financial services industry, with 10 of the 24 largest banks in the world continuing to show infections.
When examining data from March 2012 alone, Lookingglass tracked 42 million infected IP addresses, 40 percent of which hosted multiple events.
Not limited to the financial sector
The problem also goes beyond the financial sector. Of the 17 industries that Lookingglass monitored, 14 were infected with high-level threats.
With this data, Lookingglass is able to determine that re-infections are taking place on a consistent basis.
The company’s research also indicates that malware from unclean networks is potentially re-infecting previously cleaned networks, creating a cycle of re-infection among partner and supply chain networks.
Organizations not monitoring reinfections
Many organizations are not monitoring these re-infections, which may cause wide-spread problems for industry sectors that are supported by a common infrastructure.
“With cyber attacks becoming more intricate and sophisticated, not only do organizations put themselves at risk if they don’t take these threats seriously, they also become a liability to their customers and partners,” said Derek Gabbard, CEO of Lookingglass.
“These findings not only highlight the depth of infections worldwide, they also illustrate the effect re-infections can have on organizations that don’t leverage proactive security intelligence.”
Lookingglass says it offers alert and warning capabilities that empower customers to continuously monitor for over the horizon threats, such as the presence of botnets, hosts associated with cyber criminal networks, unexpected route changes and the loss of network resiliency.