BitSight examined BitTorrent P2P file sharing activity of over 30,700 companies. They looked at the percentage of P2P downloads containing malware, the top torrented applications and games on corporate networks and the correlation between file sharing and compromised machines via botnet infections.
In addition, they compared file sharing activity and protocol of 10 industries including —Finance, Retail, Healthcare, Energy/Utilities, Government, and Education.
BitSight uncovered that 43 percent of applications and 39 percent of games contained malicious software that could infect corporate and vendor networks – highlighting that P2P file sharing can pose a major security threat to organizations and their vendors.
“While the sharing and downloading of copyrighted or pirated content and applications over peer-to-peer typically violates most corporate policies, the behavior continues to occur at a high rate. Movies and games often come to mind when organizations think about P2P file sharing; however, the majority of infected applications that we uncovered were either Adobe Photoshop, Microsoft Office or various versions of the Microsoft Windows operating system,” said Stephen Boyer, CTO of BitSight Technologies.
“Our analysis found a high degree of correlation between organizations participating in P2P activity and system compromises via malware infections. The high malware infection rates suggest that organizations with file sharing activity are more susceptible to machine takeover. File sharing activity can serve as one of many key risk indicators and should be considered not only internally, but also when assessing vendor risk, conducting M&A due diligence, and underwriting cyber insurance,” Boyer concluded.
- 23 percent of organizations analyzed have evidence of some P2P file sharing activity on their networks.
- 43 percent of torrented application files and 39 percent of torrented games contained malicious software.
- Adobe Photoshop and Grand Theft Auto V are the top torrented applications and games respectively.
- Industries such as Government, Education, and Energy/Utilities are poor performers; more than a quarter of companies in these industries have observed BitTorrent file sharing activity in the last six months.
- Companies with more file sharing activity were likely to have more compromised machines due to botnet infections.