P2P File-Sharing Actually Sharing Malware and Botnets

Sue Marquette Poremba
Slide Show

Security 2016: What to Expect in the New Year

Peer-to-peer (P2P) file sharing and the downloading of illegal content might be synonymous with Napster, appearing to be a technology that is ancient history. But it is still used regularly (and some of it illegally when using copyrighted materials), now with even more security threats.

BitSight Technologies studied the P2P file sharing activity of over 30,700 companies, analyzing the percentage of P2P downloads containing malware, the top torrented games and applications on corporate networks and the correlation between file sharing and botnet infections.

What the report found is that 43 percent of application files and 39 percent of games shared in P2P files contained malicious software. It also revealed a clear correlation between botnet activity and file sharing activity.

As the report stated:

Much of this activity is likely against corporate policies; although there are no published metrics on what percent of companies prohibit P2P file sharing, many companies have explicit rules against it. . . . For many companies, peer-to-peer file sharing is a result of shadow IT - where employees are downloading copyrighted business applications such as Microsoft or Adobe products.

When you see the amount of malware that is spread via P2P file sharing, it appears to be a wise move for companies to prohibit the practice, especially when you continue to read the report and discover this tidbit:

While we cannot demonstrate that malicious software from downloaded BitTorrent files caused these observed botnet infections, we can definitively say that companies with more BitTorrent activity are more likely to have an increased number of botnet infections. This has major implications for security and risk professionals: if a company or important third party has increased BitTorrent activity, this could indicate more serious security issues such as botnet infections.

As we’ve learned, restricting online behavior is easier said than done. It’s even more difficult when you consider that much of what is being shared on P2P networks are applications that can improve work production. Even so, its use needs to be better monitored. As Stephen Boyer, co-founder and CTO of BitSight Technologies, stated in a formal release:

Movies and games often come to mind when organizations think about P2P file sharing; however, the majority of infected applications that we uncovered were either Adobe Photoshop, Microsoft Office or various versions of the Microsoft Windows operating system. Our analysis found a high degree of correlation between organizations participating in P2P activity and system compromises via malware infections. The high malware infection rates suggest that organizations with file sharing activity are more susceptible to machine takeover. File sharing activity can serve as one of many key risk indicators and should be considered not only internally, but also when assessing vendor risk, conducting M&A due diligence, and underwriting cyber insurance.

Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.