The File Sharing risk vector observes the sharing of files (such as books, music, movies, TV shows, and applications) using BitTorrent. It includes files shared over the BitTorrent protocol or when the activity is observed on company infrastructure.
Risks
There’s no guarantee that content exchanged through BitTorrent has not been tampered with. This increases the risk of introducing malware to the system via malware or vulnerable software, such as unpatched and unregistered software.
Bitsight Blog, “Two Years Later, Still at Least Twice as Likely”
Our research shows that the likelihood of experiencing a publicly disclosed data breach more than doubles if an organization has a File Sharing risk vector grade lower than an “A.”
The networks of 30,700 companies were observed across all industries and found 23% of organizations were using the BitTorrent protocol for peer to peer file sharing. Among these companies, 43% of torrented applications were also observed to contain malicious software.
- Despite matching content names or “official-sounding” titles, file sharing creates a risk of allowing malware to infect an organization’s network.
- Systems damage, which can lead to a disruption of business continuity, potential loss of data, and theft of intellectual property.
- A company can encounter legal issues associated with using unlicensed software and media.
Grading
See how the File Sharing risk vector is graded.
Concept | Behavior |
---|---|
Duration: 60 Days |
|
A default risk vector grade is assigned. |
The rating is positively impacted if there are no File Sharing findings. |
Percentage (out of 2.5% in User Behavior): 2.5% |
Remediation
Review File Sharing findings.
Downloading content through approved channels, such as products directly from the software maker's corporate site or music through a mainstream music source, is the safest method for obtaining desired content because that content has been verified for authenticity.
- File Sharing events coming from your company's infrastructure can be found in the Findings page. The User Behavior Forensics add-on package provides specific details about File Sharing events.
- Use a firewall with Deep Packet Inspection to block torrent activity, as BitTorrent is difficult to block using standard port range rules.
Finding Behavior
Concept | Behavior |
---|---|
The Bitsight platform regularly checks for new observations. Bitsight findings are updated as these observations change, e.g., newly observed Diligence findings or an existing finding was remediated. |
Data Refresh Cycle: Daily User-Requested Refresh Duration: Not Available |
The finding stops impacting ratings when it completes its lifetime (60 days). |
Resources
- March 25, 2024: “No findings/low findings” changed to “insufficient data.”
- August 17, 2023: New Grading & Finding Behavior sections.
- October 29, 2020: Use the Findings page to search findings instead of the User Behavior tab.
Feedback
0 comments
Please sign in to leave a comment.