File Sharing Risk Vector

⇤ User Behavior Risk Category

The File Sharing risk vector observes the sharing of files (such as books, music, movies, TV shows, and applications) using BitTorrent. It includes files shared over the BitTorrent protocol or when the activity is observed on company infrastructure.

See data collection methods.

Risks

There’s no guarantee that content exchanged through BitTorrent has not been tampered with. This increases the risk of introducing malware to the system via malware or vulnerable software, such as unpatched and unregistered software.

• Despite matching content names or “official-sounding” titles, file sharing creates a risk of allowing malware to infect an organization’s network.
• Systems damage, which can lead to a disruption of business continuity, potential loss of data, and theft of intellectual property.
• A company can encounter legal issues associated with using unlicensed software and media.

Grading

See how the File Sharing risk vector is graded.

Remediation

Review File Sharing findings.

Downloading content through approved channels, such as products directly from the software maker's corporate site or music through a mainstream music source, is the safest method for obtaining desired content because that content has been verified for authenticity.

• File Sharing events coming from your company's infrastructure can be found in the Findings page. The User Behavior Forensics add-on package provides specific details about File Sharing events.
• Use a firewall with Deep Packet Inspection to block torrent activity, as BitTorrent is difficult to block using standard port range rules.

Finding Behavior