Majority of malicious websites are now legitimate sites compromised by attackers Websense, Inc. has released a new report that reveals that – for the first time – the number of legitimate websites compromised by attackers has surpassed those purposefully created by attackers.The Websense Security Labs report summarises security trends for the second half of 2007. Websense researchers warn Internet users to be wary of what sites they click on and visit. These sites pose a significant business risk because traditional security measures are not designed to handle the attacks, and the attackers are using sophisticated techniques such as spoofing search engine results to drive traffic to infected sites. Attackers know that compromising sites with generally good reputations – sites that have a built-in group of visitors – coupled with more effective and targeted e-mail lures, can increase the success rate of attacks. For example, on August 27, 2007, Websense discovered an attack launched within the United Nations' HIV/AIDS Asia Pacific portal. When visitors opened the United Nations website, unprotected users inadvertently downloaded a Trojan horse that infected their computers with malicious code. Victims became unknowing participants in a larger bot network that attackers can use for future malicious attacks – posing a risk to both personal computer users and businesses. “More and more, attackers are compromising legitimate websites to infect visitors with information-stealing code or to add users’ machines to botnets,” said Dan Hubbard, vice president of security research, Websense. “Additionally, they are increasing the sophistication of their attack methods and building resilient infrastructures as we saw with the Storm worm attacks last year. We believe that attackers will continue to be creative and leverage Web 2.0 applications and user-generated content to create even bigger security concerns for organisations. With this in mind, organisations need to ensure their Web, messaging and data security solutions can protect the avenues hackers seek to exploit for financial gain.” Additional highlights from the Second Half 2007 Security Trends Report were: • Attackers tried to perfect the blended threat technique: the second half of 2007 saw the use of multiple attack vectors to evade detection and increase attack effectiveness. For example, the Storm Worm writers increased their attack ante by using multiple attack vectors including: domain name system (DNS), Web, peer-to-peer, encryption and several evasion techniques. By using so many different vectors and techniques they made it difficult to take down the malicious sites and prevent future outbreaks.
•Date: 25th January 2008• Region:World •Type: Article •Topic: ISM
|
