Security threats Toolkit

Web-borne security threats soar

Tags:
Malicious,
Threats,
Window,
Pages

Tom Espiner ZDNet.co.uk

Published: 25 Jul 2007 13:33 BST

Internet-borne threats now pose a greater risk to companies' security than email-borne threats, with June seeing the highest incidence of internet-borne threats so far, according to security-software vendor Sophos.

This year has seen a "worrying" increase in the amount of malicious code on the internet, according to Graham Cluley, Sophos senior technology consultant.

In June, Sophos detected 29,700 newly infected web pages per day, up from 5,000 per day from January to March. Four out of five infected sites had been compromised, with just one in five specifically created with malicious intent.

"It's a worrying trend that legitimate websites are increasingly being hacked, rather than websites being specifically crafted," said Cluley. "There are lots of places people may visit, thinking they are harmless, which could potentially bring infection into a company."

Sentry Posts Blog

Guarding the network

What you need to know — and what you and your peers have to tell us — about security management in our new community group blog

Approximately half of the infected websites contained code that the security company calls "Mal/Iframe". The legitimate websites could initially have been compromised via vulnerabilities in the server that allowed SQL injection, while some had policies that allowed blog posts containing HTML, which allows pages to be infected.

Mal/Iframe opens a tiny window, often measuring one pixel by one pixel, through which other malicious content which seeks to exploit web browsers is dragged onto a legitimate site, according to Cluley. "You have a tiny pinprick of a window dragging down malicious code, maybe hosted on a Chinese server," he said.

According to Sophos, China is the country which hosts the most malware-infected pages, followed by the US.

Andy Buss, senior security analyst at Canalys, said there was an increasing trend towards web-based threats. "The threat landscape is moving, as organised criminals using web-based threats are entering the arena, hacking legitimate websites to implant malware, and using phishing sites," said Buss. "People don't understand the threats when browsing. Web-based threats are definitely on the rise."

People not understanding internet threats is a problem for companies, said Buss. Not only could companies suffer intellectual-property theft through employees' machines being compromised, but businesses which trade online could also suffer loss of revenue if their customers lose confidence in online purchasing, he said.