RSS Alerts

Related Links

Related Stories

  • SQL injection attacks are in decline – or are they?
    IBM's X-Force 2009 Trend and Risk report claims to show an 11% fall in discovered vulnerabilities compared to 2008, including a decline in the largest categories, such as SQL injections and ActiveX.
  • Businesses must rethink security spending to keep hackers out
    Businesses are prioritising unimportant security fixes while leaving their IT systems open to sophisticated hacking attacks, a major study released today reveals.
  • Symantec publishes first dirty website list
    Symantec has published the first set of results from the Norton Safe Web system - a database of potentially bad websites compiled anonymously by the 20 million-plus users of its IT security software.
  • US standards drive Canadian information security
    An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace
  • US named country with most malware
    Information security and data protection vendor Sophos has released a list of the top 10 countries hosting malware. The report reveals that websites in the US are accountable for hosting 37.4% of malware worldwide.

News

IBM report shows leap in malicious websites

28 August 2009

Users are more at risk from malicious websites that steal credit cards than ever before, according to the latest IBM X-Force 2009 Mid-Year Trend and Risk report. Even legitimate sites may pose serious security risks.

The report's findings show an unprecedented state of insecurity as web client, server and content threats converge to create an untenable risk landscape.

According to the X-Force report, there has been a 508% increase in the number of malicious web links discovered in the first half of 2009.

This problem is no longer limited to malicious domains or untrusted websites, according to X-Force. There is also an increase in the presence of malicious content on trusted sites, including popular search engines, blogs, bulletin boards, personal websites, online magazines and mainstream news sites. The ability to gain access and manipulate data remains the primary consequence of vulnerability exploitations, X-Force warned.

The X-Force report identified increasingly sophisticated attacks, such as those using PDF vulnerabilities. From the first to the second quarter of 2009, the amount of suspicious, obfuscated or concealed content monitored by the IBM ISS Managed Security Services team nearly doubled.

X-Force Director Kris Lamb, said, "There is no such thing as safe browsing today and it is no longer the case that only the red light district sites are responsible for malware. We've reached a tipping point where every website should be viewed as suspicious and every user is at risk. The threat convergence of the web ecosystem is creating a perfect storm of criminal activity."

This article was first published by Computer Weekly
 

 

This article is featured in:
Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water