Legitimate websites increasingly under sophisticated attack

By

Trusted websites are posing a security risk to oblivious surfers according to a Websense report released today which revealed the number of legitimate websites compromised by attackers now outnumbers those specifically created for malicious purposes.

Legitimate websites increasingly under sophisticated attack
The report, Websense Security Labs Report found that for the first time, today 51 percent of the sites classified as malicious are compromised websites.

According to the vendor, the trend poses a significant risk as traditional security measures are not designed to handle the attacks. "These sites pose a significant risk because many security companies rely on Web site reputation to protect customers. Compromised sites have a good reputation...this raises the effectiveness of the attacks," stated the report.

Dan Hubbard, vice president of security research at Websense said, more and more, attackers are compromising legitimate websites to infect visitors with information-stealing code or to add users’ machines to botnets.

“With this in mind, organisations need to ensure their Web, messaging and data security solutions can protect the avenues hackers seek to exploit for financial gain,” he said.

Popular sites recently hacked include soccernet.com; Whitepages.com.au; and the United Nations' HIV/AIDS Asia Pacific portal.

“We believe that attackers will continue to be creative and leverage Web 2.0 applications and user-generated content to create even bigger security concerns for organisations.

“Additionally, they are increasing the sophistication of their attack methods and building resilient infrastructures as we saw with the Storm worm attacks last year,” Hubbard said.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
internet securitysecurityweb securityweb threatswebsite security

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?