Legitimate websites increasingly under sophisticated attack

By

Trusted websites are posing a security risk to oblivious surfers according to security vendor Websense which today revealed the number of legitimate websites compromised by attackers now outnumbers those specifically created for malicious purposes.

Legitimate websites increasingly under sophisticated attack
The report, Websense Security Labs Report found that for the first time, 51 percent of the sites classified as malicious are compromised websites.

According to Websense the trend poses a significant risk as traditional security measures are not designed to handle the attacks.

"These sites pose a significant risk because many security companies rely on Web site reputation to protect customers. Compromised sites have a good reputation...this raises the effectiveness of the attacks," stated the report.

Dan Hubbard, vice president of security research at Websense said more attackers are compromising legitimate websites to infect visitors with information-stealing code or to add users’ machines to botnets.

“With this in mind, organisations need to ensure their Web, messaging and data security solutions can protect the avenues hackers seek to exploit for financial gain,” he said.

Popular sites recently hacked include soccernet.com; Whitepages.com.au; and the United Nations' HIV/AIDS Asia Pacific portal.

“We believe that attackers will continue to be creative and leverage Web 2.0 applications and user-generated content to create even bigger security concerns for organisations.

“Additionally, they are increasing the sophistication of their attack methods and building resilient infrastructures as we saw with the Storm worm attacks last year,” Hubbard said.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?