How do you prevent Web-based threats

By SecurityAsia Editors | Jul 19, 2010

0 comments

Digg

 Email

 Print

The days when hackers were cracking computers just for fun and fame and spreading worms and virus only for attention and glory are passe. Malicious activity has evolved tremendously over the past decade and “friendly” hackers of yesterday have been replaced by well organized and globally dispersed criminals, motivated by rapid, illicit and difficult to trace financial gain. In fact, with millions of users making financial transactions online everyday, the potential for profit is high.

The New Generation of Internet threats: Web-based Attacks
While viruses, Trojans and worms are still around, numerous sophisticated and blended threats have joined the family and expanded the attack possibilities.

Phishing, key loggers, botnets, ‘drive-by’, used alone or combined, are among the most common malware leveraged by hackers to harvest information, take control of computers, access corporate networks or retrieve personal data. As an example, let’s take a look at some of the recent Internet incidents that occurred this year:

• In June 2009, more than 40,000 web sites were hit by a 'mass-compromise attack' dubbed Nine Ball that injected malware into pages and redirected victims to a site that attempted to download further malware;
• May 2009, a series of rapidly spreading web site compromises known as Gumblar garnered media headlines. Gumblar-infected sites delivered keyloggers and other malware to visitors;
• In February 2009, my.barackobama.com, the Obama campaign blogging site, was used to deliver malware infecting content to visitors.
• The travel web site of the US government, govtrip.com, was hacked in February 2009 and used to distribute malware to government agencies.
• In September 2008, malware was planted on the Business Week web site through an SQL injection attack. According to statistics from Google, 10% of the pages available on the Business Week web site were serving malware to visitors.

Traditional security controls struggle against Web-based threats
Although they remain critical and effective components of endpoint security, desktop firewall, anti-virus, anti-spam, anti-spyware and other signature based protection are not sufficient to stop modern web attacks.

Antivirus and anti-spyware applications traditionally identify and stop infiltration of viruses, worms, Trojans, adware and keystroke loggers. They provide real-time protection as well as detection and removal capabilities.

However in front of today’s highly complex, blended and constantly mutating viruses and worms, they struggle. Threats change their signature on every PC they infect and signature based protection, as a defense for some 0-hour web based attacks, are ineffective.
 

0 comments

Digg

 Email

 Print