“There is no such thing as safe browsing today and it is no longer the case that only the red light district sites are responsible for malware. We’ve reached a tipping point where every Web site should be viewed as suspicious and every user is at risk. The threat convergence of the Web ecosystem is creating a perfect storm of criminal activity,” said IBM’s X-Force Director Kris Lamb in a new and sobering report.
“Two of the major themes for the first half of 2009 are the increase in sites hosting malware and the doubling of obfuscated Web attacks,” Lamb said. “The trends seem to reveal a fundamental security weakness in the Web ecosystem where interoperability between browsers, plugins, content and server applications dramatically increase the complexity and risk. Criminals are taking advantage of the fact that there is no such thing as a safe browsing environment and are leveraging insecure Web applications to target legitimate Web site users.” “The trends highlighted by the report seem to indicate that the Internet has finally taken on the characteristics of the Wild West where no one is to be trusted.”
The data behind these conclusions is stark:
- The number of new malicious Web links discovered in the first half of 2009 increased by 508%
- The presence of malicious content on trusted sites has increased, including popular search engines, blogs, bulletin boards, personal Web sites, online magazines and mainstream news sites.
- Web application attacks with the intent to steal and manipulate data and take command and control of infected computers has significantly risen.
- There were 3,240 new vulnerabilities discovered in the first half of 2009, yet 49% of all vulnerabilities disclosed in the first half of 2009 had no vendor-supplied patch at the end of the period.
- Known PDF vulnerabilities in the first half of 2009 already surpass disclosures from all of 2008.
- Trojans account for more than half of all new malware with a nine percent increase over the first half of 2008. Information-stealing Trojans (see bottom of article for definition of Trojans) are the most prevalent malware category.
- Phishing has decreased dramatically. Analysts believe that banking Trojans are taking the place of phishing attacks geared toward financial targets.
What this means to you
In spite of the serious threats and stark warning, the answer isn’t to unplug your computer and head for the hills. Instead, it is essential that you make sure your computers and internet connections are secure with proactive protection software that automatically updates; that you use strong, unique passwords and you keep them private; and you learn to avoid socially engineered exploits. It also means that every family member and/or anyone else who uses your computer(s) follow the same security rigor.
- Secure your computer. If your computer isn’t protected from Trojans, viruses and other malware your financial information and passwords and identity will be stolen. This concept is so basic, yet only 20% of the US population adequately protects their computers. If the cost of security software is prohibitive, use one of the excellent free services.
- Secure your Internet connection – make sure your computer’s firewall is on. If you use a wireless network it needs to be encrypted so someone who is lurking outside the house can’t collect your information. If you need a free firewall, click here.
- Use strong passwords. A weak password is all it takes for someone to steal it. If you use the same password on multiple sites (or everywhere) you are asking for real trouble. Passwords do not have to be hard to remember, just hard to guess.
- When searching, Do NOT assume sponsored sites are safe. Because I use McAfee Site Advisor (it’s free), I see a warning notifying me of the risk. Without a tool like this, you have no way of judging if the site is legitimate or going to give you malware, spam, etc… There are other companies offer similar services; pick one and use it!
- Trust is Key. Know the Site. Know the User. Know the Company. Misplaced trust will land you in a world of trouble.
- You can no longer assume that links within trusted sites are safe. IBM’s research highlights the increase in malicious content placed on trusted sites.
- Be cautious and stay in the driver’s seat. Instead of clicking on a link, copy the URL into a search engine query and look at the results. Does the site have a positive safety rating? Don’t be pulled by links that may or may not take you where you want to go. This is particularly true with ‘shortened’ or ‘mini’ links used on sites like Twitter. If you do now have 100% confidence that the link is going to take you to a legitimate site, look up the material yourself.
What is a Trojan? In technology, a trojan is a term used to describe software that appears to be useful but contains malicious code that enables hackers to access and take over the computer remotely. Once controlled hackers can use the machine for a variety of criminal purposes including stealing identities (e.g. passwords, security codes, credit card information), installing additional malware, downloading or uploading files, deleting or modifying a user’s files, keystroke log the user’s activity, make the computer part of a botnet, and so on.