- Insider threat looms large in San Francisco
- Woman fired over death threat
- IT admin pleads not guilty
- Tape storage gets more dense
- Top 10 worst uses for Windows
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
How ironic that Google allows you to initiate a Web search by clicking on a button labeled "I'm Feeling Lucky." The button is supposed to take you to the first Web site that turns up in your search. Instead, it just might take you to malware hell.
In a preliminary report issued by Google in early February (see All Your iFrames Point to Us in the Google blog), researchers reveal the depth of the worldwide malware problem and conclude “the scope of the problem is significant.” This isn’t news if you’ve ever have to clean up the mess left behind after a malware infection. But if you’re feeling fairly confident that you do enough to protect yourself and the other users on your network, this report should open your eyes to the real world, and it’s not pretty.
Over a 10 month period spanning most of 2007, Google researchers conducted in-depth analysis of over 66 million URLs. The study focused on the prevalence of “drive-by downloads” – that is, exploits that use browser vulnerabilities and other techniques to automatically download and run malware when you visit a Web site.
Drive-by downloads represent a shift in the methods used by hackers to invade your systems. Not long ago, wide-scale attacks that took aim at overwhelming computing resources were the preferred game plan. Such attacks use a “push” model. As network tools got better at defending against denial-of-service attacks, the bad guys adopted a “pull” model that has users inadvertently downloading unwanted payloads.
Two “pull” techniques are in wide use today. In one, hackers use social engineering to entice trusting users to perform some action that downloads software carrying a payload. For example, clicking on a link to an e-card that turns out to be bogus. Fortunately, end users can be taught to be cautious of such con games.
The second, more ominous method is to automatically deliver the payload when the user lands on a compromised Web page. Worst of all is that landing on a malicious site is often completely out of the hands of the Web surfer, as he may actually be taken there without his knowledge.
This is all attributed to a broad and sophisticated malware distribution network. The report describes it like a tree. The outer branches (Web pages, or “landing sites”) draw unsuspecting Web users into a trunk system (Web servers, or “distribution sites”) that are the root distribution points of the malware. Hackers concentrate on finding ways to expand the number of compromised landing sites that then hop users to the distribution sites where the payload gets delivered.
Intel...I guarantee you will never ever see a customer using Wimax the way it was laid out by Intel 6...- Anonymous
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comment