Websense revealed the findings from its bi-annual research report. Its security labs identified a 233 percent growth in the number of malicious sites in the last six months and 671 percent growth in the number of malicious sites during the last year.
In the first half of 2009, 77 percent of Web sites with malicious code are legitimate sites that have been compromised. This high percentage was maintained over the past six months due in part to widespread attacks including Gumblar, Beladen and Nine Ball which aimed to compromise trusted and known Web properties with massive injection campaigns.
According to the report, efforts to self police Web 2.0 properties have been largely ineffective...
Websense Security Labs report - State of Internet Security, Q1-Q2 2009
The first half of 2009 saw a number of big exploits and an escalation of attacks using the dynamic elements of popular Web 2.0 sites to infect users’ computers and perpetrate fraud. Additionally, the Websense Security Labs found a massive increase in the number of malicious sites which increased 233 percent over the six month period.
Attackers continued to use blended threats (spam emails with embedded URLs) to lure victims to spam and malicious Web sites with 85.6 percent of all unwanted emails in circulation during this period containing links to spam sites and/or malicious Web sites. The rise of blended threats illustrates that Web security intelligence is a critical component of any email and data security strategy.
Today’s threats are leading to the Web, whether as the vector of the attack or simply the route in which stolen, confidential data is transmitted. Further underscoring the growth of the Web as the primary threat vector, during the first half of 2009 Websense Security Labs discovered:
Attackers continued to use blended threats (spam emails with embedded URLs) to lure victims to spam and malicious Web sites with 85.6 percent of all unwanted emails in circulation during this period containing links to spam sites and/or malicious Web sites. The rise of blended threats illustrates that Web security intelligence is a critical component of any email and data security strategy.
Today’s threats are leading to the Web, whether as the vector of the attack or simply the route in which stolen, confidential data is transmitted. Further underscoring the growth of the Web as the primary threat vector, during the first half of 2009 Websense Security Labs discovered:
- 233% growth in the number of malicious sites in the last six months and a 671% growth during the last year.
- 77% of Web sites with malicious code are legitimate sites that have been compromised.
- 95% of comments to blogs, chat rooms and message boards are spam or malicious.
- 57% of data-stealing attacks are conducted over the Web.
- 85.6% of all unwanted emails in circulation contained links to spam sites and/or malicious Web sites.
- 77% of Web sites with malicious code are legitimate sites that have been compromised.
- 95% of comments to blogs, chat rooms and message boards are spam or malicious.
- 57% of data-stealing attacks are conducted over the Web.
- 85.6% of all unwanted emails in circulation contained links to spam sites and/or malicious Web sites.
These discoveries, along with details on other exploits and analysis of Web, email and data security trends during the first half of 2009 are explored in the Websense Security Labs “State of Internet Security” report.
The full report is available here: www.websense.com/downloadthreatreport
An archived Webcast presentation about the report can be found here: http://www.websense.com/content/ProductResources.aspx
Watch the video overview of the findings below, or by clicking here: http://www.youtube.com/watch?v=BNu1TXNYArI