Online shopping sites more likely to spread malware than malicious sites: Cisco

Cisco’s “2013 Annual Security Report” points out that online shopping sites are more likely to deliver malware than malicious sites. According to researchers at Cisco, online shopping sites are 21 times more likely to deliver malicious content than counterfeit software sites. The Cisco data clearly states that the notion about malware infections most commonly result from “risky” sites such as counterfeit software is a misconception. The analysis indicates that the vast majority of web malware encounters actually occur via legitimate browsing of mainstream websites. This means, the majority of encounters happen in the places that online users visit the most and think are safe. Further, online advertisements are 182 times as likely to deliver malicious content as pornography sites.

Hack to protest (Image Credit: Getty Images)

Online shopping sites are more malware prone (Image Credit: Getty Images)


Basically, in such cases, malware gets downloaded silently via drive-by download attacks, which means the user hasn’t done anything wrong. "Attackers have no need to attract users to malicious sites," said Mary Landesman, Senior Security Researcher, Cisco. "The Web is a very powerful distribution tool for malware and our analysis shows that the majority of this malware is being distributed through known, reputable, legitimate Websites. That malware may be delivered by compromising the legitimate site, or via third-party advertising or other content providers to the legitimate site."

This report demonstrates how attackers have become increasingly more sophisticated, going after the sites, tools and applications that are least likely to be suspected, and users visit most frequently. Modern threats are capable of infecting mass audiences silently and effectively, not discriminating by industry, business, size or country. Cybercriminals are taking advantage of the rapidly expanding attack surface found in today’s “any-to-any” world where individuals are using any device to access their business network.

Talking about the malware content types, the data indicates that Java exploits comprise 87 percent of total web exploits. With over 3 billion devices running Java, the technology represents a clear way for hackers to scale their attacks across multiple platforms, says the report. It is followed by PDF and Flash, which take the second and third place respectively as content types for malware distribution.

The report also opposes the usual notion that smaller companies are at higher risk. It reveals that large companies with 25,000 or more employees have above 2.5 times the risk of Web malware than smaller companies. The reason is likely to be that larger companies have more high-value intellectual property and that’s why they are the frequent target.

Talking about the spam world, the report reveals that India retains its top spot position as a source of spam worldwide for 2012. The United States has moved to the second place (it was on the sixth spot in 2011). The U.S. is followed by Korea, China and Vietnam in the third, fourth and fifth place, respectively. “Overall, the majority of spammers focus their efforts on creating spam messages that feature the languages spoken by the largest audiences who use email on a regular basis," says the report.

Published Date: Feb 02, 2013 15:23 PM | Updated Date: Feb 02, 2013 15:23 PM