'Web Security Protection Should Analyse Page Content'

According to new research released from Websense Security Labs, 60 percent of the top 100 most popular websites either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites. The top 100 most popular websites, many of which are social networking, Web 2.0 and search sites, represent the majority of all Web page views and are the most popular target for attackers. With their large user base, good reputations and support for Web 2.0 applications, these sites provide malicious code authors with abundant opportunity.

In the first half of 2008, more than 75 percent of the websites Websense classified as malicious were actually sites with seemingly ‘good’ reputations that had been compromised by attackers. This represents a 50 percent increase from the second half of 2007.

More than 45 percent of the top 100 most popular websites support user-generated content.

Websense Security Labs found that 29 percent of malicious Web attacks included data-stealing code, demonstrating that attackers are after essential information and data.

The convergence of blended Web and e-mail threats continues to increase. Websense Security Labs reports that now more than 76.5 percent of all e-mails in circulation in the past six months contained links to spam sites and/or malicious websites. This represents an 18 percent increase since December 2007.

Websense Security Labs uses the Websense ThreatSeeker Network to discover, classify and monitor global Internet threats and trends. Security researchers use the Internet security intelligence from the system, which includes more than 50 million real-time data collecting systems that parse one billion pieces of content daily, to publish security trends and protect customers.

“Today attackers are overwhelmingly foregoing creating their own malicious sites and targeting legitimate websites that have a built-in base of visitors,” said Dan Hubbard, chief technology officer,
Websense. “There is an element of trust in the Web 2.0 world that the websites we frequent every day are safe, but attackers are taking advantage of the ‘good reputations’ of websites to launch attacks. Most Web security and URL filtering technology today heavily relies on a website’s reputation, but this method is outdated. In terms of security, the URL doesn’t matter anymore – it’s all about the dynamic content that is served up on the page. To safely use the Internet today, organisations need Web security protection that can analyse the content on the Web page in real-time.”