Every 3.6 seconds a website is infected
Approximately 23,500 infected webpages are discovered every day – that's a new one every 3.6 seconds, according to Sophos' recently released July security threat report. That infection rate is faster than in 2008, during which the first half of that year saw a newly infected website being identified every 4.5 seconds, Richard Wang, manager, Sophos Labs U.S. told SCMagazineUS.com on Tuesday.
“Compromised sites are the threat that people are most likely to encounter,” Wang said.
Over the past few months, security firms have frequently warned about a number of the mass-compromise attacks, such as Gumblar, Belanden or Nine-Ball, all of which were said to have compromised tens of thousands of legitimate sites by injecting them with malicious code that redirects users to malware.
Another increasingly worrisome problem for organizations are threats originating from social networks, according to the report. Going forward, cybercriminals will continue to try out different techniques utilizing Web 2.0 technology, such as writing code that works across social networks, Wang said. Recently, one piece of malware distributed through Facebook was designed to steal Twitter credentials. It then aimed to send posts from compromised Twitter accounts directing users to malicious websites, Wang said. According to the report, a quarter of businesses have already been victims of spam, phishing or malware attacks propagated on social networking sites like Twitter, Facebook, Myspace and LinkedIn.
“IT departments have been saying for years, 'don't click on spam and open attachments,' but haven't gotten across that social networks can also be sources of potentially dangerous material,” Wang said.
In addition, social networking sites themselves are to blame for this trend, having grown quickly without putting adequate security in place to keep users secure, Graham Cluley, Sophos' senior technology consultant, told SCMagazineUS.com on Wednesday.
“They have very successfully gathered a huge audience, but they are not necessarily keeping them safe,” Cluley said.
Cluley recommended that social networking sites now must do their part by focusing more on security. He said they should be scanning messages sent between social networking users to determine if they are spam. Also, these organizations should analyze traffic for suspicious behavior – if hundreds of Tweets all say the exact same thing, for example, they may have been posted by compromised accounts.
Besides leveraging Web 2.0 technologies and compromising websites, malware authors have also been diligently writing new exploits during the past six months. Currently 22.5 million identified malware samples are in existence – an all time high, Wang said. Twelve months ago, there were only 12. 3 million samples total, he added.
“In the last 12 months the criminals and hackers have written as much malicious software as the total of all the years up to that combined,” Wang said.
In addition, 40,000 new suspicious files are examined every day in Sophos' Lab, the report states.