Just because a Web site has been around a while and has enjoyed a solid reputation, it cannot be assumed that the site is safe to surf. A case in point: it was recently found that 58 of the Web sites ranked among Alexa’s most popular sites have served up drive-by download exploits in the month of February.
Though the sites might be consumer oriented, as we all know with the “always on” world that we live in, what is viewed at home using mobile or laptop devices can easily be brought into the workplace network. And of course there’s also employees using company resources, on company time, to do some personal Web browsing. So here is one more case to share with employees as part of awareness training.
This conversation started during RSA conference last month with an interesting discussion with Paul Judge, chief research officer and head of Barracuda Labs. Judge shared with me some early findings that are expected to publish on April 2. The folks at Barracuda Labs have intentionally been mimicking typical Web browsing behavior to review the most popular Web sites as listed by Alexa Internet, Inc, which offers information about Web sites including top sites, Internet traffic stats and the like.
At this point, thanks to user education programs, many users are aware of certain site types to avoid. But infections in today’s Web are not so easily avoided, because cyber bad guys are infiltrating sites that are otherwise trustworthy. This is not necessarily new, as legitimate sites have been targeted and taken hostage over the last few years. But it seems that the practice of infecting “good” sites may be growing. Judge notes that of the Alexa sites the Labs found hosting malicious content, nearly half (43 percent) of the infected sites were hosted here in the U.S.
From the investigation that Barracuda Labs conducted, it also appears that while the malicious content is not served up each day, it is served in an almost continuous on-going fashion. For a quick glimpse of which sites were found to host, and other interesting details, take a look at Barracuda Labs’ research infographic.
↧
Popular Web Sites Found to Host Malicious Content
↧