Dynamic Business

Dynamic Business Magazine – Articles from Australia
Reporting is the key to the success of any business, whether it be staff, finance or product. Colette Hayman... read more
saas-hype-help1

Email to a Friend
| September 29, 2009
Comments | None

Understanding web-based attacks

No safe haven

When web threats first started to appear, there were simple actions web users could take to reduce the likelihood of malware infection. For example, web users could avoid dubious corners of the internet, such as pornography sites, sites offering illicit software, music and movie downloads.

Today, there are still many websites set up purely with malicious intent. These are commonly advertised to potential victims in spam, spIM (spam over Instant Messenger), blogs and social networking pages.

Attackers can place malicious files on perfectly legitimate sites. Visitors to a legitimate site can also be redirected to another site where malware is embedded. Another option is when the attacker adds scripts to a legitimate site. These then automatically download malicious files from elsewhere. An even bolder technique is known as ‘clickjacking’. Here, the attacker alters what happens when a button or link is clicked on, with malicious code being executed instead of the proper function.

So why is it now comparatively easy for the bad guys to subvert reputable websites in this way?

Many websites harness multiple media types. Scripts, plugins, databases, other sites/servers may contribute to a website’s overall content. Not all of them may necessarily be under the control of the site’s owners.

A website can consist of up to 200 components. It only takes one of these to be compromised for a visitor to download malware onto their machine. Such a component could go unnoticed for some time. It’s usually the Internet security community that spots them first and alerts legitimate websites that they’re serving up malware.

Attackers prey on the all-too-widespread belief that legitimate sites are ‘safe to surf’. They can do this by registering domains that look very similar but are not identical to legitimate sites – a technique known as ‘typo-squatting’. In doing so, they hope users won’t notice that the URL they’re following is not quite what it seems and leads to an infected website.

Defending your business

For any business, the web represents a potential minefield. Nothing can be assumed to be ‘safe’. Without effective security in place, any organisation could find its operations fundamentally – and perhaps even critically – compromised. Indeed, it could unknowingly find its machines not just become infected but also play a role in espionage, extortion and other serious criminal activities.

What are you doing to make sure your company isn’t at risk?

- Andrew Gordon is the MessageLabs senior manager for enterprise and partner services (www.messagelabs.com.au)

People who read this, also liked:
10 ways to protect your business online
The cost of not protecting business data

Pages: 1 2

Related Articles

Comment



Need a Gravatar (the image next to your comments)? Visit Gravatar.com