Networking

08:00 AM
Connect Directly
RSS
E-Mail
50%
50%

Blue Coat Study Shows Malware Now Targets 'Trusted Sites'

An annual report on Web security from software provider Blue Coat that was released on Wednesday says that cyber criminals are launching more focused attacks and are targeting trusted sites to distribute malware, viruses and other threats. The author of the 2010 Blue Coat Annual Web Security Report also says that some Web-delivered applications that are used by businesses are at risk of malware if an attacker thinks there are valuable assets to be stolen by getting onto the corporate network.

An annual report on Web security from software provider Blue Coat that was released on Wednesday says that cyber criminals are launching more focused attacks and are targeting trusted sites to distribute malware, viruses and other threats. The author of the 2010 Blue Coat Annual Web Security Report also says that some Web-delivered applications that are used by businesses are at risk of malware if an attacker thinks there are valuable assets to be stolen by getting onto the corporate network.

The Blue Coat report focuses largely on threats that affect all Internet users, from malware delivered through fake ads for antivirus software, celebrity photos and pornography. Tom Clare of Blue Coat notes that when the popular movie "The Twilight Saga: Eclipse" came to theaters in June 2010, about two dozen sites popped up offering links to pirated copies of the film, most likely malware sites.

But the threats continue for businesses, too, Clare adds. As companies increasingly turn to delivering business applications to employees through a Web browser instead of a traditional client-server architecture, they need to guard against malware attacks through that browser, though not in all cases.

If the application requires a high level of authentication to log onto, or is focused on a narrow group of users in a narrow subject, it wouldn't be of much interest to cyber criminals, he says. But if the application is deemed of high interest, the risk is greater.

"If it's the [U.S.] Department of Energy and I'm interested in getting inside the Department of Energy and I found a Web app that's hosted by the Department of Energy, if that's my attack target and I'm financially motivated to get inside that network, then I'm very interested in it. And, yes, these Web apps are easy to break into," Clare says. A hacker could monitor people logging onto the site, see their credentials and use them for their own access to the network.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Cartoon
Hot Topics
4
IT Certification's Top 10 Benefits
Global Knowledge, Global Knowledge,  8/20/2014
White Papers
Register for Network Computing Newsletters
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Slideshows
Twitter Feed