/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBALI, INDONESIA: Cyber-criminals are now heading towards legitimate websites and services to launch more of their attacks, says a report from Blue Coat Systems.
Blue Coat systems recently launched the 2011 Annual Web Security Report that examines web behaviour and the malware trends that users are frequently exposed to.
The report analyses web requests from Blue Coat WebPulse service, which every week rates about three billion request in real-time, in order to provide a comprehensive overview of the changing ways in which people are using the Internet and latest methods of cybercrime.
Jonathan Andersen, director, product and solution marketing, Asia Pacific, Blue Coat said, “The 2011 Internet web security report focuses on Internet threats faced by individual users. Cyber-criminals are now targeting organizations with highly secured applications.”
He added that cyber-criminals are hacking and compromising legitimate sites, which have sound security reputation, to launch their attacks. Instead of using free domains or sites that are known to host questionable content, attackers are taking the time to co-opt trusted sites in order to host malware and other malicious content.
The report added that the strategy was clearly evident in cloud applications, such as online storage and sites, that encouraged user content. It added that the online storage services were the second most likely sites to be hosting malware in 2010.
The number of new online storage sites hosting malware increased by 13 per cent, while open content sites hosting malware increased by 29 per cent.
The report said that more users switched to personal pages, blogs, chat and instant messaging to keep up with each other. While e-mail remained the fourth popular communication platform, web-mail dropped to 17 in the list. A number of Trojans were found on free online storage site Rapidshare in December.
It also added that the increased preference for social networking coincided with the rise of social networking sites being used as an attack vector.
Andersen added that the top web attacks of the previous year were fake anti-virus software, fake updates, and 'malvertising'.
Phishing attempts on social networking sites such as Facebook, MySpace and Twitter, and click-jacking attacks were the most common attacks in 2010. (Click jacking refers to tricking users to clicking on malicious content unintentionally.)
The best malware protection systems employ dynamic defense techniques that can detect and analyse unknown content, processes and behaviour, BlueCoat said.
Andersen said, “Web behaviour was less about personal fulfillment and more about business in 2010. There was a significant decline in people accessing contents, which Blue Coat categorized as dating/personals or adult content. However, there was a significant uptake in audio, video, news, and reference materials.”
The report produced a comprehensive overview of the way people use Internet and the new techniques cyber-criminals used to attack targets.
Steve Daheb, chief marketing officer, Blue Coat Systems, said, “Today, dynamic web links are the most powerful tool that cyber-criminals have. Moreover, static web ratings that require update cycle are too slow when the bad guys can harvest users within minutes.”
He added that only a real time defense, such as Blue Coat WebPulse service that can dynamically rate content and follow multi-staged malware attacks from beginning to end, will be able to protect users.
(The Author was hosted by Blue Coat in Bali, Indonesia)