April witnessed a 35% proliferation of internet malware attacks, hitting the biggest sites and the web’s vast “long tail” of smaller websites, according to research by security firm Scansafe
LONDON – Web-based threats from malware - software that is designed to infiltrate or damage computer systems - are “growing exponentially”, with a 35% rise in April alone, according to monthly research by web security firm Scansafe. More than 500,000 high-profile sites such as the United Nations’ website have had their databases targeted by the latest wave of a so-called ‘SQL injection’. Meanwhile an ‘iframe injection’ is misdirecting search queries to malware downloads on a multitude of middle-tier sites that, although relatively small individually, together constitute the ‘long tail’ of the internet.
Searches made on infected sites using popular consumer security software such as McAfee SiteAdvisor failed to flag or block the sites. The research is based on billions of web requests Scansafe logs on behalf of business customers worldwide. The inability of consumer software to deflect such malware attacks is a growing threat both inside and outside the office – as more roaming employees compromise security accessing sensitive corporate material simultaneous to leisure sites.
“It is unlikely we have seen the last of either of these attacks. Given the improved targeting and growing number of compromises, web surfers will want to be increasingly cautious,” says Mary Landesman, a senior security researcher at Scansafe.
More on Regulation
Recent Iosco consultation paper aims to better co-ordinate global regulation
Indian regulators to allow overseas firms to access market but speculation ruled out
Market anticipates an impending regulatory mandate for rupee rates clearing
Is the regulator's goal of trying to be everywhere feasible or even desirable?
Sign up for Risk.net email alerts
Oxford professor David Vines argues that the carrot is as important as the stick
Sponsored webinar: IBM
Watch highlights of this year's London conference
Operational risk and the challenges of defining and dealing with conduct risk
There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.