Web Surfers Beware: Legitimate Web Sites Can Be Dangerous

The biggest threat to computer security from the outside world has to this point been mostly via email. Poorly trained employees and individuals who open emails and/or attachments without thinking expose their computers and possibly office networks to viruses, trojans, spyware and scumware. Just when education of end users was starting to sink it, we now discover there’s a more pernicious threat.

Google just released a report entitled The Ghost in the Browser: Analysis of Web-based Malware, in which they reveal the results of their analysis of in-depth research of 4.5 million web sites. They found that about one in 10 web pages could successfully download a Trojan horse virus onto a visitor’s computer.

But wait, you say, you don’t go to those disreputable unsavory sites where this is likely to happen. You’re safe, right? Oh, if only it were so simple. Seventy percent of web pages hosting rogue software are found on legitimate sites that have been targeted by hackers, according to security company Sophos. In fact, an average of 8,000 new URLs containing malicious software emerged each week during April.

So what does that mean to you and your firm?

1) Definitely don’t stop the educational process about how to be smart with email. That means making sure all employees know about not opening emails from unknown sources, and definitely not opening attachments when unexpected, even if the source seems known. Because those socially engineered landmines aren’t going away any time soon.

2) Definitely keep your anti-virus subscription current. That not only means updating your definitions at least once each day — mine updates hourly to help me limit exposure to zero day attacks — but also updating the anti-virus software regularly. Many do not include the automatic update notification features for the software engine. That means you need to calendar a visit to their site once a month for a minute just to make sure your software is still current.

3) Definitely use and keep current your firewall software. I recommend a hardware/software combination, e.g. firewall software built into a high quality router.

4) Definitely obtain and keep current a high quality anti-spyware / scumware software package.

This is not an issue which can be avoided simply by restricting what sites you or your employees may visit. Because at any time a legitimate site you need may become compromised by hackers without the knowledge of the site owner. And your next visit may leave your system compromised.

So you now have to redouble your efforts to fortify your own defenses internally, at the firewall, on your server, and at your email gateway. This is not an area for a do-it-yourselfer, folks. And it may not even be appropriate to leave it to your “normal” network or computer repair person/company. Spend a few dollars now to bring in a higher level expert to give you a “second opinion” by conducting a security audit and identifying areas of your network infrastructure which can be made more secure, without becoming Fort Knox.

Oh Ellen, you’re thinking, why are you so eager to spend my money? Well, let’s do the math. Take a look at some of my previous posts regarding the average cost of restoring your system if it becomes compromised. They don’t even take into account the actual costs associated with possible identity theft, nor the ethical or business implications of the exposure of client data, and a resulting need to notify clients of a security breach.

Here are just a few previous posts you may want to revisit:

How Much is Too Much? Where Malware is Concerned, the Sky is the Limit
Average Cost is $97,000 to Clean Infected PCs From Zotob Worm
More Statistics on Internet Threats Released


To return to the main page of the blog, click here. To return to the blog Index, click here.

WordPress Themes