By Ellen Kurr on May 9, 2013 /
Blog, Security /
Leave a comment
Tags:
antivirus,
AtNetPlus,
AtNetPlus Buzz,
Byron Acohido,
Computer Virus,
drive-by downloads,
Ellen Kurr,
Malware,
network infection,
Palo Alto Networks,
Security,
server side infections,
site custodian,
USA Today,
web browsing,
web server infections
We’ve been talking about website security for several months. As it became clear to us that the bad guys were favoring web server infections as their tool of choice, we introduced ‘Site Custodian’ to help protect the websites we host from the spread of malicious code.
New research from Palo Alto Networks, which was recently written about by Byron Acohido of USA TODAY, validates our concerns and suggests that most of the Malware that is making it into corporate networks is deposited via ‘drive-by downloads.’
A ‘drive-by download’ means that your computer (and likely your company’s network, if you’re connected to it) becomes infected simply by visiting a webpage that has been compromised. You no longer have to actively download anything, and reputable sites may be contaminated.
Over a 3 month time period, researchers at Palo Alto Networks analyzed Internet traffic coming through their clients’ networks. From that data, they discovered that 90% of the Malware got in through web-browsing while only 6% came from tainted emails. That’s a tremendous shift from just a couple of years ago.
The even scarier part of this phenomenon is that these website infections are harder to detect. On average it takes 4 times longer for website contamination to be discovered than it does for a typical email based infection to be found. Plus, current antivirus software cannot block this type of infection. That doesn’t mean that you are helpless to stop malicious code injections. It does mean that it’s up to you to protect your website and your customers. Our advice?
- Understand that you are responsible for keeping your site free of infection. Websites are no longer a build it and forget it proposition – routine maintenance is required and has a cost.
- Follow up with your website developer to ensure that the platform/content management system (CMS) on which your site is built is being updated, maintained, and that known security holes are plugged.
- Talk to the company hosting your site to ensure that the server on which your site resides is ‘hardened’ for security and the operating system is up-to-date.
- Ask your web developer and hosting company about their policies regarding blacklisting and malware removal.
- Ask your hosting company if they use a tool like Site Custodian* to monitor your site for malicious code injections and how infections are scrubbed once they’ve been detected.
*Site Custodian is a subscription based service we offer that will monitor your website for infection, alert us to suspicious code injections, and scrub your site should the worst happen. Contact us for more info.
We don’t have to let the bad guys win. As with almost everything security related in IT, a little education and a few preventative steps today will pay off immeasurably in the long run.
Recent Comments