All the latest UK technology news, reviews and analysis
|
|
|
09 Dec 2008
Web site owners should accept more responsibility for securing their sites against attack, as Sophos has revealed today that it identified one new infected web page every four and a half seconds during 2008.
The security vendor's annual Security Threat Report found that many sources of infection are caused by legitimate sites being hacked, often via the increasingly popular SQL injection attack in which malicious code is inserted into the database running a site.
Better patching and hardened web code will remove some of the risks, argued Sophos senior technology consultant Graham Cluley.
"Nowadays if you're running a web site of any size you're effectively a software publisher, because you're putting up things, perhaps in PHP, which may have vulnerabilities in them," he said.
"You must ensure that you take responsibility. You have to think differently if you're in e-commerce now."
Sophos also reported a five-fold increase in malicious email attachments during 2008, and predicted that hackers would increasingly attach " booby-trapped" versions of non-executable files like PDFs and Word documents, because users are more likely to open them.
Sophos also "named and shamed" the US for being the number-one host of malware, at 37 per cent, and being home to the largest number of spam-sending PCs.
"When the internet community gets together [as with McColo] things seem to get better for all of us," he said. "But the main problem is the home user population [in the US] is poorly protected, so we need better education of home users and businesses."
Latest stories from Web
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Our global consultancy client currently seeks a number...
Support Analyst x 1/2 Skills: Apple Mac OSX, Windows...
Network Consultant - London - 55-65k My client are...
A leading global provider of critical information to...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Consumers and Business commerce alike
This is not only a problem for consumers as, in the modern economy, the vast majority of an organisation?s transactions are web-based at some point, whether directly or indirectly. Organisations are naïve to think that their business partners? websites are safe. As the article discusses, any malware planted there turns a trusted website into a harmful portal. The infection of benign code from legitimate websites will be one of the the biggest IT security threats of 2009. In addition to checking code for their own sites, a healthy New Year?s resolution for organisations would be to conduct a vulnerability assessment and to protect the perimeters of their network ? inbound and outbound, so that such attacks can be detected and stopped. By Martin Blackhurst, Product Manager, Redstone Managed Solutions
Posted by: Martin Blackhurst 23 Dec 2008