Websense reports 671% increase of malicious websites last year

Mumbai: Websense Security Labs identified a whopping 233 percent growth in the number of malicious sites in the last six months and 671 percent growth in the number of malicious sites during the last year. Websense revealed these findings in its bi-annual research report, Websense Security Labs, State of Internet Security, Q1-Q2, 2009.

 

In the first half of 2009, 77 percent of websites with malicious code were legitimate sites that have been compromised. This high percentage was maintained over the past six months due in part to widespread attacks including Gumblar, Beladen and Nine Ball which aimed to compromise trusted and known Web properties with massive injection campaigns.

 

Web 2.0 sites allowing user-generated content are a top target for cyber criminals and spammers. Websense Defensio technology enabled Websense Security Labs to identify that 95 percent of user-generated comments to blogs, chat rooms and message boards are either spam or malicious.

 

Efforts to self-police Web 2.0 properties have been largely ineffective. Websense research reveals that community-driven security tools used on sites like YouTube and BlogSpot are 65 percent to 75 percent ineffective in protecting web users from objectionable content and security risks.

This dirty web is getting dirtier day by day. 69 percent of all web pages with contents classified as objectionable (ie, sex, adult content, gambling, drugs) also have one malicious link. This is becoming even more pervasive, as 78 percent of new web pages discovered in the first half of 2009 with objectionable content had at least one malicious link.

 

Websense Security Labs found out that 37 percent of malicious web attacks included data-stealing code, demonstrating that attackers are after essential information and data.
The web continues to be the most popular vector for data-stealing attacks. In the first half of 2009 the Websense Security Labs discovered that 57 percent of data-stealing attacks are conducted over the web.

The convergence of blended web and email threats continues to increase. Websense Security Labs reports that 85.6 percent of all unwanted emails in circulation during this period contained links to spam sites and/or malicious websites. In June alone, the total number of emails detected as containing viruses increased 600 percent over the previous month.

 

Every hour, Websense Security Labs ThreatSeeker Network scans more than 40 million websites and 10 million emails for unwanted content and malicious code. Using more than 50 million real-time data collecting systems, ThreatSeeker Network monitors and classifies web, email and data content-providing Websense with unparalleled visibility into the state of content on the Internet and in e-mail.

 

Dan Hubbard, Chief Technology Officer, Websense said, “The last six months have revealed that malicious hackers and fraudsters go where the people are on the web and have heightened their attacks on popular Web 2.0 sites and continued to compromise established, trusted websites in the hope of infecting unsuspecting users. From malicious Twitter spam campaigns and blog comment spam to the massive injection attacks, those perpetrating fraud are exploiting the inherent trust users have of known Web properties and other users.”