How are companies removing malware from blogs?
What are most companies doing today to protect against malware intrusion that may be picked up from blogs on sites like Blogspot? Are companies blocking those sites completely, or are they using tools that stop intrusions? Some here are upset that our company took away access to Blogspot, but I understand the need to protect the company from malware.
Most companies aren't doing anything at all. This usually is the result of an organization wanting an open and fun work environment. Unfortunately, many companies still believe that attacks originate from the outside and target their internal systems. But as we continue to learn with new threat vectors like cross-site request forgery
and cross-site scripting
, attackers can do well by simply posting malicious content on the Web and waiting for an unsuspecting user to surf to it. The best way to handle attacks originating from blog sites is to block access to them completely.
But remember, blog sites are not the only ones susceptible to these types of threats. Social networking sites like Facebook and MySpace can serve malicious content in the form of advertisements. Even sites like MLB.com have been victims of Flash-based malware. Blog access is ultimately a risk-based decision. If the majority of attacks against your environment originate from blog sites, blocking access is a good first step.
This was first published in February 2009