News Stay informed about the latest enterprise technology news and product updates.

Look how far we’ve come

Once upon a time, it was fairly simple for security researchers to identify and eliminate phishing sites or sites hosting malware. Most of them were hosted on sketchy domains, often in countries such as Brazil, Russia or the Czech Republic. If researchers couldn’t get the owner of the domain to take the site down, they could usually isolate it and divert traffic away from it. But these days, most of the sites that host rootkits, Trojans and other malware are otherwise-legitimate sites that have been compromised. Once an attacker has compromised the server on which a site is hosted, he can park whatever malware he wants on the server and then serve up to ignorant users through browser exploits.

This has been going on for some time, but now researchers at Sophos say they’re seeing about 6,000 new compromises of this kind every day. That’s a fairly obscene number and it doesn’t paint a very flattering picture of the state of Web server security at these sites. And with that kind of volume it’s all but impossible to notify all of the site owners about the compromises. So instead, it’s apparently up to the users, as usual, to protect themselves from all of this. Why does that sound so familiar…

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.