Do You Think That You Know Where Malware Is Hiding? Think Again

By on October 3, 2013

Everyone knows that you only get malware when you surf shady websites, right? Wrong. In fact, according to information released in June by Google security researchers, most malware comes from legitimate websites that have been hacked, not from suspicious websites set up to deliver malware. In light of this information, having antivirus software has become more relevant now than ever.

Everyone Knows Where You Picked Up That Virus…Or Do They?

You can’t judge an Internet surfer by the malware on his hard drive. Researchers have found that religious and ideological sites now carry far more malware than adult websites. In fact, you may be three times as likely to pick up a worm or Trojan horse on a church blog as you are on an adult site. The webmasters that run adult sites have gotten more seasoned at dealing with Web security.The inexperienced church website builder may produce a site more vulnerable to spam, data breaches or botnet enslavement.

When you click a Google search result link and are directed to the brick red screen, you know that Google has detected suspicious activity on a website. Google’s Safe Browsing program blocks malicious websites every day that distribute malware and phishing attacks to unsuspecting browsers. Google reported that on June 9, Safe Browsing blocked over 3,800 dedicated malware sites. On the same day, it blocked over 39,000 legitimate websites that had been compromised.

When Safe Browsing blocks a URL, it also informs the site’s webmaster that the site has a potential problem. Google’s Safe Browsing reports suggest what many people have suspected for years: Malware is coming from either compromised large company sites or from websites run by unsophisticated webmasters. Big companies may have the resources to fix the problem, but small mom-and-pop sites may not.

TheGen Y Problem

Work habits have changed a lot over the last decade. Now, many people access company data from their personal mobile devices. They may choose to login from home or from a public Wi-Fi hotspot. In some ways, this flexibility is great for businesses and other organizations. In other ways, it has created an IT security nightmare.

Cisco’s 2013 Annual Security Report points out that these problems will only increase as Generation Y (those born roughly between 1980 and 2000) makes up a larger proportion of the workforce. Members of Gen Y are attached to their mobile devices, and they’re embracing BYOD philosophies that combine both personal and corporate information on those devices. In fact, Cisco’s early Connected World Technology Report revealed this information about Gen Y habits:

  • In bed. Every 3 out of 4 Gen Y members check their computers or mobile devices in bed.
  • At the dinner table. Nearly half of Gen Y members check their mobile devices at mealtime.
  • In the bathroom.That’s right. Every 3 out of 4 Gen Y members use computers in the bathroom.
  • On the road. About 20 percent of millennials check their mobile devices in the car.

U.S. Internet users encounter one-third of the world’s malware. Russia takes second place but only deals with 9.79 percent of malware encounters. With a growing portion of the world’s workforce immersed in their devices, today’s IT departments face unprecedented security challenges.

The Democracy of the Web

Consider website construction from the view of a small church or community group. The group wants to get online sooner rather than later and has a long history of relying on volunteer help. A member may volunteer to build a website using free tools and a bare bones hosting provider. The volunteer webmaster can use the drag-and-drop tools, but she knows nothing about security. Everyone is happy when the site emerges after a weekend of work. However, the happiness takes a plunge when computers visiting the site download malware.

Ultimately, the democracy of the Web gives small businesses, eager community groups, rural churches and aspiring bloggers the chance to get online quickly and to compete with bigger organizations. Unfortunately, a democratic Web suffers the same counterbalance as a democratic society. A large degree of openness creates a certain level of vulnerability. If you haven’t set up antivirus software on your computer or mobile device, then you need to do it now. We live in a world in which even legitimate websites aren’t secure.

Smartphone at the pub image from Flickr’s Creative Commons by philcampbell

About the Author: Melissa Cromwell is a content curator in the tech industry. She writes about cyber security and data center infrastructure.

About Simon

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>