Web Gives Hackers More Territory, ToolsSeptember 28, 2008 – 8:54 AM
As more people become accustomed to Web surfing and downloading software and multimedia, legitimate Web sites have become the favorite targets of hackers.
“The hacking of legitimate Web sites is the biggest threat today,” said David Freer, Symantec’s vice president for consumer business in Asia-Pacific and Japan.
Freer revealed that based on the latest Threat Landscape study made by Norton (Symantec’s manufacturer of security solutions), the Web is emerging as the preferred platform for security attacks and no longer just the users’ PCs.
“The threat landscape is driven by consumer behavior,” Freer said, explaining that since people are accustomed to viewing and downloading multimedia online, many hackers use this to trick users into installing fake codes and setting up applications.
“The exploits focus on Web browser and plug-in vulnerabilities, but attacks based on trickery are emerging as the dominant tactic,” he said. “This means more attacks will be language and service-specific.”
Norton observes that attackers focus heavily on finding Web site flaws since it is much easier than “traditional” vulnerability; and that research and patch times are much lower — only 4% of the vulnerabilities for the second half of 2007 were patched as of March 2008.
“We observe 10,000 unique attacking domains (Web sites) daily and 1,500 of these have not been seen attacking users previously,” Freer said.