Page last updated at 08:47 GMT, Wednesday, 17 June 2009 09:47 UK

Legit websites face malware hits

By Maggie Shiels
Technology reporter, BBC News, Silicon Valley

Attacks are now more automated, targeting millions of sites

Legitimate websites are a growing frontier for malware attacks with over ten million pages affected every year.

Security start-up Dasient claimed the threat has risen as more people create their own websites and blogs without proper built-in security protocols.

Anyone opening an infected page could have the malware downloaded to their computer without even realising it.

"There's a real and present danger of the web being seriously compromised," said Dasient co-founder Neil Daswani.

"This emerging threat is becoming very real and is already affecting millions and millions of websites. 30,000 web pages are affected every day according to the likes of Microsoft and the security firm Sophos," said Mr Daswani who was a senior security engineer at Google.

"Attack waves"

Dasient said the growing problem is not just down to inexperienced web masters or those trying to save on security measures.

"Today's sophisticated web is much more complex than in the past with richer functionality, third party widgets, video, new sources of content from other places like mash-ups and user generated content.

Discarded computers, AP
Web based attacks have increased 600% over the last two years

"All these increase the attack surface and the vulnerability for attacks," said Dasient's Ameet Ranadive a former strategy consultant at McKinsey.

He also pointed to the fact that hackers are much more automated in their approach giving them the ability to cause more chaos and harm.

"In the past they might have targeted one particular website to launch an attack but now they are going after tens of thousands of websites in these aggressive attack waves," said Mr Ranadive.

Sounding a word of caution is, which is made up of academic institutions, technology industry leaders and volunteers who are all committed to protecting the internet and computer users from the threats caused by bad software.

Google, PayPal, AOL and VeriSign are all members.

"There has been rapid growth in these type of attacks and web based distribution is one of the main ways malware is getting around today," agreed manager Maxim Weinstein.

"The fact however that a given website contains malware does not necessarily mean every user to that site is going to get infected.

"That malware may require a user to click onto something or exploit a vulnerability on that persons web browser or target a particular operating system," he said.

Red screen

Dasient said that, as this problems escalates so does the harm to those trying to do business on the web.

Companies such as Google, Yahoo and Firefox track infected websites and blacklist them by restricting access. When a user clicks on a compromised page, an alert will pop up known as the "red screen of death" warning of the dangers of going to the site.

Being blacklisted by the likes of Firefox or Google can affect business

Mr Daswani said that in many cases companies running legitimate websites have no idea they have been hit by hackers.

"80% of websites hosting malicious software are legitimate and many only find out when a customer tries to log onto the site and can't.

"When a website is infected it can be hard to locate the exact whereabouts of the infection and clean it up. And even if they remove some of the malicious code, the bad guys can re-infect them a couple of days later."

Dasient, which has developed a web-based anti-malware service that prevents blacklisting, said its clients have in the past paid dearly.

"We have customers telling us they have lost thousands of dollars by being blacklisted and others saying traffic to their site dropped 95%-98% while on the blacklist," said Mr Ranadive.

The web's reputation is in danger thinks Mr Weinstein.

"At the extreme, the doomsday scenario is very much a case of people losing trust in the web as a secure platform for business and financial transactions," he said.

"If it's to the point of malware spreading too rampantly, even sources of information will be affected. That's an extreme view and I think a lot is being done to ensure that doesn't happen and to ensure we protect the web and its openness and ability to let people experiment and do new things."

Mr Weinstein suggested a more co-ordinated industry approach was needed to crack the problem.

"One of the real keys to solving this is that the good guys need to co-operate and share information, share data and communicate with one another more rapidly because we know the bad guys are doing those things.

"We need to make sure we are doing it as well and better than the bad guys," he said.

Print Sponsor

US ramps up cybersecurity focus
23 Apr 09 |  Technology
Computer viruses hit one million
10 Apr 08 |  Technology
The battle against the botnet hordes
21 Feb 08 |  Technology
Israel and foes in internet war
15 Jun 09 |  Middle East
Microsoft bounty for worm creator
13 Feb 09 |  Technology
Behind the scenes of Firefox 3.0
17 Jun 08 |  Technology

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Americas Africa Europe Middle East South Asia Asia Pacific