Menu
Cybercriminals use legitimate sites to launch attacks: Websense

Cybercriminals use legitimate sites to launch attacks: Websense

Report finds 85 per cent of malicious links in web or email attacks on legitimate websites

Cybercriminals are overwhelmingly using legitimate compromised websites to launch web or email attacks, according to the Websense Security Labs 2014 Threat report.

The report found 85 per cent of malicious links used in web or email attacks were located on compromised legitimate websites and details the growing global criminal-infrastructure-as-a-service economy through exploit kits and redirection chains.

Through an analysis of the latest attack methodology, Websense security researchers analyse the seven threat stages of advanced attacks. In addition, outcomes include the modification and repurposing of existing malware source code.

The report also found the average number of website redirects user per attack in 203 was four, while the maximum number of redirects used in a documented attack was 20.

Websites classified as business and economy, information technology, shopping and travel made the top ten list of compromised redirect destination categories.

The Magnitude and Neutrino exploit kits experienced the largest surge in adoption following the arrest of Blackhole’s creator, according to the report.

While 30 per cent of malicious executable files sampled included custom encryption of command and control communication or data exfiltration

Websense vice president of security research, Charles Renert, said cybercriminals continued to evolve their attack planning and execution to stay ahead of most existing security measures.

“While the determined, persistent attackers continue to have success in advanced, strategic attacks using zero-day exploits and advanced malware, there has also been a boom in cyber criminal activity on a massive scale,” he said.

“Even these more ‘common’ forms of attack are easily slipping past organisations without real-time defenses.”

The report also documents how the infrastructure of an attack campaign is constantly developed, enhanced and reused throughout the entire threat life cycle.

To avoid detection when reusing components in subsequent attacks, criminals are increasingly taking an approach that involves modification and modulation of existing attack tools.

Often, this means choosing to take advantage of a specific strength of a particular piece of malware to target new industries.

Websense security researchers observed the Zeus malware, which was originally designed as a financial threat and keylogging Trojan, dramatically increased in use as it was repurposed for other vertical markets.

According to the report, in the past year, the government and communications industries joined financial firms among the top five verticals targeted with Zeus malware.

The top two industries hit hardest with Zeus attacks were the services and manufacturing sectors.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags zero-day exploitsWebsense vice president of security researchZeus malwareMagnitude and Neutrino Exploit KitsBlackholeCharles RenertWebsense Security Labs 2014 Threat report

Featured

Slideshows

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Examining the changing job scene in the Kiwi channel

Examining the changing job scene in the Kiwi channel

Typically, the New Year brings new opportunities for personnel within the Kiwi channel. 2017 started no differently, with a host of appointments, departures and reshuffles across vendor, distributor and reseller businesses. As a result, the job scene across New Zealand has changed - here’s a run down of who is working where in the year ahead…

Examining the changing job scene in the Kiwi channel
​What are the top 10 tech trends for New Zealand in 2017?

​What are the top 10 tech trends for New Zealand in 2017?

Digital Transformation (DX) has been a critical topic for business over the last few years and IDC is now predicting a step change as DX reaches macroeconomic levels. By 2020 a DX economy will emerge and it will become the core of what New Zealand industries focus on. From the board level through to the C-Suite, Kiwi organisations must be prepared to think and act digital when the DX economy emerges in 2017.

​What are the top 10 tech trends for New Zealand in 2017?
Show Comments