Thursday, 10 April 2008
IronPort Bolsters Web Reputation Filters |
| |
|
| |
Threat analysts at IronPort and Cisco have observed that the Web is increasingly becoming the preferred method of malware distribution. As a result, corporations face even more sophisticated malware threats from a variety of entry points and coordinated cross-protocol attacks.
According to industry estimates, between 2 percent and 10 percent of websites are malicious, a staggering amount of exposure for today's businesses. The malware and spyware delivered by these sites can result in a loss of confidential information, system and network downtime, reduced employee productivity and higher customer support costs.
On the other hand, one of the fastest vectors of Web-based threats are compromised hosts (known as botsites) that follow instructions from a command-and-control network (known as botnets).
Spreading via recruiting email and spam, malicious botsites self-propagate through their own established peer-to-peer networks. The botnets coordinate with each other to create spam with infected landing pages. This botnet or botsite system represents an intelligent malware distribution platform that is reusable and self-defending. Industry estimates point to at least 7 percent of the computers connected to the Internet (75 to 100 million machines) being part of some botnet or botsite system.
Tom Gillis, vice president of marketing for IronPort Systems said that single botnet can produce thousands of malware-laden botsites that are active for anywhere from a few minutes to a few hours. "The only effective defense is a Web reputation service that can detect the underlying deception and filter the sites out proactively," Gillis adds.
|
| |
|
|
| |
|
|
| |
|
|
| |
|
