Introduction to Web Threats: What They Are and Why You Should Care
Over the last 15 years, information security threats have evolved through a series of incarnations. Viruses embedded in downloaded executable files gave way to Macro viruses in document files, followed a few years later by email-delivered threats (e.g., the "I Love You" and "Melissa" viruses). In each case, malware writers sought out the medium that was most used and least protected. Today, a new wave of threats is emerging that uses the Web as a delivery vehicle.
Consistent with the evolution of past threats, Web threats are gaining traction at a time when use of their medium - the Web - is at an all-time high. The Web has become a major engine of commerce, and continues to grow worldwide. Social networking and community sites, such as Myspace and YouTube where users upload and download content, as well as growing regionalized Internet user behavior are important contributors to this Web use.
In recent years, individuals once characterized as hackers, virus writers, spammers, and spyware makers, are now known simply as cyber criminals. These criminals unleash Web threats primarily for reasons of financial gain; their goal is to steal personal and proprietary corporate information. They achieve this by causing infections simply via user visits to targeted Web pages, and subsequently using various stealth techniques to hide on a computer or on the Web. Once in place, the malicious code slowly and surreptitiously steals the user's files as well as consumes CPU power.
Web threats encompass a broad array of threats that originate on the Internet. Using a combination of various files and techniques, rather than a single file or approach, Web threats are sophisticated in their methods. Web threat creators constantly change the version, or variant, used, and generally target specific geographic regions or users of particular websites or at a company. Because the Web threat is stored in the fixed location of a Web site, rather than on an infected user's machine, its code must be constantly modified to avoid detection.
Examples of web threats could include:
- A spam, phishing or targeted email that contains an URL and directs the recipient to a malicious Web site. Once at the malicious site, the recipient may inadvertently download spyware or applications that steal data or information from the computer and send it to a third party.
- A compromised Web site that redirects the visitor to a fake Web site (instead of the legitimate one) to either steal information or expose the visitor to infection. The website may surreptitiously infect the visitor and turn his/her PC into a bot for future spam, phishing and other malware activities.
- A browser rendering exploit in media files (e.g., image, animation, video, and audio files) that downloads malicious files. A PC user might end up with adware that serves criminal interests.
The Web is a relatively unprotected, yet widely and consistently used medium that is crucial to productivity. As a result, information security today requires a new approach to address Web threats. Stay tuned for upcoming articles where we will discuss web threats vs. email threats and the best approaches for protecting yourself from web threats.
