Symantec report reveals attacks on trusted Web sites

Workgroup’s dedicated Symantec division has released the findings of Symantec’s most recent Internet Security Threat Report (ISTR), which concludes that
the Web is now the primary conduit of attack activity, as opposed to network attacks, and that online users can be infected simply by visiting everyday Web sites.
“The report, derived from data collected by millions of Internet sensors, first-hand research and active monitoring of hacker communications, provides a global view of the state of Internet security” says Grant van Eck, Symantec product manager at Workgroup.

“In the past, users had to visit intentionally malicious sites or click on malicious email attachments to become a victim of a security
threat,”he adds. “Today, hackers are compromising legitimate Webv sites and using them as a distribution medium to attack home and
enterprise computers with particular focus on sites that are likely to be trusted by end users, such as social networking sites.”

According to Symantec’s report, attackers are leveraging site-specific vulnerabilities that can then be used as a means for launching other attacks. During the last six months of 2007, there were 11 253 site specific cross-site scripting vulnerabilities reported on the Internet, each representing vulnerabilities in individual Web sites.

However, only 473 of them had been patched by the administrator of the affected site during the same period, representing an enormous window of opportunity for hackers looking to launch attacks. Phishing also continue to be a problem, says Van Eck.

Workgroup.