Glaswegian

"The Internet has finally taken on the characteristics of the Wild West where no one is to be trusted," said Sukhdev Singh, senior security consultant and regional X-Force expert, IBM Internet security systems, IBM ASEAN.

He was referring to the results of the tech giant's X-Force 2009 Mid-Year Trend and Risk Report. The report found that there has been a 508 per cent increase in the number of new malicious Web links discovered in the first half of this year. This problem is no longer limited to malicious domains or untrusted websites. The report notes an increase in malicious content on trusted sites, including popular search engines, blogs, bulletin boards, personal websites, online magazines and mainstream news sites.

"Safe browsing does not exist in today's cyberspace; neither is it only the red light district sites, such as gambling and pornographic sites, that are responsible for malware," Sukhdev added. "Search engines and social media websites like blogs and bulletins are also top categories of websites compromised now. We've reached a point where every website should be viewed as suspicious and every user is at risk. The threat convergence of the Web ecosystem is creating a perfect storm of criminal activity."


Insecure Web applications

Web security is no longer just a browser or client-side issue; criminals are leveraging insecure Web applications to target the users of legitimate websites. The X-Force report found a significant rise in Web application attacks with the intent to steal and manipulate data and take command and control of infected computers.

On taking responsibility, Sukhdev points to application developers, not the operating system or Web server vendors, for allowing their codes to be easily compromised. "Web application developers are not doing the necessary pre-release code checks," he said.


http://news.techworld.com/security/3...ltant/?olo=rss