You’re two clicks from malicious content

Users are more susceptible to malicious links and malware while searching the latest breaking news buzz words than they are surfing for pornography, according to a new Websense Inc. report.

The San Diego, Calif.-based security firm said it conducted an analysis on how many users are within two clicks of malicious links and content. Websense found that about 70 per cent of the top news and media sites, 70 per cent of the most popular forums, and 50 per cent of the top social networking sites are all within two clicks of malicious content.

“IT managers think objectionable content increases the changes of getting infected,” said Charles Renert, senior security research director at Websense. “That’s reasonably well known. But actually, the more popular a site gets, the worse it gets.”

Renert said Websense also conducted “one link” and “double link” analysis on the thousands of high traffic sites. One link analysis covers the results of a search and the links that search yields, while two link analysis takes things one step further and inspects the links contained on the pages in the search.

Using one link analysis, Websense found that 21 per cent of adult content sites contained at least one malicious link, while the same was true for 22 per cent of entertainment sites.

But two link analysis found that 53 per cent of entertainment sites contained one or more malicious links compared with only 28 per cent of sexual content sites.

Additionally, Websense found that searches for trending topics increased from 14 per cent of all searches in early 2010 to 22 per cent just three months later. In one cited example, 25 per cent of the results from a search for “World Cup 2012” contained malicious content.

The research firm also found that 62 per cent of gaming-related sites, 23 per cent of blogs and 23 per cent of message boards that were surveyed in the study contained some kind of malicious link.

When it comes to social networks, Renert said, the threats will only get more widespread in the future. About 40 per cent of Facebook status updates contain a link, with 10 per cent of those links containing a piece of malware in it. Renert said that comparing this number is extremely low if compared with the number of malicious spam e-mails organizations receive on a daily basis.

James Quin, a lead research analyst with London, Ont.-based Info-Tech Research Group Ltd., said searching for current events has never been more popular, whether it’s because users are truly interested in the topic or simply because they want to stay in the loop.

“Cyber criminals have most certainly noticed this trend and are doing everything in their power to leverage it and this includes linking cyber threats to current events as quickly and broadly as they can,” he said.

For business users in particular, Quin said, news sites and discussion forums are more dangerous than pornography simply because of availability.

“I can read about the US election, Michael Jackson’s passing, and the World Cup with impunity from my desktop at work,” he said. “I can’t surf porn in the same manner”

In addition to setting up policies to ensure safe Internet access and employee education on malicious links, Renert recommends companies to move away from static security tools and move to real-time content analysis. He said because online content is so dynamic, particularly on news and social networking sites that allow for user generated material, real-time URL inspection is the only way to stay safe.

Websense added that sites featuring topics that most companies deem objectionable — such as porn or pirated software — generally have a tighter ecosystem of links and are easy to track through link analysis.

Related Download
A Guide to Print Security for Canadian Organizations Sponsor: HP
A Guide to Print Security for Canadian Organizations
IT security vulnerabilities are a growing cause for concern for organizations trying to protect their data from printer breaches.
Register Now