29 04, 2014

The Reports are in: Hacked Websites are a Big Problem


The big boys have weighed in and both the Cisco’s 2014 Security Report  and the Websense 2014 Threat Report have identified a major contributor to cyber-crime: hacked legitimate websites.  The Cisco report accurately refers to these attacks as High Efficiency Infection Strategies because as the image below illustrates, a single website can attack a variety of devices. Websense re-affirms the popularity of this attack method by pointing out that 85% of malicious links are hosted on hacked legitimate websites.

Websites can launch attacks upon multiple device types 's (image from Cisco's 2014 Security Report)

Websites can launch attacks upon multiple device types ‘s (image from Cisco’s 2014 Security Report)

At 6Scan we see the magnitude of the effort behind these attacks and the damage they can inflict. There is a constant barrage of malicious traffic against the sites we secure. Why? Because using hacked websites to disseminate malware is a high-efficiency infection strategy.  A compromised web site, or web server, is the bad guys’ honeypot — it’s out there just waiting for victims to show up. Many new customers come to us after they have been targeted. Once breached, these sites become platforms for serving malware until inevitably they are blacklisted by browsers or desktop anti-virus. 

In many cases these small businesses have much more to lose than bigger companies. Large firms have insurance, recovery strategies and adequate resources to survive a breach, even one that is large scale and highly visible. Smaller firms, The Fortune 15 Million, don’t always have this cushion. In many cases they stand to lose everything. This is why 6Scan offers a free service to assess website security. It’s also why we focus on fixing vulnerabilities before they become breaches.

Stay safe.


24 02, 2014

Data (In)Security


In the world of website content management systems, WordPress is king.  As far back as 2012 Fortune magazine anointed WP  rulers of Web and now their number of installed platforms exceed 70 million. So a logical question is “What does it mean to be one of 70 million in terms of website security?”

Well, in cyber-security as in many industries, Shakespeare’s line “Uneasy lies the head that wears a crown” is often applicable.  So it’s important to recognize that dominant market share makes an inviting target for criminals.  Exploit writers follow the money which, for them, lies in hacking vulnerable website code.  The more vulnerable applications in distribution, the more profit they see.

Hackers use WP sites – revenue-generating and fan-based alike – to carry out criminal activity ranging from malware distribution to data theft and more.  At 6Scan, we see an inordinate number of sites unwittingly inviting attacks with virtual “Hack Me” signs.  Of the WP sites on our scanning platform (as of January 17, 2014) fewer  than 20% were using the current version (3.8) and approximately 25% run versions that are more than one year out of date (see chart for full break out.)  Hackers love out-of-date applications, which they regard as low-hanging fruit, becuase their vulnerabilities are well known and exploit packages are available for purchase. So before doing anything else, 6Scan urges WP site owners and administrators to install the latest version of WP.  Strengthening sites across the board – all types – is good for the individual as well as the WP community in general.