The Web's already got its share of threats, but in many cases, savvy users can steer clear of dangers. But that may be changing as cyber criminals' attacks continue growing in sophistication -- with even legitimate sites becoming less trustworthy.
Social networking sites and other prominent online destinations, like search engines, will be some of the major targets, according to Web and e-mail security vendor Marshal8e6. The company predicts an upswing in attacks on sites such as Facebook, LinkedIn and Google (NASDAQ: GOOG) that will severely impact the notion of trusted sites on which the Internet depends.
"In many cases, we won't be able to automatically trust legitimate Web sites," Adrian Duigan, Marshal8e6's product marketing manager, told InternetNews.com.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=iDuigan said the most dramatic change he's seen during the past year is cyber criminals' move to host their malware to legitimate Web sites, rather than on their own sites. Between 50 and 60 percent of the malware Marshal8e6 encountered over the past 12 months was hosted on legitimate Web sites -- and it expects that figure to go up to 70 to 80 percent, he said.
The warnings signals the latest sign that even after major setbacks, malware authors, botnet owners and other online troublemakers aren't out of the fight for long.
And as a result of their new tactics, security vendors must scramble to cope with the changes.
"In the past, we could recognize sites that are harmful, but now a site could be legitimate one day and be hijacked the next day by malware," Duigan said. "What makes it more difficult is the hijacked pages are then abandoned by hackers in 48 hours."
About 60 percent of new sites linked to malware were put up for less than one day, antivirus vendor AVG Research has found. The rest were all active for up to 14 days at the most.
These new modes of attack could destroy the model of trust used throughout the Internet, which relies heavily on sites and message sources' reputation. For instance, a trusted site such as Google or Facebook has a good reputation, so messages from it are not blocked by spam filters when they come in.
With malware authors corrupting that trust model by using trusted sites to distribute or host spam, security vendors will have to change the way they classify Web sites and how they assume whether sites are inherently safe or unsafe, Duigan said.
Social networking sites in particular are emerging as a source of security threats, with easily set-up profiles and lax user safeguards. That was why the Koobface worm, which targeted Facebook and MySpace, spread so easily.
"The major issues we're seeing is spammers setting up setting up Facebook or YouTube or Hotmail accounts or accounts on other free Web services, and it's going to come down to the vendors running those sites and how they're going to secure them," Duigan said.