Search engine poisoning, SEP, is not new – but it is a growing concern for businesses and individual users. Security firm Blue Coat Systems released their 2011 web security report and indicated that SEP is the single biggest online threat. What accounts for the rise in SEP? And how can organizations and individuals protect themselves?
According to Blue Coat, much of the prevalence of SEP is due to patience. Cybercriminals are often very willing to bide their time and build a façade of legitimacy that allows them to operate with virtual impunity. The report mentions “maladvertising” specifically. “Taking time to develop clean reputations within ad networks, and passing multiple sweeps for malware, cybercrime develops valuable and trusted positions within web advertising structures before launching attacks leads to a very successful campaign.” The developers wait for the optimal time to attack and are able to do so quickly and stealthily.
Standard security systems provide little help because they do not rely on real-time data to make decisions as to the legitimacy of particular sites or ads. In fact, the report says, “If your security system has any kind of regular ‘Click here to update definitions file’ requirement, it will likely fail to protect your users.”
Search engines are the most popular mode of delivery for malware attacks; it is no coincidence that search engines were also the most requested or most used online content. How can people protect themselves? You still want to block those traditional “questionable” sites, like those containing pornography, and gaming, warez or pirated content, and watch out for those with file sharing and free videos. Blue Coat adds that searching for images and pirated media puts searchers are particular risk.
A single antivirus program or security firewall isn’t enough to protect your system from malware attacks. Multifaceted real-time protection is a must. A healthy dose of suspicion and common sense goes a long way as well.