If you’ve read our recent Sophos Security Threat Report, you can’t fail to have missed the increasing part the web plays in spreading malware.
We singled out the USA for a lot of the problem – as websites there host more of the world’s malware than any other country.
But it would be wrong to think that America is the only country where there is a problem.
For instance, lets look at the country I’m writing this from – Great Britain. In August 2007, the UK was the seventh worst offender in the list of countries hosting infected web pages, accounting for 0.8%. By April 2008, the figure stood at 1.1% and in November 2008, it was 1.7%.
The last 18 months or so reveal some bad news for Australia too.
Back in August 2007, Australia was in 38th place on the worldwide list of countries hosting infected webpages, with less than 0.1 per cent of the global total. By April 2008, it had climbed to 21st place, with 0.2 per cent of infected pages worldwide. By last month, Australia was in 13th place, hosting 1.1 per cent of the world’s infected webpages.
While the UK and Australia are clearly not the worst offenders, the fact that they are responsible for an increasing percentage of infected sites is worrying news. With web threats still on the rise, not only must website owners take a proactive approach to securing their sites, but all users browsing the internet should also take steps to protect themselves.
So, here are some New Year’s Resolutions for web site owners, operators and hosters:
AS A WEB SITE OPERATOR, I WILL consider protecting my web servers with preventative (on-access, real-time) anti-virus software. I will go out of my way to block infected files before they are used in order to prevent infected web pages from being served up in the first place.
AS A WEB SITE OPERATOR, I WILL NOT assume that my web pages are safe just because I am not running Windows. Even if my own servers never actually get infected, I aim to prevent others from getting infected through me.
AS A WEB SITE OPERATOR, I WILL patch my operating system, web server and plug-ins regularly and promptly. I recognise that if the author of the software I use to run my site has published a security update to close a remotely exploitable hole, then the bad guys already know about it and could break in at any time.
AS A WEB SITE OPERATOR, I WILL produce a cleanup plan. I will write down who will need to do what if infected web pages are found so I can recover quickly from an attack.
You can learn more about the threats we are seeing (on the web and elsewhere) in a podcast we recorded about the Security Threat Report. Maybe some of you can play it on that MP3 player you might find under the tree on December 25th?