Report: More Than One Third of Web Host Victims Repeatedly Exploited By Cybercime Gangs

The Anti-Phishing Working Group (APWG) is reporting this week that more than one-third of respondents to a new Web Vulnerabilities Survey were repeat victims of phishing attacks that resulted in a successful establishment of phishing or spoofing websites on their web server platforms.

Some 37 percent of respondents to the wide-ranging study of website vulnerabilities and administrative responses to exploitation reported that their websites had phishing or spoof sites planted on their web servers two or more times before, a telling statistic that reflects both the persistence of phishers and the difficulties of keeping them at bay.

“Phishers value compromised web sites highly because they are much harder for interveners to take down. They’re confident that they’ll be able to identify and exploit sites, and do so repeatedly. Victims are not mitigating exploits entirely or are not implementing adequate measures to keep them away,” said APWG Research Fellow Dave Piscitello of ICANN.

“Keeping all components of a web site -- OS, web server, applications, and content - patch current and applying the most secure configuration options possible could significantly reduce initial and repeat attacks,” Piscitello said.

The APWG’s Internet Policy Committee began an online survey for managers of websites that had been exploited in phishing attacks and other malevolent enterprise nearly 18 months ago. Some 270 completed surveys are included in this first tally and analysis.

The full report is here: http://www.apwg.org/reports/apwg_web_vulberabilities_survey_june_2011.pdf

The APWG IPC organized this study to understand the web site operating environments that are abused by cybercrime gangs, the nature of the attacks, and actions the victim took in response, to obtain a clearer understanding of attacker methodologies and target preferences.

While the survey results clearly indicate that web sites could benefit from broader implementation of preventative measures to mitigate known vulnerabilities, they also reveal that organizations are not adequately monitoring for anomalous behavior or suspicious traffic patterns that may indicate previously unseen, so-called zero day attacks.

While only one in five victims reported that the attacks were discovered by their own staff, fifty-two percent of respondents were informed of the attack by third-party security companies. Victims indicated that their web hosting service (18 percent) or the company that was phished (18 percent) were as likely to notify victims as the organization’s staff.

“You can’t publish active content in Internet time and verify that your protective measures against attacks remain effective. Vulnerability testing, if done at all, is done too infrequently,” Piscitello said. “That nearly 80 percent of incidents are being detected by third parties tells us that too few organizations take real time monitoring or examination of logs for suspicious activities seriously.”

Featured

  • Until We Meet Again

    A short three years ago we were all pondering whether to attend any tradeshows all thanks to COVID-19. Sorry to bring that nightmare up again, but it seems that little pandemic is in the rear-view mirror, and it’s time to meet again. Read Now

    • ISC West
  • Cyber Hygiene: What it Looks Like for IoT Devices

    Cyber Hygiene: What it Looks Like for IoT Devices

    For our second pillar about the Industrial Internet of Things (IIoT) Pillars of Security, we are going to discuss what cyber hygiene looks like for IoT devices. Read Now

  • ISC West Announces 2023 Keynote Series Speaker Lineup

    The International Security Conference (ISC), in collaboration with premier sponsor Security Industry Association (SIA), announced five of this year’s ISC West Keynote Series speakers. ISC West will kick off its annual conference on March 28 (SIA Education@ISC: March 28-30 | Exhibit Hall: March 29-31) at the Venetian Expo in Las Vegas, Nevada. Read Now

    • ISC West
  • Accelerating Security Modernization

    In recent years, the term “digital transformation” has been one of the most frequently used buzzwords across industries. On its most basic level, it refers to the reimagining of how an organization leverages its technology systems to improve business processes. Read Now

Featured Cybersecurity

New Products

  • ComNet NW1 Gen 4

    ComNet NW1 Gen 4

    ComNet, Communication Networks, is announcing the introduction of its Generation 4 line of NetWave® wireless products that offer greater performance and increased stability in applications where throughput and increased bandwidth is increasingly important. 3

  • Videoloft Cloud Video Surveillance VSaaS Solution

    Videoloft Cloud Video Surveillance VSaaS Solution

    Videoloft focuses on transforming traditional professional surveillance systems into cloud connected solutions via the Videoloft Cloud Adapter. 3

  • Camden Door Controls ‘SER” Surface Boxes and Extension Rings

    Camden Door Controls ‘SER” Surface Boxes and Extension Rings

    Camden Door Controls has introduced new ‘SER” surface boxes and extension rings that provide a complete solution for new construction. In addition, they provide a simple and robust solution when replacing round wired and manual push plate switches with either Camden’s wired or wireless SureWave™ no-touch switches or Kinetic™ no-battery wireless switches. 3