by Blue Coat
Authored on: Jan 14, 2012
Innovation breeds opportunity, even for the underground. Web and mobility innovations focus on ease of use, availability, and building large user audiences, but they breed opportunity for cybercrime. Security typically comes later, after a period of breaches and security issues put the issue front and center. Halfway through 2011, we are in the midst of this security period.
The majority of web threats are now delivered from trusted and popular web sites that have been hacked for use by cybercrime. For this reason, reputation defenses become less effective. The once obscure link farm for search engine poisoning now resides within popular web sites. The exception for link farms is now a rogue domain or remote web location. Phishing attacks overwhelmingly come from popular and trusted web sites hacked by cybercrime. The recent large-scale accumulation of user identities and email IDs by cybercrime only raises the concern for phishing attacks and Advanced Persistent Threats (APTs) that target specific organizations and users.