Feature Stories ↓
Too confident?
Too human?
Web 2.0 World
Websense Security Labs Report 2008
How Secure is Your Web 2.0 World?
ThreatSeeker Network Unveiled
A Q&A with Websense Email Security Experts
Savoring the Sweet Spot
SMBs Fight Back with Websense Web Security
Targeting and Classifying Confidential Data
Websense #1 in Web Security
2008 Threat Predictions


FEATURED LINKS
FEATURED PODCASTS
Websense Email Security Research Manager David Saunders discusses the latest messaging threats and trends from the report:

SC Magazine podcast:Super Cybercrime with Websense CTO Dan Hubbard

WEBSENSE SECURITY LABS:
STATE OF INTERNET SECURITY
Q1 — Q2, 2008

New Websense Security Labs Research Shows 75 Percent of Malicious Sites are from Legit,
Trusted Sources with "Good" Reputation Scores. Websense
Security Labs issued the State of Internet Security research and
trends report for the first half of
2008.

Websense Security Labs uses the patent-pending Websense ThreatSeeker Network to discover, classify and monitor global Internet threats and trends. Featuring the world’s first Internet HoneyGrid, the system uses hundreds of technologies including honeyclients, honeypots, reputation systems, machine learning and advanced grid computing systems to parse through more than one billion pieces of content daily, searching for security threats. Every hour, it scans more than 40 million Web sites for malicious code and scans nearly ten million emails for unwanted content and malicious code. Using more than 50 million real-time data collecting systems, the Websense ThreatSeeker Network monitors and classifies Web, messaging, and data content—providing Websense with unparalleled visibility into the state of content on the Internet and email.

This report summarizes the significant findings of Websense researchers using the ThreatSeeker Network during the six-month period ending in June, 2008.

Read the Report


"Today attackers are overwhelmingly forgoing creating their own malicious sites and targeting legitimate Web sites that have a built in base of visitors."

Dan Hubbard, Chief Technology Officer
Websense

Highlights / Key Facts:

  • 60 percent of the top 100 most popular Web sites either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites, according to new research released today from Websense Security Labs. The top 100 most popular Web sites, many of which are social networking, Web 2.0 and search sites, represent the majority of all Web page views and are the most popular target for attackers. With their large user base, good reputations and support for Web 2.0 applications, these sites provide malicious code authors with abundant opportunity.
  • In the first half of 2008 more than 75 percent of the Web sites Websense classified as malicious were actually sites with seemingly "good" reputations that had been compromised by attackers. This represents a 50 percent increase from the second half of 2007.
  • More than 45 percent of the top 100 most popular Web sites support user-generated content.
  • Websense Security Labs found that 29 percent of malicious Web attacks included data-stealing code, demonstrating that attackers are after essential information and data.
    • WEBSENSE VIDEO ↓

    Websense Security Labs Manager
    Discusses Report Highlights



    New Websense Security Labs Research Shows 75 Percent of Malicious Sites are from Legit, Trusted Sources with "Good" Reputation Scores

  • The convergence of blended Web and email threats continues to increase. Websense Security Labs reports that now more than 76.5 percent of all emails in circulation in the past six months contained links to spam sites and/or malicious Web sites. This represents an 18 percent increase since December 2007.
  • Websense Security Labs uses the patent-pending Websense ThreatSeeker Network to discover, classify and monitor global Internet threats and trends. Security researchers use the Internet security intelligence from the system, which includes more than 50 million real-time data collecting systems that parse one billion pieces of content daily, to publish security trends and protect customers.

(click here for more details)
Websense view of the current "Webscape"

(click here for more details)
Example of a Web 2.0 mashup; the URL no longer matters, it's about the content on the page

Customer Spotlight

"With legitimate Web sites that our employees may try to go to for business reasons, increasingly getting compromised by criminals, the research on the latest threats and the Web security protection from Websense is critical to our organization. As a Websense customer I know our employees and our essential information are protected from the latest Internet threats and our employees can use the Web and Web 2.0 sites safely."

Tim Lawrence, information technology (IT), security analyst
AutomationDirect

Websense News RSS Feed:
Websense Security Labs Alerts RSS Feed:
Websense Security Labs Blog RSS Feed:



Contact Information: Sarah Thornton, +1 858 320-9500, sthornton@websense.com



© 2008 Websense, Inc. All Rights Reserved.