Research | News
New Study Looks at Risks on Top Web Sites
Barracuda Labs recently released results from a study it conducted on risks consumers face on the Web, which found that every day a top site delivers malware.
The study, "Good Websites Gone Bad," analyzed the 25,000 most popular Web sites worldwide, as ranked by Alexa in February, for malware infections using an automated system.
"One of these tools is an automated system that forces a Web browser inside a Windows virtual machine to visit a URL to see what happens to the browser, its plugins, and the operating system," wrote Paul Royal, Barracuda research consultant, on a blog. "The resulting network-level actions of the virtual machine help us determine, without prior knowledge of specific exploits served to the browser or its extensions, whether a URL serves malicious content."
Conclusions of the report included:
- Fifty-eight Web sites served "drive-by download exploits," exposing more than 10 million people to malware infections;
- Domains in 18 countries served malware, with businesses in the United States hosting most of the infected sites at 43 percent, followed by the Netherlands at 19 percent; and
- Fifty-four percent of infected Web sites have been up and running for more than five years, 43 percent have been up for 1 to 5 years, and 3 percent were created less than a year ago.
"Web security has shifted. If you are a popular Web site or company, the attackers want access to your users. Good sites gone bad is a serious problem," said Paul Judge, chief research officer at Barracuda Networks. "Users must be careful when visiting even long-time trusted sites, and also more than ever legitimate Web sites must take steps to protect their websites from compromise."
The study also found that, on average, two top-ranked Web site deliver malware content each day, "statistically guaranteeing that at least one popular Web site will serve malicious content every day," and the top domains served malware for 23 of the 30 days in February.
Education clients of Barracuda Networks, which provides tools to guard against viruses, include The University of Georgia in Athens, Georgia Institute of Technology in Atlanta, Billings Public Schools in Montana, and Stanislaus County Office of Education in Modesto, CA.
For more information, visit the Barracuda Labs blog. Infographics illustrating the findings of the study are available at barracudalabs.com/goodsitesbad/.
Tim Sohn is a 10-year veteran of the news business, having served in capacities from reporter to editor-in-chief of a variety of publications including Web sites, daily and weekly newspapers, consumer and trade magazines, and wire services. He can be reached at firstname.lastname@example.org and followed on Twitter @editortim.