Last January we released a new Web security service – Commtouch GlobalView URL Filtering SDK. This innovative solution leverages our many years of messaging security and OEM partnership experience, plus unique Data Cloud architecture, to provide highly accurate, secure protection against growing Web threats while enabling safe, compliant browsing. The service utilizes a combination of eight security categories such as “compromised sites,” “phishing and fraud,” and “botnets,” to proactively defend against various Web-based threats before users’ first clicks.
The threats within the Internet landscape may be growing, but our ability to monitor new threats and outbreaks provides a significant advantage to our partners and the end user. As our Chief Technology Officer Amir Lev recently said, at Commtouch, the GlobalView™ concept is more than just a brand name — it is our philosophy of examining what is happening around the world, then extracting and synthesizing valuable data in order to provide advanced security tools.
The data we have gathered enables us to build useful tools for monitoring malware outbreaks plus spam and zombie/botnet trends. We have taken all these tools and developed a new Online Security Center that also features a real-time outbreak monitor that dynamically displays outbreaks and their geographic origins.
I want to talk about two new graphs covering our web security offering.
Web Categories Infected with Malware
The explosive increase in Internet use has brought with it new threats for both home and business. Attackers are finding increasingly sophisticated ways to utilize the Web for their activities, such as infecting Web sites with malware – both legitimate Web sites and less reputable sites (e.g. those hosting pornography). Gartner, the industry analyst firm, pointed out that in the first quarter of 2008, more than 50 percent of infected sites were, in fact, legitimate ones that had been silently manipulated by attackers — an alarming statistic that shows how important it is to have highly accurate solutions to identify and block access to malicious web sites.
This pie chart shows the distribution of malware-infected Web pages across non-security categories. In order to better understand how the malware is distributed across the Web, we looked at all the malware Web pages in our data centers and checked to see what other categories they fall into – I like to think of these categories as “malware hot spots.” This graph provides a sense of which content is more likely to become the target of a malware attack, and is constantly updated since we know that threats are trend-oriented and can shift from one category to another depending on trends found within the Internet ecosystem.
Web Categories Manipulated by Phishing
Similar to the malware pie chart, this graph shows how phishing scams are distributed across Web pages in non-security categories. As I see it, analyzing this graph provides insights about the impacts of social engineering. Since attackers are usually financially motivated, it only makes sense to assume that they hope to maximize their attacks, and so the higher ranked categories in the graph have a higher ROS (Return on Scam) or their scams are more profitable.
However you interpret the data, these tools are just one of the many and growing number of tools that we provide to our partners and the entire security community as part of our GlobalView security offerings.
Check them out for yourself! The new Web Security Lab can be found in our Online Security Center. Want these graphs to appear on YOUR Web site? E-mail firstname.lastname@example.org to find out how.