Businesses need to tackle threat of compromised websites

UK domain registrar 123-reg is helping combat the trend of spreading malware through legitimate sites

UK domain registrar 123-reg is helping website owners to protect themselves and their visitors with a new tool that identifies and helps remove malicious code from legitimate websites.

According to the latest Anti-Phishing Working Group report, a growing number of legitimate web sites are being compromised by cyber criminals as a way of spreading malware.

Security organisations report that this strategy has become extremely popular in the past 12 months, particularly targeting content around celebrities.

Recent studies showed that Harry Potter star Emma Watson is among the most dangerous celebrities on the internet.

To counter this problem, 123-reg is to provide the anti-malware Site Scanner software directly to website owners.

The service alerts site owners via an automated email of any dangerous code that has been inserted onto their site and advises them on how best to remove the threat.

According to the registrar, around 6,600 legitimate websites are compromised each day, turning them into key malware distribution tools for cyber criminals.

Site Scanner, which provides sites with a trusted site seal to increase visitor confidence, is integrated with all major malware registries to ensure it is always up to date with the latest threats. 

The premium version of the service also features artificial intelligence to highlight all instances of unrecognised, unauthorised scripts to counter the most sophisticated types of malware that change elements of their code in an attempt to avoid detection.

“The consequences of a corrupted or compromised website are extremely serious, especially for organisations that drive much of their business through the web,” said Thomas Vollrath, CEO of 123-reg’s parent company Host Europe Group.

Embedded malware is one of the main causes of security and data breaches, which can severely compromise a business’s operations, and compromised websites can also infect visitors with malware, he said, which is one of the most common reasons why search engines, browsers and security suppliers will blacklist a site.

“Google alone blacklists 9,500 websites every day – a large number of them legitimate sites that have been infected by malware," said Vollrath. "It’s not just e-commerce and corporate websites that are at risk – hackers and criminals often go for smaller sites, including blogs and social media, because they are less likely to be protected."

The impact on an organisation’s business, and its reputation, is potentially catastrophic, he said, which is why 123-reg is encouraging website owners and designers need to take responsibility for their safety – and that of their users – by providing a simple tool that enables them to monitor for any security breaches.

Businesses can also help safeguard users against infections through compromised websites by granting them only basic user rights, according to privilege management firm, Avecto.

“If the user has full admin rights on the system concerned, the organisation’s IT security is very nearly dead in the water because admin rights access allows users to bypass security and policy on the client environment, which means malware infections can quickly spread to other users,” said Paul Kenyon, Avecto's chief operating officer.

Most users on a company IT system, he said, never need access to the high-level features afforded to administrators and, by granting users only basic rights and increasing these only for a select few when using specific applications, organisations can limit the damage that can be done cyber criminals significantly.

“Even if a user’s desktop is compromised, the facilities open to cyber criminals as a regular user are quite limited. But with full admin rights, a malware infection can trigger a server to fall over or cause a significant data breach with large volumes of data ex-filtrated outside of the organisation in a short space of time,” said Kenyon.


Read more on Hackers and cybercrime prevention