Zscaler Releases Q1 2010 “State of the Web” Report

Zscaler today released its Q1 2010 State of the Web report. The report details the enterprise threat landscape and the variety of Web-based issues plaguing Internet users. Among numerous findings, the report details several growing threat vectors, including attackers leveraging search engines and growing fake anti-virus threats.

Here are some of the top findings detailed in the new Zscaler State of the Web report:

• Google services (search, Gmail, blogs, groups, etc.) are topping the list of threats that result in malicious software being downloaded and installed without end-users’ knowledge or consent; this followed by ThePlanet, a large hosting provider with a history of criminal abuse.
• End-users are falling prey to numerous social engineering schemes; at the top of the list, 13.58% are aggressively being tricked into running fake anti-virus. Zscaler Research explains what’s happening, how SEO is being leveraged, and why these threats aren’t going away any time soon.
• The Eleonore exploit kit makes up roughly 5% of browser exploits and growing; Zscaler tells which kits have particular features and why they’re so valuable to the underground.
• Phishing exploits in the huge ponds of Facebook and World of Warcraft (WoW) are yielding big catches; Zscaler advises how SEO and injected content are enabling perpetrators.
• Mature botnets, such as Monkif, Torpig, Zeus and Koobface, continue to survive and thrive in spite of industry awareness and efforts to thwart them .
• Zero-day vulnerabilities are forcing enterprises to abandon IE6, but usage of the nine-year-old Web browser still remains unacceptably high.
• Big news events throughout the quarter, including the tsunami in Chile, Apple's iPad release and Toyota's massive recall, were efficiently leveraged by attackers for the purpose of social engineering.
• Good content is most often sought from the U.S. [by the global workforce], and, correspondingly, the country also hosts most of the Web’s malicious content as well.
• Seven of the top 10 countries noted as having more malicious verses benign Websites are currently all in Central and South America. (Find out why and how that may change in the future)
• A graphical Hilbert Curve representation of the Web shows that despite reports stating we’re running out of IPv4 address space, much of the Internet actually remains untouched.

“Attackers are continuing to refine their methods and when opportunities arise, they are able to deploy effective attacks within minutes,” according to Michael Sutton, VP of Security Research at Zscaler. “Whether employing black hat SEO tactics, infecting legitimate sites or spreading fake anti-virus software, they are repeating practiced and automated attack techniques that are succeeding with frightening efficiency.” He continued: “Something else we can conclude is that not only are attacks getting more and more sophisticated and targeted, but knowledge of them—such as the big botnets—isn’t making them go away.”

As a Security-as-a-Services (SaaS) vendor with a global network of enforcement nodes, Zscaler encounters a multitude of attacks each and every day. The company’s Nanolog technology, which is game changing in its ability to minimize logs exponentially without losing data, enables real-time reporting at the transaction level, giving Zscaler’s research team an edge in drilling down on or identifying new threats. The new report summarizes the threat activity over the course of the quarter and identifies emerging attack trends.