Zscaler Releases Q2 2010 “State of the Web” Report

San Jose, California, August 18, 2010

Zscaler today released its Q2 2010 State of the Web report. The report details the enterprise threat landscape and the variety of web based issues plaguing internet users. It details how attackers are staying one step ahead of the game and enterprises are struggling to keep up.

Here are some of the top findings detailed in the latest Zscaler State of the Web report:

  • Attackers were quick to leverage the biggest news stories of the quarter, including the World Cup and release of the iPad, in a variety of attacks
  • China has surged to a #2 ranking, up from #5 in Q1, when looking at countries hosting the most malicious sites
  • While corporate use of Internet Explorer 6 continues to decline, 1 in 5 employees continue to use the now nine-year-old web browser, despite the continued emergence of 0day threats and a lack of modern security features
  • Use of Facebook’s ‘Like’ buttons is also gaining popularity among attackers who are using the feature within the app and on other sites to promote malicious web sites
  • Twitter follower scams – sites set up to trick users into providing their Twitter credentials in exchange for more followers—continue to thrive
  • Wikileaks, the now infamous site known for publishing confidential documents related to the Afghan war, was a popular destination for employees, with traffic to the site spiking as various news stories of the leaks broke
  • Research into the top IP addresses hosting malicious content reveals just how frequently attackers relocate malicious content to avoid detection
  • Mass web based attacks are becoming increasingly common with misconfigured web applications permitting SQL injection and unpatched WordPress sites also being popular targets

"Attackers continue to target end users in the hopes of obtaining valuable data or to compromise machines to build botnet armies," according to Michael Sutton, VP of Security Research at Zscaler. "While the goals have not changed, the techniques continue to evolve." He continued: “It is clear that security vendors must be able to quickly adapt and inspect web based content on-the-fly in order to identify and secure against emerging threats in this continually evolving environment.”

As a Security as a Services (SaaS) vendor with a global network of enforcement nodes, Zscaler encounters a multitude of attacks each and every day. The company’s NanoLog technology, which is game changing in its ability to minimize logs exponentially without losing data, enables real-time reporting at the transaction level, giving Zscaler’s research team an edge in drilling down on or identifying new threats. The new report summarizes the threat activity over the course of the quarter and identifies emerging attack trends.

To obtain a copy of the Zscaler State of the Web report, please visit: https://www.zscaler.com/zscaler-state-of-the-web-q2-2010.html.

About Zscaler

Zscaler is revolutionizing Internet security with the industry’s first Security as a Service platform. As the most innovative firm in the $35 billion security market, Zscaler is used by more than 5,000 leading organizations, including 50 of the Fortune 500. Zscaler ensures that more than 15 million users worldwide are protected against cyber attacks and data breaches while staying fully compliant with corporate and regulatory policies.

Zscaler is a Gartner Magic Quadrant leader for Secure Web Gateways and delivers a safe and productive Internet experience for every user, from any device and from any location — 100% in the cloud. With its multi-tenant, distributed cloud security platform, Zscaler effectively moves security into the internet backbone, operating in more than 100 data centers around the world and enabling organizations to fully leverage the promise of cloud and mobile computing with unparalleled and uncompromising protection and performance. Zscaler delivers unified, carrier-grade internet security, next generation firewall, web security, sandboxing/advanced persistent threat (APT) protection, data loss prevention, SSL inspection, traffic shaping, policy management and threat intelligence—all without the need for on-premise hardware, appliances or software. To learn more, visit us at www.zscaler.com.

Additional Resources:

Media Contacts:

Whitney Black 
Director of Communications