Common security threats – Download Hijacking

What is Download Hijacking:

In nature, the big predators hang out at standard water holes and wait for their prey to come by. On the Internet, the big predators find ways to turn popular website visits into covert attacks. In some cases, they inject code through comments that force unsuspecting visitors to download malware automatically. In other cases, they compromise the web server and inject malicious code into seemingly legitimate downloads. Another trick is to utilize exploit kits, programs designed to actively probe the website visitor’s system for software vulnerabilities that can be exploited.

What makes protection a challenge:

Not only do attackers have the element of surprise in these situations, but they also have a collection of tricks to make sure they’re successful. If you update your browser, they’ll update their code. If you patch a vulnerability, they’ll move on to a new one. It’s also not as if we’re talking about strictly sketchy websites. Some of the web’s most popular sites (The New York Times, the BBC, AOL, the MSN homepage) have been compromised in the past. You usually can’t ask employees to stop using the Internet altogether.

Want to discuss it further, contact us today!

COMMON SECURITY THREATS SERIES:

Learn about other security threats you might be up against:

Leave a Reply

Your email address will not be published.