Posted on February 21st, 2012
CEO of StopTheHacker, Peter Jensen made an interesting and alarming announcement recently claiming that almost 75% of web hosted sites are susceptible to malware. In fact, 2.5-5% of web hosts are also liable to be attacked without warning! Co-founder and Vice President of StopTheHacker listed a few threats hosting organizations are vulnerable to on a daily basis:
FTP Credential Violation
This refers to sites that are inadvertently infected by viruses due to hacked FTP passwords and user accounts. Such malware is typically on the prowl for websites that are updating their pages. Login data is quite easy to obtain with the right malware code.
The bad news is that most are undetectable and there is almost no way web hosts can prevent them from infecting them either. That’s because it’s very difficult to ascertain whether a FTP connection or bot is responsible for the infiltration.
Inconsistencies in Web Features
When sites allow users to interact with content via comments, blog posts etc, they are actually opening themselves to malware. The infamous SQL injection attack that claimed millions of websites recently, is a case in point. Such attacks are usually successful since they find it easy to compromise the code operating online forms. That’s because content code is rarely outfitted to protect itself from such threats thus leading to account takeovers.
This is a major issue nowadays since more and more websites are encouraging users to interact via forums, blogs etc compromising their security in the process. Getting consistent malware scans is the only way to ensure your website remains safe from those sharks.