SophosLabs assesses about 40,000 new threats every day andover 80% of them
come from legitimate websites that are visitedfrequently by web users
Web-filtering used to be rather easy-IT departments could block inappropriate categories of websites like adult, gambling, social media and the job was done. More recently, however, cyber criminals have begun to infect large numbers of users on the web by compromising legitimate sites that you probably don’t want to block with strict browsing policies. Web filtering that only blocks dodgy sites won’t keep users safe from web-borne threats, warns Sophos Labs in a recently published blog. In fact, Sophos Labs detects 20,000 to 40,000 malicious URLs every day-and 80% of those are compromised legitimate websites.
Sophos Global Head of Security Research, Mr James Lyne. explains that cyber criminals can infect web users automatically via a drive-by downloadprocess that takes less than a second. “Most websites that use outdated techniques for web filtering are not able to do much to prevent these threats. Security appliances and policies which treat every website as the same and scrutinize it for the latest attack techniques will keep a staggering volume of malicious code from getting into yoursystems,” saysMr Lyne.
So how can you keep your users safe on the web and also allow them to stay productive while doing their jobs? Sophos suggests three tips for better web security.
In addition to a URL filtering solution that blocks known malicious sites, make sure you perform deep scanning of web traffic as it’s accessed to guard against compromised legitimate websites. Real-time reputation filtering protects you from new malicious websites as soon as they come online.
Make sure you’re protecting users when they’re outside your main office. A UTM can be a cost effective way to provide protection at local sites. For those at-home and traveling workers, use an endpoint security solution that integrates web policy enforcement and web content scanning directly into your laptops.
Keep the endpoints and software well-patched to protect against drive-by downloads that exploit vulnerable software and applications. Limit the number of Internet browsers, applications and plugins in organization to a standardized set and enforce their use as policy.