Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Whether or not you're a gamer, the detection of malware infestation on the Sony USA PlayStation Web site should give you pause. Compromises of popular commercial sites -- the sorts that employees and family members might visit, even if you don't -- are precisely the sort of thing that can have anything but a playful effect on your business.
2 Min Read
Whether or not you're a gamer, the detection of malware infestation on the Sony USA PlayStation Web site should give you pause. Compromises of popular commercial sites -- the sorts that employees and family members might visit, even if you don't -- are precisely the sort of thing that can have anything but a playful effect on your business.Security firm Sophos identified the PS3 site infection as one that launches a fake anti-virus scan on the visitor's PC and then tries to get users to buy fake anti-virusware.
It's yet another SQL-injection attack, one of so many "yet anothers" that Microsoft issued this advisory about them.
What caught my attention about this one in particular -- they're all bad -- was, of course, the PlayStation connection.
But that, as they say, is just detail, where the devils live. It could be any large, extremely popular and essentially "acceptable" (i.e., not porn) consumer site that employees may feel free to visit on their own time on your equipment.
And it probably will be -- Sophos has estimated that a malware infection strikes a new Web page every five seconds: 12 a minute, 720 an hour, 24/7.
With an Olympics, a World Series and a presidential election looming you can imagine the sorts of big, extremely popular, consumer-acceptable sites that may well be targeted by the bad guys.
Even as small and midsize businesses wrestle with questions of how much or how little to let employees surf (or not) via company connections or on company remote and mobile equipment, and attempt to draw well-defined lines about appropriate and inappropriate content (porn, etc.) it's becoming clear that some "how to surf safe sites" policies must be put in place as well.
One good step -- shift your employees browsers to Firefox 3, which offers protection against these attacks.
Otherwise...
While it's unlikely -- and probably impossible -- to persuade your staff to steer completely clear of Web 2.0 enhancements, bells and whistles and video (and, alas, "online virus scans" and their ilk), it's also more than worth your while to issue regular reminders and warnings about the devils that may be lurking on otherwise acceptable sites.
Because, as the PS3 site-hack shows, the devils are already there and are spreading -- at the rate of one every seconds.
About the Author(s)
You May Also Like
More Insights
Webinars
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
