One in three of top websites vulnerable or hacked, says report
A report from a security company, has bought some striking revelations about the security of the websites that we browse daily. The report says that one in three of the top million websites was either vulnerable to be compromised or already hacked. Releasing the security report, Menlo Security revealed that the popular website Forbes.com was hacked in February 2015. The length of the hacking period remains unknown and it could have been days, weeks or months before Forbes actually removed the malicious code from the website.
The hacking of a top side like Forbes.com reveals the dark side of the online world where the security of millions of users and visitors is at the mercy of these attackers.
Menlo research report may shock you
Menlo Security scanned top one million sites at Alexa.com to arrive at this report. The check was to discover which sites were vulnerable and/or compromised. The Menlo research team scanned over 1.75 million URLs representing over 750,000 unique domains.
The facts revealed by the research report are not only shocking, but hard to believe at once, it mentions,
One in three of the top one million Alexa domains are “risky” – meaning that they’re either already compromised or running vulnerable software and therefore at risk of compromise by groups or individuals planning the next attack.
More than one in twenty sites, or six percent, were identified by 3rd-party domain classification services as serving malware, spam or are part of a botnet.
Over one-fifth (21%) of sites were running software with known vulnerabilities.
Of the 2.5 percent of sites that were “uncategorized,” a significant proportion (16%) were running vulnerable services.
Breaking the notion of the normal belief, the report mentions that it is wrong to think that websites based on subjects related to Hate and Intolerance, Violence or Child Abuse are only vulnerable. Trusted sites belonging to categories such as Transportation (20%), Health and Medicine (20%), Computers and Technology (18%) and Business (18%) are also subjected to compromise.
On the contrary, one of the major findings that surprises the most is the fact that the categories that are typically allowed by Web filtering policies, like Computers & Technology, Shopping and Personal sites represent the three top contributors to vulnerable sites by number. A truly shocking figure!
Sounding caution, Menlo said that the next major attack could have already been planned while we are busy finding the present ones. So until the security researchers find the next best solution, we advise our users to be aware and secure.
Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. He enjoys following and reporting Microsoft news and developments in the world of Personal Computing & Social Media.