How do cyber-criminals use trust as a weapon?

15 Feb 2018439 Views

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Many cyberattacks are well disguised. Image: Romolo Tavani/Shutterstock

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

For cybercrime to succeed, attackers need to convince users to trust them.

With the average person acquiring more sophisticated knowledge of the internet on a daily basis, it naturally follows that cyber-criminals are creating more advanced ways of carrying out attacks, particularly malware and ransomware.

Menlo Security, based in Palo Alto, California, released a report exploring how bad actors are using traditional measures of trust online to hoodwink unsuspecting web users. It’s referred to as trust-hacking.

CEO of Menlo Security, Kowsik Guruswamy, explained to Siliconrepublic.com: “Trust-hacking is a real and credible threat for any internet user. In Menlo Security’s 2018 State of the Web report, we talk about ‘background radiation’.

“Every visit to a website has one’s browser connect to an average of 25 other background sites for ads, CDNs [content delivery networks], videos etc. This is one of the primary avenues for malware and ransomware infections on the web. The legacy web security solutions, unfortunately, simply don’t have any conclusive defences against these attacks.”

What makes a website risky?

Menlo researchers analysed the top 100,000 domains as ranked by Alexa to understand the risks we are taking when using the world’s most popular websites. They found that cyber-criminals are taking advantage of long-held concepts of trust, including site reputation or site category, to evade detection.

The Menlo Security team found that 42pc of Alexa’s top-ranking sites were risky. To measure the risk, the site had to meet one of these three criteria:

  • Either the homepage or associated background sites are running vulnerable software
  • It is ‘known bad’, meaning it has been used to distribute malware or launch attacks
  • It has suffered a security breach in the past 12 months

Phishing sites are increasingly using legitimate hosting services to appear real. 4,600 sites were found to use hosting services to fly under the radar.

According to Menlo Security findings, the most risky site category was Business and Economy, with more phishing sites hosted under this label than any other. More sites were found to run vulnerable software in this section and more ‘known bad’ sites were found there than the Gambling website category. In the last year, these websites experienced the most security incidents.

To find out more about trust-hacking, check out this useful infographic.

infographiv

Click to enlarge. Infographic: Menlo Security

Ellen Tannam is a writer covering all manner of business and tech subjects

editorial@siliconrepublic.com