More Malicious Sites Threaten Your Organization’s Cyber Security
Having Internet access is a must for most employees. They need it for various productivity tasks. What was once a “nice to have” is not necessary for job function, and IT administrators are forced to provide Internet access even if it’s limited to certain parts of the web. The difficult part is providing open Internet access while still protecting the network from malicious attacks and malware.
Traditionally, these sites were used for the tech support scam – users had an alert that they had a virus on their computer, and a popup showed a number where tech support could supposedly be found. Users were encouraged to call the contact number where they would be tricked into installing Team Viewer. The scammer then locks the computer until several hundreds of dollars are paid by the victim. In some cases, the scammer would just hang up the phone after being paid money. It’s a common scam on the Internet, but the difficult part for the scammer is to convince the user to install Team Viewer and lock the computer.
Cyber security analysts have noted that the attack is targeted for specific users, and it even disables if the same IP refreshes the page or revisits it. Many malicious attacks are disorganized, but security analysts have noted that this one seems to be coordinated heavily and it helps trick more users and infect more machines.
For IT administrators, protecting the corporate network from these types of attacks is difficult due to the infection being trusted websites. Ars Technica security experts couldn’t identify the number of websites infected, but reports on Twitter discuss the recent attack mainly from SquareSpace sites infected with malware.
Education is key to defend against these types of attacks. Users should never download JS files from a random website. This is most certainly malicious in most cases, and users should know never download a JS file for a rogue update. JS files have also been the source for cryptojacking attacks that steal computer resources and cost companies thousands in extra utilities fees.
While JS continues to be a common language in website code, it will be used for malicious attacks as well. Educate users on the risks of JS files, and use filtering that stops downloads from happening on your corporate network.
See GateKeeper Enterprise in action
Take a self-guided tour of GateKeeper Enterprise. Proximity-based centralized access control for secure identity and access management.