About Thawte

News

Report reveals website security gaps

The threat ecosystem frequently evolves as cybercriminals adjust their tactics to counteract the latest security innovations. However, the misconception that malware is most likely found on websites hosting illegal activity may have created a false sense of security for many users. In Cisco's 2013 Annual Security Report, researchers noted that legitimate websites were also a common risk. The threat was prevalent enough that online shopping websites were 27 times more likely to host malware than sites for counterfeit software. Analysts stressed that site owners were not intending their properties to be malicious and instead were acting as unwilling hosts to cybercriminal tactics.

“Web malware encounters occur everywhere people visit on the internet - including the most legitimate of websites that they visit frequently, even for business purposes," said Mary Landesman, senior security researcher with Cisco. "Indeed, business and industry sites are one of the top three categories visited when a malware encounter occurred."

The proliferation of personal devices in the workplace put businesses at significant risk. Large organizations with 25,000 or more employees were 2.5 times more likely to experience a malware infection. Cisco researchers emphasized the importance of adopting strong policies and practices in order to secure intellectual property. For businesses using their websites to collect customer data, it is also important to install SSL certificates on web servers to prevent that information from being compromised.

Cisco's researchers also made note of the shortcomings of outdated hardware and software. Using distributed-denial-of-service attacks as an example, they said older deployments are not able to adequately guard against the traffic generated by new DDoS threats. Companies often adopt cloud-based DDoS mitigation solutions for their scalability, while others prefer to have the rapid response time of on-premise solutions. Cisco said the most successful approaches tend to use a hybrid strategy.

The rise of multi-vector attacks
Particularly as cybercriminals utilize a mixture of application-layer and network-based attacks, businesses must take stock of their existing solutions and fill in the gaps accordingly. A survey from Arbor Networks revealed an increase in multi-vector attacks, which were reported by 46 percent of respondents. In addition, companies working with cloud providers will want to ensure the third party's IT environment is well guarded, as 94 percent of data center operators said they had been victimized.

Mobile may also contribute to the growing sophistication of DDoS attacks. The majority (63 percent) of businesses allow personal devices to connect to their network. Arbor's analysts warned that the large number of smartphones and tablets, combined with their capabilities, may make them targets for botnets in the future.

Improve the safeguards protecting your website by getting your SSL certificate today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +27 21 819 2200
Fax: +27 21 819 2950

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates, SGC SuperCerts and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?