Huh? That was probably your reaction when you read the title. What do the H1N1 virus, called swine flu, and Michael Jackson have to do with network security? I’m glad you asked. One of the methods increasingly used by cyber criminals to infect, hi-jack and ransom user’s data are malicious websites promoted via search rankings based on popular news items.
Here’s how it works. A person wants to know more about swine flu, so they type the term in Google and various websites appear in Google’s search results. You click on a website, but it doesn’t have anything to do with swine flu so you leave the website. Bam! You’ve been infected by a “drive-by download.”
Drive-by downloads describe the installation of spyware, a computer virus or any kind of malware that happens without knowledge of the user. Drive-by downloads happen by visiting a website, viewing an e-mail message or by clicking on a deceptive popup window.
In 2008 Symantec reported that there were 18 million drive-by download attempts. In the first half of 2009 there were already 17.5 million attempts. This threat appears to be increasing. One of the more nefarious schemes is malware is downloaded, in a drive-by, which encrypts the user’s data on their computer. The criminal then sends a ransom notice, stating the key to unlock the data will be released if the victim makes a payment.
What can you do to protect yourself? Maintain and keep up-to-date all facets of your security and risk prevention systems. As cyber criminals become craftier in their methods, our security needs to be one step ahead.