Poisoning the search engine well
- {{x.value}}
{{ twilioFailed ? 'SMS Code Failed to Send…' : 'Enter verification code' }}
{{ completedStep1 ? 'Authentication & Security' : content.trialHeading.replace('{0}', user.FirstName) }}
{{ content.upgradeHeading.replace('{0}', user.FirstName) }}
The email address you entered is registered with InvestSMART
Please login to continue
We have sent you an email with the details of your registration.
Looks you are already a member. Please enter your password to proceed
{{ upgradeCTAText }}
Updating information
Please wait ...
Your membership to InvestSMART Group recently failed to renew.
Please make sure your payment details are up to date to continue your membership.
Having trouble renewing?
Please contact Member Services on support@investsmart.com.au or 1300 880 160
You've recently updated your payment details.
It may take a few minutes to update your subscription details, during this time you will not be able to view locked content.
If you are still having trouble viewing content after 10 minutes, try logging out of your account and logging back in.
Still having trouble viewing content?
Please contact Member Services on support@investsmart.com.au or 1300 880 160
Please click on the ACTIVATE button to activate your Intelligent Investor 15-day free trial
Please click on the ACTIVATE button to finalise your membership
Unsuccessful registration
Registration for this event is available only to Eureka Report members. View our membership page for more information.
Registration for this event is available only to Intelligent Investor members. View our membership page for more information.
- You are already registered for this event.
- This event is already full.
- Please select a quantity for at least one ticket.
- {{ i }}
Forgotten password
Please enter your email address below to request a new password
- Verify your email address by clicking on the link we sent to {{user.Email}}
- You now have free access, we look forward to helping you on your financial journey.
Last year was the year of the malware network. These complex, shifting infrastructures last beyond any one attack and allow cybercriminals to rapidly adapt to new vulnerabilities and repeatedly launch new attacks on corporate networks. Malware networks, or “malnets”, go to where the action is – popular destinations such as search engines and social networking and with the malnet infrastructure already in place, cybercriminals can infect multiple users with minimal effort. Consider this – two-thirds of all cyber attacks in 2012 will be launched via malnets.
Businesses call it “search engine optimisation”, though cybercriminals utilising the same process call it “search engine poisoning”. In 2011, search engine poisoning (SEP) became the leading attack method for web-based threats. Considering that search engines/portals are now the most requested category of content on the internet, it is no surprise that SEP is now the leading entry point into malnets. Malnet operators, with a well-built infrastructure already in place, can conduct SEP attacks on a 24 hours a day, seven days a week basis. When you consider that millions of people search for information every day, an attack only needs to divert a small percentage of that traffic in order to be successful.
In SEP attacks, malnet operators make constant adjustments to the bait content they feed to search engines. They don't necessarily only focus on big news events, but rather spread their nets as wide as possible to achieve the best chance of infecting a user's network. SEP is often successful as users tend to be in “explore” mode when using search engines, and are thus more likely to click on links from unknown sources. Users are also mostly unaware of the threats that can come from search engine results – there is a certain level of trust involved when searching for information. It is this inherent user trust that cybercriminals exploit. To take advantage of search engines, cybercriminals only need to ensure that their sites rank high enough in the search results page by providing relevant keyword content. In doing so, they can exploit the very algorithms that search engines rely on to deliver meaningful results to users, to ensure that their malicious content is delivered as well.
However, despite conventional thinking, breaking news, celebrity news and big events tend to generate far less poisoned content than miscellaneous topical and subject searches. Potential victims tend to be shielded from SEP links due to the sheer volume of legitimate sites with actual content generated in the event of a big breaking story. This does not automatically mean that users are “safe” in this instance, as cybercriminals do try to exploit big news events, but their chance of clicking on a poisoned link is reduced at the least, due to the high concentration and availability of legitimate search options.
In 2011, topical bait included the earthquake and tsunami disaster in Japan, the royal wedding of Prince William and Kate Middleton and the deaths of Osama Bin Laden, Amy Winehouse and Steve Jobs. It is a tried-and-true tactic of cybercriminals to target death and drama, and 2012 events such as the London Olympics and the US presidential election are likely to serve as the wiggling worm on the hook in future.
Our Blue Coat Security Labs found that the demand for search engines/portals grew by more than 2% from 2010 to 2011, and this trend is likely to continue in 2012, creating a significant risk for businesses. User education can help reduce the risk – training users to conduct “Who Is” searches and how to spot a suspicious URL can assist in determining whether a website is genuine. However, while user education can help mitigate the risks, it is not enough, particularly since it isn't a scalable solution. It is vital that businesses supplement user education with a web security solution that is capable of analysing links in real time to determine whether they are being funnelled into a malnet.
Cybercriminals are always looking for new ways to exploit users and infect networks in order to gain access to critical user information and business data. They are quick to adapt to new trends and technologies and have vast existing networks and infrastructure with tentacles spanning the globe. Businesses need to be aware of cyber risks and malicious threats, and thus be able to implement appropriate web security measures to prevent potential poisoning in the future.
Bruce Bennie is the managing director Blue Coat Australia and New Zealand
Call 1300 880 160
Start a chat
Schedule a call
