Attackers are no longer targeting Web and email servers. Today, they are attacking enterprises from the inside out, by first compromising end-user systems and then leveraging them to gain access to confidential data. As such, it is imperative that organizations have an understanding of what is happening on the Web. As a cloud-based security vendor, Zscaler has a unique perspective on Web traffic. With millions of end users traversing the Web through Zscaler’s global network of Web gateways, they are able to understand both how users are interacting with Web-based resources and how attackers may be targeting end users. This slideshow highlights finding from their “State of the Web” research report.
Click through for highlights from Zscaler's "State of the Web – Q1 2011" research report.
More than 25 percent of corporate users are running old, insecure versions of popular browser plug-ins — such as Java, QuickTime, and Adobe Reader — creating an easy target for attackers.
Even in corporate environments, Facebook accounts for most Web 2.0 application usage at 52.4 percent (up from 47.6 percent in Q4 2010).
When considering where malicious content originates from as a percentage of overall content, both the U.S. and China have about 2x more malicious traffic than would be expected based on overall traffic volume.
America hosts the majority of botnet Command and Control (C&C) servers at 42.5 percent (up from 38.2 percent in Q4 2010); Germany takes second place at 32.8 percent (up from 6.5 percent in Q4 2010).
Non-browser Internet traffic stemming from third-party applications continues to rise, accounting for nearly a quarter of all Web traffic.
The outdated and insecure browser continues to wane, at only 8.4 percent of all browser traffic (down from 11.4 percent in December, 2010); however, it’s still the third most prevalent browser used, behind IE 7 (27.0 percent) and IE 8 (25.0 percent).
Seven in ten enterprises block at least some Web content based on category, with social networking being the most common category blocked. However, enterprises are still struggling to define policies on how social networking can be used in the workplace. A vast majority have no policy in place, and those that do choose to block all access to social networking sites.
More than half of threats identified by Zscaler AV were delivered by Web content (HTML, Javascript) as opposed to standalone binary executable files, highlighting the changing threat landscape. And 31.8 percent of viruses identified are those that attempt to load or redirect the user to malicious content, often on legitimate websites.