Microsoft: Malicious websites are the biggest threat to businesses

Time and time again, we have read reports of businesses getting hit with cyber attacks by hackers. Often, an employee at work surfs to a website that can then deliver a version of malware to a PC in the first step towards a full cyber attack.

Today, Microsoft released its 14th version of its Security Intelligence Report, where the company provides information on the state of Internet and PC threats based on examining "over one billion systems in more than 100 countries." One interesting part of this new report is while network worms are losing traction, the threat to enterprise users from malicious or compromised websites is now the top concern among security experts.

In a post on Microsoft's security blog, it notes that network worms such as Win32/Conficker used to be the major Internet and PC threat. However, the blog now says that JS/IframeRef was found in more PCs than Win32/Conficker in the second and fourth quarters of 2012. It adds:

IframeRef was detected almost 3.3 million times in 4Q12.  JS/IframeRef is a malicious piece of JavaScript code that is presented on infected or malicious websites.  The purpose of the script is to redirect your browser to other sites that attempt to download malware onto your computer, often by exploiting unpatched software vulnerabilities.

The blog adds that in the second half of 2012, seven of the top 10 PC security threats for enterprise customers are now delivered via Malicious websites. The blog advises businesses to do a number of things to make their network more secure, including keeping their software up to date with the latest versions, restricting the access to some websites for their employees and more.

Source: Microsoft | Image via Microsoft

Report a problem with article
Previous Story

Windows 8.1 build 9369 includes ReFS support

Next Story

Rumor: Next Xbox won't be 'always-on', will launch alongside 'Xbox TV'

5 Comments

cork1958 said,
Yeah,
And we know EVERYONE with a computer has had proper training!!

They are talking about the business here. Every employee should know the proper procedure when they receive suspicious links. And every company should have protection in case someone messes up.

Microsoft's innovation to instigate this is by integrating SmartScreen filter with Windows Explorer in Windows 8 while wrecking the user privacy. I'd sue them if I cld!

I would certainly agree with this. Many times, workers are unable to discern the difference between what is legitimate and what is not.
The common line; "but I didn't do anything, I was just browsing on ____ website!" with the naïve look on their faces always comes to mind

Commenting is disabled on this article.