A web threat is any threat that uses the

World Wide Web The World Wide Web (WWW), commonly known as the Web, is an information system enabling documents and other web resources to be accessed over the Internet. Documents and downloadable media are made available to the network through web ...

to facilitate

cybercrime A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing th ...

. Web threats use multiple types of malware and fraud, all of which utilize HTTP or HTTPS protocols, but may also employ other protocols and components, such as links in email or IM, or malware attachments or on servers that access the Web. They benefit cybercriminals by stealing information for subsequent sale and help absorb infected PCs into

botnets A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its conn ...

. Web threats pose a broad range of risks, including financial damages,

identity theft Identity theft occurs when someone uses another person's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term ''identity theft'' was c ...

loss Loss may refer to: Arts, entertainment, and media Music * ''Loss'' (Bass Communion album) (2006) * ''Loss'' (Mull Historical Society album) (2001) *"Loss", a song by God Is an Astronaut from their self-titled album (2008) * Losses "(Lil Tjay son ...

of confidential information/data, theft of network resources, damaged brand/personal reputation, and erosion of consumer confidence in

e-commerce E-commerce (electronic commerce) is the activity of electronically buying or selling of products on online services or over the Internet. E-commerce draws on technologies such as mobile commerce, electronic funds transfer, supply chain managem ...

and

online banking Online banking, also known as internet banking, web banking or home banking, is an electronic payment system that enables customers of a bank or other financial institution to conduct a range of financial transactions through the financial ins ...

. It is a type of

threat A threat is a communication of intent to inflict harm or loss on another person. Intimidation is a tactic used between conflicting parties to make the other timid or psychologically insecure for coercion or control. The act of intimidation for co ...

related to information technology (IT). The

IT risk Information technology risk, IT risk, IT-related risk, or cyber risk is any risk related to information technology. While information has long been appreciated as a valuable and important asset, the rise of the knowledge economy and the Digital Re ...

, i.e. risk affecting has gained and increasing impact on society due to the spread of IT processes.

Reaching path

Web threats can be divided into two primary categories, based on delivery method – push and pull. Push-based threats use spam,

phishing Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious softwa ...

, or other fraudulent means to lure a user to a malicious (often spoofed) website which then collects information and/or injects malware. Push attacks use phishing, DNS poisoning (or

pharming Pharming is a cyberattack intended to redirect a website's traffic to another, fake site by installing a malicious program on the computer. Pharming can be conducted either by changing the hosts file on a victim's computer or by exploitation of a ...

), and other means to appear to originate from a trusted source. Precisely-targeted push-based web threats are often referred to as spear phishing to reflect the focus of their data gathering attack. Spear phishing typically targets specific individuals and groups for financial gain. In other push-based web threats, malware authors use social engineering such as enticing subject lines that reference holidays, popular personalities, sports, pornography, world events and other hot topics to persuade recipients to open the email and follow links to malicious websites or open attachments with malware that accesses the Web. Pull-based web threats are often referred to as “

drive-by A drive-by shooting is a type of assault that usually involves the perpetrator(s) firing a weapon from within a motor vehicle and then fleeing. Drive-by shootings allow the perpetrator(s) to quickly strike their target and flee the scene before ...

” threats by experts (and more commonly as “drive-by downloads” by journalists and the general public), since they can affect any website visitor. Cybercriminals infect legitimate websites, which unknowingly transmit malware to visitors or alter search results to take users to malicious websites. Upon loading the page, the user's browser passively runs a malware downloader in a hidden HTML frame (IFRAME) without any user interaction.

Growth of web threats

Giorgio Maone wrote in 2008 that "if today’s malware runs mostly runs on Windows because it’s the commonest executable platform, tomorrow’s will likely run on the Web, for the very same reason. Because, like it or not, the Web is already a huge executable platform, and we should start thinking of it this way, from a security perspective." The growth of web threats is a result of the popularity of the Web – a relatively unprotected, widely and consistently used medium that is crucial to business productivity, online banking, and e-commerce as well as the everyday lives of people worldwide. The appeal of Web 2.0 applications and websites increases the vulnerability of the Web. Most Web 2.0 applications make use of AJAX, a group of web development programming tools used for creating interactive

web applications A web application (or web app) is application software that is accessed using a web browser. Web applications are delivered on the World Wide Web to users with an active network connection. History In earlier computing models like client-serve ...

or rich Internet applications. While users benefit from greater interactivity and more dynamic websites, they are also exposed to the greater security risks inherent in browser client processing.

Examples

In September 2008, malicious hackers broke into several sections of BusinessWeek.com to redirect visitors to malware-hosting websites. Hundreds of pages were compromised with malicious JavaScript pointing to third-party servers. In August 2008, popular social networking sites were hit by a worm using social engineering techniques to get users to install a piece of malware. The worm installs comments on the sites with links to a fake site. If users follow the link, they are told they need to update their Flash Player. The installer then installs malware rather than the Flash Player. The malware then downloads a rogue anti-spyware application, AntiSpy Spider. by humanitarian, government and news sites in the UK, Israel and Asia. In this attack the compromised websites led, through a variety of redirects, to the download of a Trojan. In September 2017, visitors to TV network Showtime's website found that the website included

Coinhive Monero (; Abbreviation: XMR) is a decentralized cryptocurrency. It uses a public distributed ledger with privacy-enhancing technologies that obfuscate transactions to achieve anonymity and fungibility. Observers cannot decipher addresses tra ...

code that automatically began mining for

Monero Monero (; Abbreviation: XMR) is a decentralized cryptocurrency. It uses a public distributed ledger with privacy-enhancing technologies that obfuscate transactions to achieve anonymity and fungibility. Observers cannot decipher addresses t ...

cryptocurrency without user consent. The adoption of online services has brought about changes in online services operations following the advancement of mobile communication techniques and the collaboration with service providers as a result, the online service technology has become more conductive to individuals. One of the most recent mobile technological wonders The

software was throttled to use only twenty percent of a visiting computer's CPU to avoid detection. Shortly after this discovery was publicized on social media, the

code was removed. Showtime declined to comment for multiple news articles. It's unknown if Showtime inserted this code into its website intentionally or if the addition of cryptomining code was the result of a website compromise.

offers code for websites that requires user consent prior to execution, but less than 2 percent of

implementations use this code. German researchers have defined cryptojacking as websites executing cryptomining on visiting users' computers without prior consent.Musch, M., Wressnegger, C., Johns, M., & Rieck, K. (2018). Web-based Cryptojacking in the Wild. ''arXiv preprint arXiv:1808.09474''. With 1 out of every five hundred websites hosting a cryptomining script, cryptojacking is a persistent web threat.

Prevention and detection

Conventional approaches have failed to fully protect consumers and businesses from web threats. The most viable approach is to implement multi-layered protection—protection in the cloud, at the Internet gateway, across network servers and on the client.

References

{{Malware Internet security Web security exploits Cybercrime Cyberwarfare

Reaching path

Growth of web threats

Examples

Prevention and detection

See also

References