In a report about ongoing cyber-attacks on US critical infrastructure from the FBI and Homeland security secured by the New York Times, investigators reveal that in an effort to snag critical infrastructure operators, hackers would compromise legitimate websites that they knew their victims visited. Chris Olson, CEO at The Media Trust commented below.

Chris Olson, CEO at The Media Trust:

Domain Phishing“The ability to hijack legitimate websites to execute individually-targeted malware attacks is easier than most IT/security professionals realize. The process to deliver customized, browser-rendered content–use of behavior profiles to recommend user-specific content–is the same one leveraged by bad actors to target their campaigns. Traditional security tools–blacklists, whitelists, generic threat intelligence, AVs, web filters and firewalls–are proving inadequate defenses against today’s dynamic websites, including government websites.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.