Apparently Sophos has discovered that 29% of all web pages host some sort of malware. I’m not sure if I am surprised by that or not. It’s almost like the Internet has become a virtual slum with over 80% of email classed as spam and 30% of websites trying to infect your PC with something.
Something else interesting in the article linked above is that they claim that Microsoft ISS and Apache web servers are equally vulnerable to cracking. They appear to say that half the attacks were to Apache and half were to IIS therefore they are equally targeted. That doesn’t make any sense because Apache installations outnumber IIS by 2 to 1 at last count IIS was 28% and Apache over 60%, so if the attacks were 50/50% then logically that means that IIS was significantly more vulnerable despite being much less popular. Still, it’s interesting reading right?
UPDATE: We’ve received a comment from Graham Cluley of Sophos and he was nice enough to direct us to the original report and explain that the story carried by Tgdaily and other sites is not entirely correct. The 1 million sites Sophos looked at for this report were sites that were blocked as being unfriendly in some way. In other words, the 1 million sites surveyed were already marked as seriously questionable and are therefore not in any way an even cross section of the normal web.
The end result is that the figures mean nothing to the web overall, other than that malware is a growing problem. Thankyou for letting us know Graham.
July 26th, 2007 at 11:30 pm
I think there’s an unfortunate misunderstanding in this news report. The Sophos threat report looked at a million webpages that were *blocked*, and found that 28.8% were blocked because they had malware on them (as opposed to porn and other unwanted stuff).
So that *doesn’t* mean that 28.8% of *all* webpages have malware on them. The figure for the percentage of all webpages on the internet that have malware on them would be much less than 1%.
You can read more about this and Sophos’s threat report at http://www.sophos.com/securityreport
I hope this helps
Cheers
Graham
July 27th, 2007 at 4:13 am
Thanks Graham for correcting the story for us. That makes me feel a little better. I am curious what percentage of web pages are just “advertising” pages that don’t contain original content.
Don
HTMLFIXIT.COM
April 4th, 2020 at 4:08 am
Learning a lot in your site, thank you for sharing informative ideas.
https://medicinehatdentists.ca