An increase in top level domain names will overwhelm web security filtering products.

 

Ed Rowley, EMEA technical consultant at Marshal8e6, has claimed that companies need to view the opening up of top level domain names as the death knell for traditional email and web filtering products that rely on reputation blacklists of “bad” domain names.

 

Echoing claims made in the Financial Times by Paul Mockapetris, inventor of the internet's domain name system, where he suggested that current email filtering undertaken by internet service providers can be extended by using reputation data to protect against malware in other network traffic, Rowley claimed that an increase in new top level domain names will overwhelm web security filtering products that rely solely on blacklisting ‘bad' sites.

 

Rowley said: “The combination of web and email communication streams being employed for blended attacks and the flood of new top level domain names, highlights the need for a layered approach to security, using products that can filter and analyse the behaviour of both email and webmail in real time.

 

“This ‘Secure Web Gateway' approach will protect businesses from inadvertently compromising network security by accessing freshly poisoned web sites.”

 

Rowley claimed that over the last 12 months, the Marshall8e6 TRACE labs team had identified trends that suggest more than 1.5 million legitimate websites have been compromised by hackers and spammers. Once compromised, cybercriminals use a number of techniques, such as search engine optimisation or ‘blended threat' email attacks, to drive unsuspecting users to these websites.

 

“Indeed research conducted using our spam honeypots has shown an alarming increase in spambots sending out messages with links to hacked sites that appear to be bone fide”, said Rowley.