According to a fresh set of Best Practices published by StopBadware, a nonprofit organization which deals in combating faulty software on the internet, the range of malware can be restricted by web host providers if they immediately respond to reports of compromised sites, inform their clients, mitigate and solve the issue.
The document, which has been made by security researchers and major web hosting companies collaboratively, is inclined towards setting prospects to assist in the reduction of the malware plague.
The executive director of StopBadware, Maxim Weinstein said to the SCMagazineUS.com on Wednesday that cyber criminals create malevolent websites on a regular basis and also compromise legitimate websites to host abuses.
Weinstein also said that the researchers frequently send reports to hosting providers when they notice, but the industry lacks the unanimity to respond to such notifications.
Hosting providers deal with this problem in different ways; on one hand some providers do not consider malware on their clients’ site as their crisis, taking weeks to pass on the infection reports, while on the other hand some hosting providers are quick in noticing their client’s malware issues and help them in getting rid of malicious content.
The document by StopBadware says that web hosting providers should recognize the infection reports within one working day. However, they should assess if they have control over the malicious URL in the report and find out if the infection can be lessened immediately in two working days’ time.
Also it is recommended that they examine the report and instantly give notice to the owner of the site (or downstream providers) regarding tips to solve the problem.
On Wednesday, the IT security operations manager at Go Daddy, one of the world’s topmost web hosting supplier, Scott Gerlach said to SCMagazineUS.com that his company offers investigation of malware and services of remediation to their clients free of cost. He also added that most of the hosting providers lack the resources of investigation and removal of malware from their client’s websites.
Gerlach said, “Go Daddy has a staff of 25 security people working on this all the time. Not a whole lot of firms have a staff that large.”
According to StopBadware, the concern of having an unpolluted website is shared by website owners but it is needed the duty of hosting firms to block affected content, eliminate malware and fix any fundamental susceptibilities.
Weinstein said, “If the malware occurs because the web hosting provider didn’t adequately patch the server, they should probably help with addressing it. If it happened because a customer left a vulnerability in an app they installed and the customer is in a good position to simply delete the malware file, patch the software and move on, it might not be as critical that the hosting provider help out.”
Nevertheless, it is important that providers keep a constant check on the site that was subject to infections and hence communication with them is vital according to the document.
Weinstein says, “The more security researchers and hosting providers are talking and working together and acknowledging each other’s presence and ensuring the lines of communication are open, the more quickly and effectively the whole ecosystem can respond to malware.”
Weinstein says in conclusion, it should be the responsibility of hosting firms to regularly analyze abuse reports in order to identify trends and patterns. A number of infected websites of clients in the same period signify a deeper trend.
Gerlach told, “Attackers are using web hosters to spread malware, so it is the responsibility of web hosts to try to mitigate that activity.”