Search Engine Poisoning (SEP) Fails to ‘Meddle’ with Olympic Search Queries
Research by Blue Coat Systems during Olympic season confirms that internet users are at a far greater risk from SEP when searching for day-to-day topics
September 11, 2012 5:44 by Colin_Saldanha
DUBAI, United Arab Emirates, September 11, 2012 – Following previous research into Search Engine Poisoning attacks, Blue Coat Systems, the market leader in Web security and WAN optimization solutions, today released its findings on this type of attack during the 2012 Olympic Games. The research has shown that of the 28,227 successful SEP attacks, which took place during the 26 days leading up to the Olympics and the first 13 days of the Olympics, only 52 involved search terms that were related to the Olympics. This relatively low figure of just 0.18% is in line with Blue Coat’s earlier research that showed Internet users are less vulnerable to Search Engine Poisoning attacks when searching for information about major news events.
“Search Engine Poisoning has become the preferred attack vector by cyber criminals. Over 40 percent of the time, users unwittingly find malware through poisoned search engine results. This is in stark comparison to email which is still considered to be a prime cause of malware. Our research has found that email is responsible for only 11.6 percent of malware infections,” said Dave Ewart, Director of Product Marketing EMEA at Blue Coat Systems.
Analyzing the data collected during the Olympic period, Dave Ewart said, “Although there was a lot of searching for Olympics-related content during July and August, the vast majority of those searches ended with clicks to legitimate news and blog sites. While there were reports of Olympics-related malware and scams, e-mail spam and social networking (Facebook and Twitter) were the attack vectors – not search engine poisoning.”
Contrary to industry myth that ‘big events’ drive these types of attacks, this research from Blue Coat confirms that big events do not make for successful Search Engine Poisoning attacks.
The reason for this is the nature in which Internet users utilize search engines. A 2011 study of 8 million clicks by the online advertising network, Chitika showed that ninety-four percent of users clicked a first page result. For major world events, the first page is most likely to carry links from legitimate sites that are known and trusted by search engines. This makes it far too difficult to get poisoned search engine results high enough in the search page rankings for users to click – the mark of a successful SEP attack.
“Internet users are far more susceptible to SEP attacks when conducting searches on everyday topics such as recipes or sample letters. Thanks to the fact that email malware has been around for a while now, users are sufficiently well informed and cautious about this. Unfortunately, not enough has been said about Search Engine Poisoning which is why it has been so successful. The sooner users begin to understand that they cannot blindly trust their search engine to protect them from malicious content, the better protected they will be,” concluded Ewart.
About Blue Coat Systems
Blue Coat Systems provides Web security and WAN optimization solutions to 85 percent of FORTUNE Global 500 companies. As the market share leader in the secure web gateway market, Blue Coat sets the standard for enterprise security. Its solutions provide the visibility, protection and control required to optimize and secure the flow of information to any user, on any network, anywhere. For additional information, please visit www.bluecoat.com.
Blue Coat, ProxySG, WebPulse and the Blue Coat logo are registered trademarks or trademarks of Blue Coat Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document are the property of their respective owners.
For more information, please contact:
Manal Abi Rafeh
Blue Coat Systems ME
Telephone: +971 4 3911620
Fax: +971 4 3911635
Email: manal.abirafeh@Blue Coat.com
Dubai – UAE
GSM: +971 (50) 6400762
Email: [email protected]