2013-01-21 16:38:23 - Recent news that Cheltenham Borough Council is recovering from a major malware attack that caused large-scale disruption to its services may just be one example of a problem that has the potential to disrupt websites and all they deliver.
Council services affected by this incident allegedly included online Council Tax payments and the recent Police and Crime Commissioner elections.
According to the local press, the problem was first detected as early as 31 October but it took the Council a week to realise the extent of the infection, when staff decided to undertake a complete scan of systems.
The resulting IT disruption reportedly caused the Council's online Council Tax system to become unavailable for three days and caused a communication glitch that delayed counting of ballots cast by citizens in the outlying town of Stroud during the Police and Crime Commissioner elections.Staff were also unable to access email and internal systems for three days.
The malware that caused the issue has not
been identified and the full story may never be made public. Details of malware infections in the UK public sector are rarely publicised and local authorities are under no obligation to report incidents they deem have no data protection implications.
Malware is a growing problem for large organisations, however and the new Web Manager's Toolkit from Sitemorse enables users with responsibility for managing sites to be confident that any such problems will be quickly found.
"Phishing" - attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity - and "malware" - malicious software including viruses, trojans and 'worms' - are becoming much more prevalent on the web.
When you embed code to third party websites in your pages (for example, links via advertising banners), you are relying on the third party being responsible for their own security. Suppose the target site that the banner link takes you to were to be replaced with a link to a malicious piece of software, seemingly carrying your seal of approval?
Not all website owners have the time and resources to moderate user comments to blog articles or in community areas. Should a link to malware or a phishing website creep in, the Web Manager's Toolkit can alert you to the problem.
For links suspected of being phishing and malware we provide the key information you need - including the line in the code that each link appeared and a link to Snapshot to view the page as it was when we tested it.
As we scan your site, we run each and every off-site link against the Google Safe Browsing database. This list is used by Firefox and Google Chrome to protect millions of users every day from suspected phishing and malware pages. Our own cache is continually updated from Google so that it always contains the very latest known phishing and malware sites.
To detect links to staging servers we compare each off-site link with those on a list of known staging and development servers; this list is also kept up-to-date and personalised.