Malicious web pages: What if hosting providers could actually do something…

The growth in use of Internet based systems over the past 20 years has seen a corresponding growth in criminal information technologies infrastructures. While previous “worm” based attacks would push themselves onto vulnerable systems, a common form of attack is now that of drive-by download. In contrast to email or worm-based malware propagation, such drive-by attacks are stealthy as they are ‘invisible’ to the user when doing general Web browsing. They also increase the potential victim base for attackers since they allow a way through the user's firewall as the user initiates the connection to the Web page from within their own network. This paper introduces some key terminology relating to drive-by downloads and assesses the state of the art in technologies which seek to prevent these attacks. This paper then suggests that a proactive approach to preventing compromise is required. The roles of different stakeholders are examined in terms of efficacy and legal implications, and it is concluded that Web hosting providers are best placed to deal with the problem, but that the system of liability exemption deriving from the E-Commerce Directive reduces the incentive for these actors to adopt appropriate security practices.