Half of the world’s most popular sites are 'at-risk'

A user browsing the internet comes across a security alert

Almost half of the world's most popular websites have been declared 'risky' by new research, but the UK is among the least dangerous places in which to surf the web.

An analysis of the Alexa Top 100,000 websites for the first half of 2018 showed 42% were considering risky to web users, according to criteria outlined in Menlo Security's mid-year State of the Web report published this month.

Websites were deemed at risk if they were built on, or routinely connected to, sites that used vulnerable server software, if the site had been exploited to distribute malware or launch attacks in the past, or if the site had suffered a security breach in the previous 12 months.

But the UK is among the safest countries, of six nations analysed in greater detail, in terms of the various factors associated with risky web browsing, including the number of executable scripts and the amount of code downloaded.

"People in different countries prefer different websites, and the risks associated with using the most popular sites in those countries varies accordingly," the report said.

The researchers examined the top 50 websites in each country, analysing how much code was fetched and executed by the sites, as well as the type of code, its origin, and how many sites used vulnerable server software.

The UK had the second joint-lowest average number of scripts executed per website, 41, as well as the single website with the highest number of scripts executed from background domains, 156. Such scripts enhance the browsing experience, but can also be hijacked by malicious actors to launch attacks, the report said.

Meanwhile, the UK ranked third for the average amount of code downloaded from websites, 1.55MB - versus the first-placed US which downloads 1.83MB of code. Only 52% of websites in the UK downloaded more than 1MB of code onto a user's device, second-lowest of all, while 64% of sites in Australia downloaded more than a megabyte.

"The web remains a dangerous place for users to work and play," the Menlo Security concluded.

"Strong precautions are needed to ensure that users, their devices, and the networks, apps, and clouds used by organizations aren't infected and infiltrated by attackers."

Vulnerable web software was pinpointed as a particular weakness, with many of the world's most popular sites running on back-end servers that are outdated, including some that haven't been updated in years. Such websites, the report said, are extremely vulnerable to malware, and expose visitors to infections, or breaches, at a higher rate.

Menlo Security's analysis showed 7.6% of web domains that delivered malware, or were tied with phishing operations, are being hosted on vulnerable servers - including sites running on outdated versions of Apache, nginx, Microsoft IIS, and Drupal, among others. The oldest software being used among the top 50 websites in the US, for instance, was PHP version 5.2.3 - released more than a decade ago, in 2007.

"Active content downloads and scripts running in the background will continue to be essential to providing a great, dynamic web experience, but there is no excuse for popular websites to use vulnerable server software," the report continued. "Doing so creates a clear and present danger to the sites' visitors and to the websites to which it serves background content."

Keumars Afifi-Sabet
Contributor

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.