Malicious Code Begins at Home

If your agency has implemented a malicious code security policy based on restricting certain URLs, it's probably not going to work. At least that's the conclusion you could draw from a new study issued by Finjan, a San Jose, Calif.-based cybersecurity company.

In an analysis of Web traffic in the United Kingdom, Finjan found that 90 percent of Internet addresses containing embedded malicious code were located on servers located in the United States or United Kingdom -- not the wilds of Nigeria or Eastern Europe.

Also, malicious code “is just as likely to be accessed through legitimate Websites ... as through what might be considered disreputable Websites,” the study found. Most malicious code is embedded with advertisements on sites, the study says.