Malicious code planted within compromised Wed pages has become the latest method for attackers targeting government organizations, according to research from security firm Zscaler, V3.co.uk reported April 21. The firm discovered many government-affiliated Web sites with code that directs users to attack servers.
Researchers noted previous attacks on systems in the United States, Austria, and Malaysia. Zscaler’s chief executive believes the attacks are the work of state-sponsored operations aimed at infecting government workers and other high-value targets. A Zscaler security researcher said organizations often leave a few of their less popular sites and portals poorly maintained and protected, leaving a back door open for attackers.