There are no fail safes anymore.
Links are not what they appear to be.
Parked domain are not parked domains anymore. The sites you visited today might be unloading Ransomware on you tomorrow.
Drive by attacks, angler exploits, hijacked Wordpress sites. What is the equivalent of protection in this online world of DTD (Digital Transmitted Diseases) galore?
Well that’s not gonna happen.
It is very different situation if we are talking about a home user or a corporate user.
There is money to be made in both cases. As detailed in this report from Kaspersky the biggest share of the pie is home users.
However, in corporate environments the spread of Ransomware is more likely to go from one users to thousands affecting endpoints, network shares and backups.
As someone looking at web traffic on a daily basis, it is astonishing to see how many blogs will try to connect you to botnet servers, though infected JPEGs and other means such as redirection to parked domains.
Therefore reputation based systems are half baked solutions.
However, there are numerous products out there that will promote and sell you such systems only on the merit of providing logging for compliance purposes such us 270001 or PCI-DSS, Sarbanes/Oxley.
Speaking to colleagues at various Security conferences, you will be surprised how many companies opt for such systems to comply with regulatory standards without real protection or visibility.
Every time I hear about a company or institution getting hit with ransomware, I am not surprised anymore.
There is too much politics within companies and key decisions take too long or get stuck in the cog wheels of bureaucracy.
Hackers follow their 9–5 of attacking IP ranges and management still believes that they are too insignificant to be a target.