Web-based threat will continue to grow unabated in 2010, with phishing up 585 per cent over the first six months of 2009 and more than 300 corporate brands becoming victims, according to the annual Blue Coat Web Security Report.

Since 2007 web-based threats have been the primary way of stealing confidential data or financial information and infecting computers for use in a botnet. In 2008, two-thirds of all known malware was created.

In just the first six months of 2009, new malware exceeded all malware detected in 2008, the report said.

Business has moved to the web as companies increasingly adopt external, web-based applications and employees bring consumer applications into the enterprise.

Malware is following the money and on the internet, it has found a fertile environment. There, successful attacks are ones that exist only for a few hours and disappear often before security defences can catch them.

Search engine poisoning, where cybercriminals exploit search engine algorithms to position hacked sites higher in the results, is an easy way to drive users to malware, particularly of the variety that offers fake anti-virus scanners or fake warez (any type of software but most commonly pirated software, games, music or other applications). Most recently, Blue Coat Labs detected attacks that utilised hacked blog pages to poison search results related to Halloween and this year's popular Christmas toy zhu zhu pets.

In 2010, the ease with which results can be tainted through blogs will encourage more attacks like this.

Search engines are the access point to the internet for almost all users, and the faith put in not just the relevance but also the safety of the results produced by leading search engines provides easy pickings for cybercriminals.

Attacks that feature multiple relays (from search results to one or more hacked blog pages to the malware deliverable) will become more prolific and complex to subvert detection.

The report said these types of attacks expect users to come from a specifically defined path and will not execute if the user does not follow that path. This "path-awareness" makes it very difficult for traditional anti-virus defenses to detect. Multi-link attacks will become more complex in 2010 as cybercriminals layer in additional relays to try and subvert detection.

While weak passwords and careless users have traditionally been a security risk, web-based threats exploit human behaviour on a whole new level by tapping into the trust model that is at the foundation of how people use the internet. In social network sites, such as Twitter and Facebook, users build online relationships with people they know and invite into their circle.

Cybercriminals disrupt the trust that is inherent in these relationships through stolen logins that prey on the unsuspecting users.

The combination of attacks that exploit the trust model and search engine poisoning that relies on users to click on the top search engine results without question will prove to be one of the biggest threats for enterprise security managers in 2010.

To effectively combat dynamic, web-based malware and attack methods, businesses will increasingly need a defence that can respond in real-time without updates.

That is impossible to do with only an on-premise or client defence.

Instead, cloud-based technologies will increasingly augment traditional defences so real-time inputs result in real-time outputs and protection for a large group of people versus a single person or business.

With attacks that exist for as little as two hours, security needs to move rapidly.

And, in 2010, the first place it is going is to the cloud, said the report.