We know it can be incredibly frustrating when you can’t access a website that you need. That happened for a number of a number of our clients last week, (and, counter-intuitively, it’s a good thing)
Many websites are built on common components. One of those is called “Polyfill” (pollyfill.io) and it is reportedly present in approximately 3,4% of all websites. Over recent days, our systems automatically blocked access to any site built with this.
They were highly effective at protecting our customers from a major malware risk.
It might have been frustrating, but it was a great example of the cyber-security protection within Kinetics KARE Foundation working to keep people safe.
So what is Polyfill?
Polyfill.io is an opensource javascript library. It has enough market share to be interesting for bad-actors.. In February this year it was sold to a new owner. A number of security vendors became concerned that these new owners may not have good intentions and began monitoring the libraries2. Recently, those concerns were made true when SanSec, a Dutch cyber security vendor, found malicious code being injected into websites by polyfill libraries3.
Soon after, Kinetics security services began seeing higher rates of blocked sites and we have since confirmed this is in response to those sites being vulnerable to this new widespread attack.
Using the right tools is essential to defend ourselves in our modern threat environment, the situation and landscape can change quickly, our tools must be able to adapt just as fast.