Web 2.0 blows a hole in business

The explosion in Web 2.0 applications - social networking, blogs, wikis, Second Life sites, and so on - has made them a key target for cyber criminals...

The explosion in Web 2.0 applications - social networking, blogs, wikis, Second Life sites, and so on - has made them a key target for cyber criminals, writes Matt Atkinson, a technical consultant at ScanSafe.

That makes Web 2.0 a serious issue for businesses. A recent Forrester survey of Web 2.0 found that 20% of employees at firms with 500 to 999 staff were blog users. According to a December 2007 survey by Computerweekly.com, staff are thought to spend an average of 50 minutes a day on social networking sites. And Second Life residents logged 24 million usage hours in September 2007, according to an October Reuters report.

Double boom

The popularity of Web 2.0 applications for business and consumer use coincides with a boom in web-based malware.

According to ScanSafe's 2007 Annual Global Threat Report, web malware increased by 61% in the second half of 2007. Zero-day threats - malware for which there is no known patch or signature - accounted for 21% of all threats blocked, while compromised sites remain infected longer (an average of 61 days In the second half of 2007).

Web 2.0 sites contain numerous types of malware, such as Trojan-laced banner ads on MySpace, Photobucket and others.

Web 2.0 sites like MySpace pose a unique challenge. Users are more likely to allow ActiveX controls or Javascript from a site they visit frequently or one with a well-known brand name, and to accept invitations or interaction from known users on Web 2.0 sites. If the site has been compromised, this blanket trust makes it ripe for social engineering attacks.


So what does this mean in practical terms for those charged with securing web use?

It means businesses should examine existing protection from web-based threats and look for solutions that scan http requests in real-time rather than relying on traditional URL filtering.

Originally designed to boost employee productivity and enforce web usage policies, URL filtering relies on visiting each URL or crawling the web to inventory bad sites.

Netcraft estimates there are more than 150 million active websites, each of which has many pages. Add to this the vast number of Web 2.0 sites powered by third-party and user-contributed content and it doesn't take long to realise that crawling can't keep pace in the Web 2.0 world.

If you've been relying on URL filtering as your web defence, it's high time to re-evaluate your approach.

Matt Atkinson is a technical consultant at ScanSafe

Read more on IT risk management