Web 2.0: The security weakest link

James Riley
Wednesday, 15 July 2009 11:11

Business IT - Security

Social networking services might provide a great way to expose election fraud, but they also give online fraudsters the easiest path to your wallet, according to Cisco’s Midyear Security Report.

Online security problems globally will grow worse in the immediate future as unemployment rises and job markets around the world tighten. In a commentary about idle hands, the Cisco report maintains a laid-off worker with IT skills is a potentially dangerous character.

Prepared by Cisco’s IronPort security unit, the Midyear Security Report says that with a technology-led recovery on the horizon – and through the Obama administration’s linking of technology with stimulus projects – online security is going to be an increasingly mainstream issue.

The profile is not dissimilar to that of the Australian market, where the move over the next five to eight years to a 100MB fibre-to-the-home broadband is likely to drive both new applications and online security concerns.

The report says various lightweight Web 2.0 technologies are generally not robust enough to block attacks from online attacks.

“The open, simple communication structure of Web-2.0-based applications is also its key weakness: Scammers who can exploit weaknesses in social networking sites can reach millions of potential victims with a single click,” the report said.

Online fraudsters were exploiting the undue amount of trust that social media users put in their ‘followers’ and ‘friends’ contact lists – relying on the assumption of users that their friends won’t send them messages that carry a rogue programming load.

The click-through rate to unkown URLs is far higher through social networking sites than with email – presenting enormous opportunities new opportunities to criminals.

The report also says there is evidence that scammers are increasingly targeting Apple Mac users. While the Mac has enjoyed a good reputation for somehow being better protected against online scammers than PCs, the platform has now been targeted because it represents a growing opportunity, with the Mac expected to double penetration in the US and Europe between now and 2011.