The Web dominates 2009’s top 6 security threats
The Web dominates 2009’s top 6 security threats
By William Tam, Technical Manager, Asia Pacific, Websense | Jan 19, 2009
0 comments
Facebook
LinkedIn
Digg
With security still high on the agenda of both business and IT executives, Websense recently released its Top Six Security Threats for 2009.
William Tam, Technical Manager, Asia Pacific, Websense, warns Internet users to pay particular attention to websites with dynamic, user generated contents, such as those Web 2.0 websites for online auction, social networking, blogs and discussion forums. "These Web sites may have good reputations but they don't guarantee that the contents hosted by them are safe. In fact, a majority of the Web-based attacks reported by Websense Security Labs in the last 6 months are hosted on Web sites with good reputations," says Tam.
Below are the Top Six Security Threats according to Websense.
1. The “Cloud” will increasingly be used for malicious purposes
Cloud-based services, such as Amazon Web Services (AWS), Microsoft Azure, and GoGrid, provide businesses and users with easy-to-use, rent-as-you go opportunities for storage and large-scale computing at a low cost. But these services also are an attractive target for cybercriminals and spammers to leverage for misuse. Websense predicts that in 2009 – we will see an increase in misuse of the “cloud.” The cloud may be used simply to send spam or to launch more sophisticated attacks including hosting malicious code for downloads, uploading stats, and testing malicious code.
2. An increase of Rich Internet Applications (RIAs) like Flash and Google Gears for malicious use
There is growing adoption of browser-based Web applications that are either replacing or being used alongside traditional desktop applications. Examples include Web-based CRM systems, Google Docs and other Web-based office tools. Creating a rich Internet experience through a browser-based application is created with technology called Rich Internet Applications (RIA). With the explosion of demand for these applications, for developers who use RIA technologies such as Google Gears, Air, Flash and Silverlight to build large Web 2.0 Internet applications, security is an afterthought, opening up the door for cybercriminal abuse. With RIA popularity exploding, we predict that in 2009 we will see some large scale attacks using both exploits found within the core RIA components as well as the user-created services that allow attackers to remotely execute code on user's machines.
Similar
Add comment
Similar
knowledge_central_tab
Knowledge Central
Today's top security priorities
Attacks based on vulnerabilities in websites are skyrocketing, and not many solutions are available to protect organizations against them. How do you deal with this and other key security issues today?
Taking a holistic business-centric approach to security
Today’s CIOs face multiple challenges, including the need to innovate in an extremely competitive business climate, address highly dynamic regulatory and compliance challenges, speed ROI to counter shrinking IT budgets, and secure their organizations against a wide barrage of sophisticated threats.
UTM product offers Logansport Savings Bank superior protection
Astaro Security Gateway’s IPS was able to block attacks that other intrusion prevention systems (IPS) missed at Logansport Savings Bank.
Hong Leong Financial opts for Juniper Networks at new Malaysia head office, data center
Hong Leong Financial Group Berhad builds complete and seamless data center and office network infrastructure with Juniper switches, security devices and Junos software.
