How to Protect Against Web 2.0 Crime and Data Breaches

 
 
By Yuval Ben-Itzhak  |  Posted 2009-11-03 Email Print this article Print
 
 
 
 
 
 
 

Facebook, Twitter, MySpace, blogs and other Web 2.0 technologies have created new opportunities for individuals, enterprises and governments. But where law-abiding users go, cyber-criminals quickly follow. It's critical for users to be wary of increasingly sophisticated online threats-from the recently discovered Botnet platform to cyber-criminals who infiltrate networks to steal data and identities. Here, Knowledge Center contributor Yuval Ben-Itzhak explains how users can protect their systems from cyber-criminals, phishing, botnets, viruses, Trojans and other malware.

In today's Web 2.0 world, information sharing, online shopping and remote working are just a few examples of the many benefits the Internet and Web 2.0 technologies offer us. Blogs and social networks such as Facebook, Twitter and MySpace are becoming increasingly popular, with individual users and enterprises blogging, tweeting and uploading content on a daily basis. But where users go, cyber-criminals are quick to follow. Do-it-yourself crimeware toolkits that incorporate multiple vulnerability exploits lower the entry barrier for cyber-criminals, making it harder for users to keep up with adequate Web security.

Cyber-criminals are constantly looking for new opportunities and more efficient ways to spread their data-stealing malware or scareware to generate illicit earnings-duping users into purchasing fake software such as antivirus is a popular method. Cyber-criminals know how to capitalize on the latest consumer interest on social networks and news Websites. They capitalize on consumer interest over natural disasters, celebrity doings and other major news (such as President Obama's election and Michael Jackson's death). By using crimeware to booby-trap Web pages with these keywords on popular news sites, social sites and fan pages, cyber-criminals reach millions of potential victims.

It has been estimated that Web pages are infected with malware every 4.5 seconds, putting users' computers as well as corporate computers at risk. According to the Anti-Phishing Working Group (APWG), the number of sites infecting PCs with password-stealing crimeware reached an all-time high of 31,173 in December 2008. This is an 827 percent increase from January 1 of that same year. Furthermore, one in five online consumers in the United States have fallen victim to cyber-crime in the last two years.

Cyber-criminals maximize their profits by turning unsuspecting users that visit infected Websites into business assets. The victims' computers are stealthily infected with malicious code designed to steal data and take control of user machines. In a common scenario, the victims' compromised PCs become part of a botnet. This means that their infected machine can be traded again and again on a botnet trading platform, adding more "masters" that have control over their machines-without their knowledge.



 
 
 
 
Yuval Ben-Itzhak is Chief Technology Officer at Finjan. A security industry veteran, Yuval brings strong technology leadership capabilities to Finjan, as gained in over 15 years of high-level management positions. Prior to joining Finjan, Yuval was the founder and CTO of KaVaDo Inc., a leader in Web application security (acquired by Protegrity). Prior to KaVaDo, Yuval was CTO at Ness Technologies, a global provider of end-to-end IT solutions and services. As a senior project manager at Intel Corp., Yuval was in charge of the design and development of multimillion dollar software projects. He began his professional career as a member of an elite intelligence unit of the Israeli Defense Forces, where he was responsible for the design and development of security systems for mission-critical projects. Yuval earned a Bachelor of Science in Information Systems and Engineering, cum laude, from Ben-Gurion University, Israel. He can be reached at ybitzhak@finjan.com.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel