New Generation of Internet Threats

By Bob Hinden  |  Posted 2010-04-29 Print this article Print

New generation of Internet threats

While social networking and Web 2.0 applications are increasing our ability to collaborate, they have also fueled a new generation of Internet threats.

The nature of social networking sites enables users to build a network of contacts based on an element of trust that expands outside of a business. This allows users to easily exchange or propagate information, images and files-often without requiring identification or validating information beyond a log-in and password.

The number of incidents of malware distributed by social networking and P2P file-sharing sites is rapidly increasing. These new tools are ideal to use for social engineering-based attacks, which attackers are very quick to exploit and which put sensitive data at risk. Therefore, organizations should ensure their intrusion prevention system (IPS) goes beyond detection mode and is focusing on the real prevention of threats.

Nearly 80 percent of data loss is unintentional. This is predominantly due to employee negligence or unknowingly violating security policies written in the corporate handbook. For example, an employee might e-mail a confidential document to the wrong person or use a Web-based, P2P file-sharing site to send large files to a business partner. However, without reading the fine print, they may unknowingly lose ownership and control of sensitive data after uploading their files.

It is critical to alert employees about what constitutes sensitive information in the organization, and it's just as important to educate them on acceptable or unacceptable outlets for specific types of data classification. To reduce the risks that come with the benefits of Web 2.0 applications in the enterprise, organizations should look to implement technology solutions to help sensitize employees to risky behavior through self-learning techniques.

Bob Hinden is a Check Point Software Fellow. Previously, Bob was a Chief Internet Technologist at Nokia Networks. Bob has worked on the Internet since its early days as a DARPA research project to the current Internet, and has seen threats start, from a few hackers showing off to their friends to the sophisticated and coordinated cybercrime it has evolved into today. Bob is the chair of the Administrative Oversight Committee (IAOC) and the IPv6 working group at the Internet Engineering Task Force (IETF). Bob has been active in the IETF since 1985 and is the author of 36 Request for Comments (RFC). Prior, Bob served on the Internet Architecture Board (IAB) and was Area Director for Routing in the Internet Engineering Steering group from 1987 to 1994. He is also a member of the RFC Editorial Board. Bob was the co-recipient of the 2008 IEEE Internet Award for pioneering work in the development of the first Internet routers. Bob holds a Bachelor's of Science degree in Electrical Engineering and a Master's of Science degree in Computer Science from Union College, Schenectady, NY. He can be reached at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel