Web SWAT Initiative Targets Threats

An initiative from Secure Computing called SWAT is in hot pursuit of hackers of Web 2.0 technologies.

SWAT is raiding the Web, and its after Web 2.0 threats.

SWAT, which stands for Secure Web 2.0 Anti-Threat Initiative, is the brainchild of Secure Computing, of San Jose, Calif. Despite its name, there are no guns or body armor involved—just a new effort by the company to work with others and provide research, best practices and design criteria to help organizations defend against the latest online menaces.

"The end user is adopting the Web 2.0 technologies at an increasing rate, and the bad guys are finding new ways to attack," said Ken Rutsky, vice president of product management at Secure Computing. "Were really protected against the last round of threats, not the current threats."

As proof, Rutsky cited a Forrester Research study that surveyed 153 IT professionals and security decision makers. The study is part of SWAT, and revealed that while 97 percent of all enterprise IT staff considers themselves "prepared" for Web 2.0 threats, 68 percent conceded there was room for improvement.

In addition, though 92 percent of the respondents indicate that outbound data leakage prevention is an important aspect of Web filtering and 58 percent consider data leakage an extremely important business concern, only 33 percent reported having data leak prevention capabilities in place.

"I think what this Forrester report shows is that were not ready and were not acting," Rutsky said.

Even though IT organizations have widely adopted many Web 2.0 technologies, the Forrester report indicates many are still protected by legacy computer security systems.

Paul Henry, vice president of technology and evangelism at Secure Computing, recalled a presentation at this years Black Hat conference where the presenter captured someones cookie information while they were checking their e-mail and presented their e-mail for the audience live on the screen.

The presenter, he said, was using tools called hamster and ferret to steal authentication data from within cookies and then replaying those cookies to authenticate into an account, he said.

"Its just another example of this blind adoption of Web 2.0 technology without carefully thinking through the security ramifications," Henry said.

"If you look at the threat landscape overall today we are no longer seeing protocol level attacks. Everything is happening at the application layer, layer seven. Yet the vast majority of popular security implementations today are relying primarily on layer four at best, packet-filter like technology."

Forrester analyst Chenxi Wang said the slow adoption of technology that protects against the latest online threats is not due to money, but a lack of awareness. The report recommends organizations re-examine policies and protection mechanisms against the latest trends of Web-borne threats, especially those connected with Web 2.0 applications. In addition, companies should look to improve user awareness and training, according to the study.


Report: 63% of malware emerges from U.S. sites. Click here to read more.

"The biggest threat Web 2.0 brought is the ability to hide malicious content behind rich interactive applications, many of which allow user-contributed content," Wang said.

She added that, for instance, MySpace.com itself is a perfectly legitimate site, but the same cannot be said about every piece of content that is uploaded onto the site by individual users.

"We believe that approximately 75 percent of the companies who have installed Web filtering are using URL filtering, which is probably the most primitive form of Web security…organizations need to consider malware protection, a functionality beyond URL filtering, necessary to protect themselves against the latest Web threats."

Corporations need to catch up not only to the latest threats, but to the habits of the users on their networks, Rutsky said.

"I think were just at a point in time where the risk is extremely high because of that," he said.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.