Web 2.0 sites prime hacker target says report

According to the Secure Enterprise 2.0 Forum study, Web 2.0 sites are now attacked more frequently than sites operated by the media (18%) and retail businesses (13%).

The most popular attack vectors exploiting Web 2.0 features are SQL injection (21% of attacks) and authentication abuse (18%), says the report.

Interestingly, Infosecurity notes that Cross Site Request Forgery (CSRF) ranks as the sixth most popular attack vector (8%), but it is growing fast according to the study.

Leaking of sensitive information remains the most common outcome of Web hacks (29%), although disinformation is also a problem (26%), largely due to the hacking of online identities of celebrities, the report adds.

According to David Lavenda, vice president of web 2.0 business security software provider WorkLight and a founder of the forum, as Web 2.0 and social media become increasingly popular for both personal and professional use, it is highly likely that hackers will increase their efforts to exploit vulnerabilities.

"This latest report by the forum clearly spells out the need for companies using these tools to implement a comprehensive security strategy and Web 2.0-specific security mechanisms," he says.

The quarterly report also indicates that social networks, wikis, and community blogging services and sites are the most popular social media targets for hackers.
 

What’s Hot on Infosecurity Magazine?