By Liam T, Security Advisor, SecureTec Australasia
According to research from Secure Enterprise 2.0 Forum, there has been a significant increase in the number of Web 2.0 attacks over the first quarter of 2009. The report indicates that social networks, wikis, and community blogging services and sites are the most popular social media targets for hackers. As Web 2.0 and social media sites such as Facebook, Twitter and LinkedIn become increasingly popular for personal and professional use, hackers will continue to work harder and smarter to exploit their vulnerabilities.
Attackers focus on gaining unrestricted access to the data stored on the computer to use for financial or identity theft. Cyber criminals are also known to implant malicious code by exploiting well known security weaknesses in the software installed on user’s computers.
Though Web site owners have a responsibility to ensure their sites are secure, users should also adhere to secure practices. When online, consider the following:
- Assess the “value” (to you) of the information stored online: o Ask yourself whether the information stored online on “all” your websites could be used for malicious purposes. o As a general rule of thumb, it is never a good idea to put up any information online that you would not want the entire world or your worst enemy to see.
- Isolate different accounts from each other: o Avoid cross linking your account details. For example: try and avoid publicly listing your email address or linking your MySpace page to your Facebook page. This practice will minimize the chance for the attacker to compromise several of your accounts by infecting one. o Use different passwords. Way too often, hackers are able to use registration information from one account to compromise another.
- Secure your online logins: o Use secure and unique “passphrases” for your logons and use unique passphrases for each and every website you log onto, all of which should be as long as possible and contain UPPER CASE, lower case, symbols and numbers (although the numbers 0, 1, 3, 5 are less secure as people use them as numb3r r3plac3m3nts a11 t00 0ft3n).
- Secure your computer against malware and exploits: o Use a reputable security solution that includes browser protection such as Check Point’s ZoneAlarm Extreme Security (make sure that “Enable Virtualization” is turned on) or ZoneAlarm ForceField which works well alongside other security solutions. o Ensure you have “all” the latest Microsoft Updates and that your Automatic Updates are turned on in Windows. o Regularly check that “all” other programs installed on your computer are up to date and secure. o Avoid installing un-trusted software and browser plug-ins on your computer. Before installing unknown software, it is best to look for reviews about the software at reputable websites such as CNET or PC World etc.
While we can’t always know how secure a “trusted” Web site is, by following a few simple steps social media site users can prevent their accounts from being compromised or used to infect others.
