Social Marketing Strategies from Social Marketing Expert Peter Lenkefi

Web 2.0 has become a popular term in the past 18 to 24 months to describe the second generation of the World Wide Web. By definition the first generation World Wide Web was centred on Webmaster creating content in the hope of driving traffic to their website as opposed to Web 2.0 which centres on collaboration and community based sharing.

Web 2.0 is a platform for people to create, collaborate and share their own content, examples of which include Blogs, Wikis, Photos, Videos and more.

Web 2.0 platforms are designed to be user friendly and as accessible as possible with some of the biggest websites in the modern era, such as MySpace, YouTube and Wikipedia, being prime example of the Web 2.0 platform. While Web 2.0 offers many benefits and enriches the users experiences to no end, there are some concerns.

Are There Any Vulnerabilities?

Since the premise of Web 2.0 is that anyone and everyone with an internet connection can upload content, Web 2.0 sites are an easy target for hackers wishing to upload malicious code and inappropriate content.

An example, once malicious content has been uploaded to website X by hacker A, innocent victim B can become infected whilst website X can be held potentially responsible for damages.

Also from a technical point of view Web 2.0 websites are more susceptible to external threats as they have more interactions with the browser and run complex code on user machines, such as JavaScript.

Even more of a concern to the novice user is that many of these websites are consider “safe”� or “trusted” by URL filtering and are not blocked even though these websites might contain malicious code.

In addition many organisations do not block users from accessing these Web 2.0 websites and therefore could be perceived as an IT security risk. This could cause a number of issues for organisations who access sites which harbour malicious code; these issues include security (both internal and external), legal issues and compliance issues.

An example of a Web 2.0 website which was harbouring malicious code includes a well know US based website offering Art directory services. The malicious code on this website was altered to enable it to pass through anti-virus checks. Simply by visiting the website was enough for the users’ computer to become infected.

Another example involves an online banner that was run on Social Networking website MySpace and a Windows vulnerability infecting more than a million users with spy ware.

Users who were using Internet Explorer and who did not have the latest Windows Media File patch were more susceptible. Their computer would download a Trojan which would bombard the user with pop-ups and track their movement.

How Does This Work?

AJAX contains a set of technologies that enable to web browsers to refresh content in real time without user involvement. This refreshing is kept hidden from the user and therefore provides a delay free user-experience.

Well known websites such as Gmail and Yahoo employ AJAX technologies. The “hidden web” is part of the web that is not indexed by search engines that crawl sites. Examples of the hidden web include various web services for which the user must enter parameters in order to achieve a dynamic result.

In the Web 2.0 security context, this means that AJAX can query back end or hidden services. This creates openings for hackers to generate “invisible” (to the end user) attacks using AJAX queries, since the code is encrypted using SSL and never revealed on the website.

URL filtering will be unaware that the given website cannot be “safe” or “trusted” or is malicious because it does not know which parameter will trigger the malicious code.

Do We Need Protection?

In order to protect users organisations require solutions that are capable of analysing user requests individually in real time. Real time analysis of the code is an effective method. By analysing each bit of code, regardless of source, this technique ensures that malicious content will not enter the users’ domain even if the original source is verified.

However for some organisation, this method will not suffice. As well as being proactive (real time analysis), organisations will have to become reactive (e.g. signature based).

The user of multilayered security measure must become standard for organisations seeking to protect their internet-connected assets. High performance applications that are capable of monitoring and reacting rapidly to block suspicious traffic are essential.

What Does This All Mean?

The evolution of the internet for first generation static content to second generation “dynamic” content is going to have a significant bearing of organisational and individual use of the internet.

While Web 2.0 and AJAX technologies have enriched the users’ experience there are numerous security issues to be concerned with. Reactive solutions are not designed to detect malicious activities and therefore these solutions are not enough alone to help prevent maliciousness.

The assumptions that Anti-virus or URL filtering can detect every single piece of malicious code are no longer valid. To protect organisations and users a multi-tiered solution involving reactive and proactive solutions must be established.

Real time solutions that are capable of analysing web content regardless of its source are paramount to eliminating security threats.