1) Social networking sites present security threats.

2) There are many steps corporate security professionals can take to mitigate these threats, including policy, enforcing policy with procedures, security training, administrative procedures, and technology.

What’s in the News

Since the last blog there has been a steady stream of news about more security threats originating at web sites, particularly from social networking sites. Profit motive appears to be the primary intent of the threats. The methodology is committing identity theft for profit. Below are a sample of four web based news articles to which I refer:

Mitigating Web-Based Malware Attacks. August 17, 2009

http://www.threatpost.com/blogs/mitigating-web-based-malware-attacks-117

The Dirtiest Websites To Avoid, 2009-08-20

http://www.securitypronews.com/insiderreports/insider/spn-49-20090820TheDirtiestWebsitesToAvoid.html

Researcher details Facebook CSRF Flaw, August 21, 2009

http://www.scmagazineus.com/Researcher-details-Facebook-CSRF-flaw/article/146986/

Malware designed to steal IDs increased 600 percent, August 20, 2009

http://www.scmagazineus.com/Malware-designed-to-steal-IDs-increased-600-percent/article/146909/

For additional statistical data, the reader can verify the list of infected sites from various manufacturers, including Google and can see growth of malware sites over 100% in last year.

More Financial Motivation

There appears to be a current trend towards targeting smaller and medium sites with identity theft attacks, probably because the larger sites were attached first. Also, organizations that deploy small and medium sized sites may not have the security precautions and resources available to their larger counterparts.

Of course, bad guys do not get sleep deprivation if their attack is running on a small site rather than on a large site.

The Popular Drive-By Attack

There is increase in “drive by download” of malware, where a visitor to a web site unwittingly loads malware from the site. The malware is placed by the perpetrators by exploiting vulnerabilities in web sites. They find the vulnerabilities by a simple query to search engines to find vulnerabilities readily published by software tool manufacturers, providing notifications of patches and weakness warnings.

My Next Blog Article

My next article will provide preventative measures that both end users and web site managers can implement to protect all concerned from the dangers of drive-by malware.

Have a secure week.

Regards,

Ron Lepofsky

ERE Information Security Auditors