There has been an exponential growth in Web 2.0 technologies in recent years, and cyber criminals have become more sophisticated because information is freely available on social networks like Facebook, LinkedIn, and Twitter.
This has become a major challenge, says Stefan Tanase, senior security researcher at Kaspersky Labs, as control over technology slips into the hands of users, and leaves them in charge of the information they put on social networks.
Tanase notes that social networks are growing at a fast pace, as is the content generated by users. “The content is also becoming more flexible and more mobile, and these two are the main concepts of Web 2.0 collaboration and socialisation.”
Everyone today sees Web 2.0 as trendy, and wants to get a piece of it, he points out. “What we don't realise is the threats that come with Web 2.0 actually open new factors for the cyber criminals to try and get their hands on our computers and data; and this actually happening everywhere.”
In the past, advertising benefited from social networking by using targeted adverts with information they got from the networks, Tanase says. “The advertising companies used to get information generated by users to profile people and see the latest trends as well as their location. They could then see who to send adverts to depending on what they say they like on the social network.”
“The reality is that cyber criminals go where users go,” he adds. They did not just choose Web 2.0; like any other business, they are after money, he explains. Tanase says 99% of cyber criminals who are malware authors write malware to steal money from users, or use the users' resources to get access to data.
With all the developments in social networking, cyber criminals are finding a fertile ground for their activities, he points out. These criminals also spread malware through social networks like YouTube, Twitter, and LinkedIn. “This shows they are trying to get their malicious link out to bigger audiences, and with social networks this can easily be fuelled because of the number of users on those networks,” he says.
Scammers are becoming more advanced and taking advantage of curious and na"ive users, notes Tanase. He points out that they exploit the trust between people because on social networks users interact with people they supposedly know.
Cyber criminals are also spamming the social Web with malicious links, trying to redirect legitimate traffic to Web sites to malicious content, he points out. “Some of those malicious Web sites are loaded by na"ive users.” They get victims by using botnets, which they use afterwards to spread more and more links, Tanase adds.
What is really worrying, he says, is that browser vulnerabilities are growing. “Our browsers are more like operating systems. Around 80% of people spend their time on the browser. That is where they have their e-mail communication; their friends, everything,” he says.
According to Tanase, the very technologies that make Web 2.0 a reality seem to be considerably vulnerable to security breaches that can lead to data loss and theft, as well as other malicious activities. “And the growth of converged devices taking advantage of these technologies adds further to the problem.”
Share
