v Web Security ~ WebsiteSupport

May 12, 2008

Web Security

The Web has become criminals' preferred pathway for spreading malware. Cybercrime carried out on the Web can include identity theft, fraud, espionage and intelligence gathering.Web-based vulnerabilities now outnumber traditional computer security concerns, and as measured by Google, about one in ten Web pages may contain malicious code.Most Web-based attacks take place on legitimate websites, and most, as measured by Sophos, are hosted in the United States, China and Russia.

The most common of all malware threats is SQL injection attacks against websites.Through HTML and URIs the Web was vulnerable to attacks like cross-site scripting (XSS) that came with the introduction of JavaScript and were exacerbated to some degree by Web 2.0 and Ajax web design that favors the use of scripts. Today by one estimate, 70% of all websites are open to XSS attacks on their users.

Proposed solutions vary to extremes. Large security vendors like McAfee already design governance and compliance suites to meet post-9/11 regulations,and some, like Finjan have recommended active real-time inspection of code and all content regardless of its source.Some have argued that for enterprise to see security as a business opportunity rather than a cost center,"ubiquitous, always-on digital rights management" enforced in the infrastructure by a handful of organizations must replace the hundreds of companies that today secure data and networks.Jonathan Zittrain has said users sharing responsibility for computing safety is far preferable to locking down the Internet.

In terms of security as it relates to the 'physical' portion of the World Wide Web/Internet, the 'distributed' nature of the Internet provides security against attack -- as there is no one single 'focus point' through which all Internet traffic is directed, any attempt to 'cripple' the Internet would only disable a small portion of the whole, and the connecting computers would simply direct the affected traffic through other, unaffected networks and computers.

0 Comments Here:

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | coupon codes

HTML Hit Counter