Britney Spears hack highlights risks of weak Web 2.0 service passwords

She's not the first to suffer: web reports from New Zealand also incorrectly announced the death of actor Jeff Goldblum. "What [these events] show us is the sheer power of the Internet in terms of potential reputational damage, says Rob Rachwald, director of marketing at data security firm Imperva. According to Rachwald, since Twitter's picture service currently only has a four-digit numeric password system, a brute force attack could hack into the account in a matter of hours. And, he says, as Web 2.0 services evolve on the Net, the effort and focus of the application owners is going to be devoted to the fast availability of new features and commercial models – not security. His recommendation: as well as being careful when it comes to setting secure passwords on next-generation services, companies need to implement web application firewalls alongside the services.. "The key issue here is that companies need to install additional security technology at the same time as they deploy these new Web 2.0-based services in their organisations," he said. "This is because Web application firewalls and other protective Internet security systems are becoming more and more important, as they can compensate for internal security control issues," says Rachwald.