Web 2.0 enabled businesses face increased cyber risk

That’s the warning from secure appliances and unified threat management (UTM) developer WatchGuard Technologies. Research over the last three years by WatchGuard’s Rapid Response team has tracked attack patterns and identified five main threats: DNS system attacks, virus and malware, buggy web applications, hacking for profit and the end users themselves. “The increase in the range and sophistication of threats, combined with more complex architectures and the move to Web 2.0, will make the job of securing enterprise networks more difficult than ever before,” warns Steve Fallin, Rapid Response team director. “Other factors putting organisations at more risk include increased levels of remote access, continued poor user behaviour and the shift from hobby hackers to organised crime.” According to WatchGuard’s survey, many of today’s attacks are targeted and done for profit, such as the sale of personal information or blackmail. The focus of web-based attacks has also shifted to applications running on the web server and the data systems that back them up by exploiting flaws in website design. It also finds that on the desktop, relatively harmless virus infections have now morphed into a devil’s brew of sophisticated viruses, spyware, root kits and botnets. At the same time, attacks such as phishing and drive-by downloads now target the most vulnerable portion of the network infrastructure – its users – with surprising levels of success. “The last few years have seen a considerable change in the nature of security challenges faced by the internet enabled enterprise,” concludes Fallin. “As we are now on the verge of widespread adoption of Web 2.0, with its promise of the collaborative enterprise, it is vital to adapt enterprise security to address the threats posed by a Web 2.0 world.”