Web security firm warns war has moved to internet's high street

NEW PRODUCTS to help social networking sites protect their users are being developed, and could be on the market as early as …

NEW PRODUCTS to help social networking sites protect their users are being developed, and could be on the market as early as next year, a leading web security firm has said.

Chief executive of Websense Gene Hodges confirmed the company was in the process of developing technologies to help sites that centre on user-generated content to fend off attacks from malicious users.

“This is the latest vector of attack that the hackers are using,” said Mr Hodges. “The easiest way to plant attack code today is to put it on a collaborative user-generated content site. Eighty of the top 100 global websites have that nature.

“If you go back only two years you would generally only be in danger of being attacked off the web if you went into what you might describe as the back alleys of the internet, such as porn sites, gambling sites, a race or hatred site. Today, you get attacked from going to the high street.”

READ MORE

Mr Hodges said the previous web security approach of keeping lists of “good” versus “bad” content is not suitable for use with sites such as Facebook where page changes occur every millisecond, or even faster.

“You have to shift to a set of technologies that looks at the information in real time as it comes off the website. That’s been our latest technology area of investment.”

Michael O’Hara, managing director of IT distributor DataSolutions, said web 2.0 was having a significant impact.

“It’s hard to find someone who doesn’t have a presence on LinkedIn, Facebook, Bebo or one of those sites. The purpose of those platforms is to allow information to spread very fast among users. That’s music to the hackers’ ears. The tendency among us is to use the same passwords for Facebook as we do for our banking, etc and I think that’s a big concern.

“People go on Facebook – it’s a global brand. It’s seen as a corporate solution and they think they are being protected.

“As a result, they are happy to give details or go to sites because it’s coming to them through Facebook or similar sites, and they are less cautious.

“Probably in the long run, Facebook and the like are going to have to recognise this and are going to have to come up with a fix because people will stop using their services.”

Facebook, MySpace and Bebo have all been targeted by malicious users in recent months, with increasingly clever pitches to trick users into installing malware on their PCs.

The Koobface virus, which has resurfaced on Facebook with a new variant, encourages users to download malware by disguising it as an update to Adobe Flash player necessary to view a video sent by private message on the site. The downloaded programme will search for cookies for other social networking sites, log on to the pages and send itself to the friends lists it finds.

Bebo users were hit by a similar virus in recent months, and MySpace users have fallen victim to attacks from worms in the past.

Ciara O'Brien

Ciara O'Brien

Ciara O'Brien is an Irish Times business and technology journalist