Interop: Web 2.0 Evolution Opens Door For Serious Threats

In a speech given Tuesday at the Interop Conference 2008, Kenneth Rutsky, VP of product marketing for Secure Computing, underscored that the new and increasingly dangerous Web 2.0 threats that have emerged will require businesses and IT professionals alike to significantly enhance security technologies and leave traditional blacklisting models in the dust.

"The Web. 2.0 threat landscape is dramatically different than what it was a year ago," said Rutsky. "This is very different than the script kiddies or email marketers that are trying to sell you something."

"It's very targeted and very profit motivated," he said adding that that cybercrime has recently exceeded drug trafficking as organized illegal trade.

One of the reasons that experts are increasingly finding and defending against copious new and destructive threats is directly related to the evolution of Web 2.0, Rutsky said. Specifically, significant Web developments, which now allow users to access interactive content, social software, and an array of sophisticated media files and applications, also enables attackers to easily install malicious content and source code.

"What strikes me is that Web 2.0 is truly an evolution of where the Web has been," said Rutsky. "We've really transformed into a dynamic two-way user experience over the Internet."

That two-way interaction is a radical departure, Rutsky said. Historically, the Web had been a largely unidirectional, designed as a medium for print content.

"It's a fundamental change from one way to two way," said Rutsky. "We're not just moving content, we're moving applications."

However, the new user-based content and interactivity have and raised serious security concerns, Rutsky said. It has also enabled the proliferation of numerous malicious threats, such as Trojans botnets, spyware and an array of malicious code.

One of the most pernicious of those emerging threats is the Storm Worm, recently evolved to infect legitimate Web sites -- which Rutsky said has "fundamentally changed the security landscape."

"Storm is run by a bunch of shady, nefarious criminals," said Rutsky, "Storm is adaptable. Storm is technologically very sophisticated and Storm attacks back. It is a self defending network, peer to peer highly distributed redundant network that turn machines into control bots."

Meanwhile, attackers have developed blended threats -- multi-faceted attacks that combine email, Web, social engineering, insider access and application level threats.

In what he termed as "the death of the negative security model" Rutsky said that end users will have to fundamentally change their security model from one that keeps the bad out to a shift to a proactive whitelisting approach, allowing only the good in.

To further combat these threats, Rutsky recommended that users invest in real time reputation based filtering, which acts as a credit score to determine the trustworthiness of a site over time.He also suggested that users apply intent-based malware protection, biodirectional filtering, robust data leak prevention capabilities, and use of comprehensive access management and reporting tools.

"Signatures are not enough," he said. "Categorization Web filtering -- it's not enough."

"When you add in lost user, lost customers and lost business reputation, this is costing us billions and billions of dollars" he continued. "The takeaway is that this stuff is not going away."