Click here to receive your FREE subscription to Campus Technology
Featured News
Web 2.0 Threats Loom Large for IT
1/25/2008
With the seemingly exponential growth of Web 2.0 technologies, IT professionals in education--and all other sectors, for that matter--face new challenges as control over technology slips away and moves into the hands of users. The very technologies that make Web 2.0 a reality (AJAX, in large part) seem to be considerably vulnerable to security breaches that can lead to data loss and theft and other malicious activities. And the growth of converged devices taking advantage of these technologies adds further to the problems.
Just this week, security firm Websense released a report that showed for the first time in history that Web sites compromised by "attackers" (phishers, etc.) now exceed those created specifically by attackers. In other words, more previously legitimate sites have been turned to malicious purposes than sites created for malicious purposes in the first place.
And the tool of choice in this new development? The Web 2.0 technologies used on those legitimate sites, which offer vulnerabilities attackers can take advantage of.
According to the Websense Security Labs report, which looked at security trends in the latter half of 2007, Web 2.0- and event-based attacks are on the rise, including spoofing search engine results to "drive traffic to infected sites."
Said Dan Hubbard, vice president of research for Websense, "We believe that attackers will continue to be creative and leverage Web 2.0 applications and user-generated content to create even bigger security concerns for organizations. With this in mind, organizations need to ensure their Web, messaging and data security solutions can protect the avenues hackers seek to exploit for financial gain."
But Websense is only the most recent raising red flags on the vulnerabilities of Web 2.0 technologies.
In higher ed, Georgia Tech's Information Security Center released a report entitled "GTISC Emerging Cyber Threats Report for 2008," in which Web 2.0 was cited first as one of the threats to watch in 2008, topping botnets, directed messaging attacks, and RFID attacks. (It also cited related mobile convergence threats--devices built to take advantage of Web 2.0 technologies--in its top 5.)
Commenting on the report, GTISC Director Mustaque Ahamad said, "As newer and more powerful applications enabled by technologies like Web 2.0 continue to grow, and converged communications applications increasingly rely on IP-based platforms, new challenges will arise in safeguarding these applications and the services they rely on. The GTISC Emerging Cyber Threats Report for 2008 highlights those areas of greatest risk and concern, particularly as continued convergence of enterprise and consumer technologies is expected over the coming year."
In that report, Web 2.0 was cited for potential client-side attacks on social networking technologies, aimed at "stealing private data, hijacking Web transactions, executing phishing scams, and perpetrating corporate espionage." Mobile convergence threats included "vishing," "smishing," and voice spam, plus denial of service attacks targeting voice infrastructure, according to the report.
Recommended Reading
- Moodle Gets SCORM Improvements, Security Fixes
New versions of Moodle have been released, bringing the most recent stable build to 1.9.3. The latest round of updates includes a number of bug fixes and security enhancements, as well as improvements to the SCORM module.
- Free 'Morro' Antivirus To Replace Microsoft OneCare
Microsoft is rolling out a free antivirus software program for consumers that will compete with products made by Symantec and McAfee. Code-named "Morro," the AV app is expected to be available by the end of 2009.
- Microsoft Demos New SQL Server Features at PASS
Microsoft Wednesday previewed the ability to centrally manage applications and resources in the planned upgrade of SQL Server, code-named "Kilimanjaro."
- Microsoft Unveils Exchange and SharePoint as Services
Microsoft exec Stephen Elop on Monday announced two hosted solutions from Microsoft--Exchange Online and SharePoint Online--which are now available to organizations of all sizes in the United States. The software, paid for by annual subscriptions, is hosted on Microsoft's servers and supported by Microsoft's channel partners.
- 6 Ways Not To Become Rote Using Instructional Technology
There are, in my experience, six strategies to consider with any use of technology that will guard against rote use of technology and facilitate critical analysis of teaching and learning effectiveness. In this article, I'll share with you the checklist I work with and encourage others to work with in learning about and using new technology.
- Bringing Student Web "Stuff" to Campus Enterprise Systems
How can an institution incorporate Web 2.0 learning opportunities for students, and evidence of learning from those opportunities, into existing campus technologies and processes? PlugJam is providing part of the answer.
