Pin Me

The Top Five Security Risks of 2009

written by: Lee Clemmer•edited by: Bill Bunter•updated: 7/6/2011

If you were a regular user of MySpace in 2009, or relied on Facebook or Twitter for communication, you've seen some problems this year. Granted, not being able to tweet isn't a major security risk. But for the operators of those sites, they were top targets in 2009.

  • slide 1 of 7

    The Biggest Security Risks of 2009

    2009 has seen many Internet security "events", but what have been the biggest security risks this year? Well, if you are an executive for Facebook, MySpace, or Twitter, you have been involved in some of the biggest, highest-profile security events this year. When Internet events make it to cable news headlines, it's big. More and more large volume or fast-and-loose thefts of credit card information have been happening, too. Let's look at the top risks in 2009.

  • slide 2 of 7

    5. Facebook Hacks

    There are so many applications and links created and spread about in Facebook friend groups that it can be overwhelming. The potential for abuse is high. Some Facebook (FB) users are inclined to always click "Allow" when an application asks to be able to access their personal data in order to work. The application can then masquerade as the FB user and can send out various requests to all that user's FB friends. Outside links to information phishing destinations, Trojans, and spam-bots are common. Facebook has not had the level of problems that MySpace has, but the problems are there.

  • slide 3 of 7

    4. SMS Messaging Hacks & Attacks

    This has been one of the biggest security boondoggles I have seen in years. So many MySpace users are young, inexperienced, unfamiliar with PC security, or unfamiliar with the Internet. The malware and Trojans and CSS attacks are seemingly constantly cropping up on MySpace. I've seen attacks hijack browser sessions, phish for contacts, install backdoors, and bafflingly alter user settings in seconds after displaying the infected MySpace page.

  • slide 4 of 7

    3. DoS Attacks on Social Networking Sites

    Recently we've seen a huge impact from Denial of Service attacks on Web sites, specifically social networking sites such as Facebook and Twitter. An attack designed, created, and initiated by an individual, striking out merely at another individual was powerful enough to slow, stop, or crash social networking Web sites and interfaces. Network Security professionals (myself included) work hard to limit the impact and potential for such attacks, but the nature of the Internet protocols and the ability of attackers to leverage large numbers of unwitting innocent accomplices in the attacks make it an ongoing "arms race".

  • slide 5 of 7

    2. MySpace Malware

    This has been one of the biggest security boondoggles I have seen in years. So many MySpace users are young, inexperienced, unfamiliar with PC security, or unfamiliar with the Internet. The malware and Trojans and CSS attacks are seemingly constantly cropping up on MySpace. I've seen attacks hijack browser sessions, phish for contacts, install backdoors, and bafflingly alter user settings in seconds after displaying the infected MySpace page.

  • slide 6 of 7

    1. Credit Card Number Thefts from Businesses

    Hundreds of thousands of dollars have been stolen from credit card accounts which have been lifted or stolen from legitimate businesses after the account numbers were collected for payment of that businesses normal goods or services provided. Sometimes employees were involved. In one of the biggest thefts and false charge rings, the businesses network was hacked and the numbers were copied electronically from a server. Wireless networks make this type of theft easier for the thieves.

  • slide 7 of 7

    What's Next?

    It's always a tough guessing game predicting what the future holds. Trends can change as quickly as the wind in the Internet world, and the ever-more connected users of text messaging, mobile Internet, 3G and soon 4G networks will expose themselves to new risks as yet unseen.