The Secure Enterprise 2.0 Forum has just released their 2009 industry report and the topic is the top Web 2.0 security threats. Designed to serve as a guideline for assessing the risk involved with using Web 2.0 tools in the workplace, the document is intended to read by anyone considering the introduction of Web 2.0 technology into their workplace. The document doesn’t name technologies or companies that in and of themselves are risky, but rather looks at the types of vulnerabilities that Web 2.0 can bring to a business environment.
The Secure Enterprise 2.0 Forum is a group of organizations and individuals composed of executives at Fortune 500 companies who have embraced the trend of Web 2.0 tools and services in enterprise. Instead of fearing the seismic shift that’s underway, they embrace it. Still, they know that improper use of the new technologies could lead to nightmares down the road which is why they work to address the security challenges posed by the Web 2.0 technologies. The Forum promotes awareness, industry standards, best practices, and interoperability issues related to the use of the new tools in the workplace.
Top Web 2.0 Security Vulnerabilities
In the latest report, the Forum has identified the top Web 2.0 security vulnerabilities as follows:
1. Insufficient Authentication Controls
In many Web 2.0 applications, content is trusted in the hands of many users, not just a select number of authorized personnel. That means there’s a greater chance that a less-experienced user will make a change that will negatively affect the overall system.
This change in a system’s design can also be exploited by hackers who now have access to a greater number of “administrative” accounts whose passwords can often be easily cracked if the correct security controls are not in place. The systems also may have insufficient brute-force controls, permit clear text passwords, or have been tied together in a single-sign-on environment, making an attack that much riskier.
2. Cross Site Scripting (XSS)
In a stored cross site scripting (XSS) vulnerability, malicious input sent by an attacker is stored in the system then displayed to other users. Systems that allow users to input formatted content – like HTML for example – are especially susceptible to this attack. At risk are blogs, social networks, and wikis. An example of this attack from last year was the Yahoo HotJobs XSS vulnerability exploit, where hackers obfuscated JavaScript to steal session cookies of victims. Last year and in previous years, XSS worms were also to blame for attacks on Orkut, MySpace, Justin.tv.
3. Cross Site Request Forgery (CSRF)
In CSRFs, victim visit what appear to be innocent-looking web sites, but which contain malicious code which generates requests to a different site instead. Due to heavy use of AJAX, Web 2.0 applications are potentially more vulnerable to this type of attack. In legacy apps, most user-generated requests produced a visual effect on the screen, making CSRF easier to spot. Web 2.0 systems’ lack of visual feedback make this attack less apparent. A recent example of a CSRF involved a vulnerability in Twitter in which site owners could get the Twitter profiles of their visitors.
4. Phishing
Although phishing isn’t just a risk associated with Web 2.0 technologies by any means, the multitude of dissimilar client software in use makes it harder for consumers to distinguish between the genuine and the fake web sites. That enables more effective phishing attacks.
5. Information Leakage
Web 2.0 combined with our “work-from-anywhere” lifestyle has begun to blur the lines between work and private life. Because of this psychological shift, people may inadvertently share information their employer would have considered sensitive. Even if individuals aren’t sharing the equivalent of trade secrets, the accumulation of the small “non-sensitive” items they share can allow a business’s competitors to gain intelligence about what’s going on and being worked on at that company.
6. Injection Flaws
Web 2.0 technologies tend to be vulnerable to new types of injection attacks including XML injection, XPath injection, JavaScript injection, and JSON injection for no other reason beyond the fact that the Web 2.0 applications tend to use and rely on those technologies. With increased use, comes increased risk. In addition, because Web 2.0 apps often rely on client side code, they more often perform some client-side input validation which an attacker can bypass.
7. Information Integrity
Data integrity is one of the key elements of data security. Although a hack could lead to loss of integrity, so can unintentional misinformation. A great example of this in the public arena is a mistaken edit on Wikipedia which is then accepted as fact by many of the site’s visitors. In a business environment, having systems open to many users allows a malicious or mistaken user or users to post and publish inaccurate information which destroys the integrity of the data.
8. Insufficient Anti-automation
Programmatic interfaces of Web 2.0 applications let hackers automate attacks easier. In addition to brute force and CSRF attacks, other examples include the automated retrieval of a large amount of information and the automated opening of accounts. Anti-automation mechanisms like Captchas can help slow down or thwart these types of attacks.
When introducing Web 2.0 into the workplace, it’s important to have a good understanding of the types of risks involved. However, that said, while Web 2.0 may present different types of challenges, those are not necessarily any worse than the risks involved with legacy applications – they’re just different. And the opportunities that Web 2.0 technology can provide a business make overcoming these potential threats worth the effort.