- Security Center
- English ▾
Privacy in a Web 2.0 World
The open Web makes creating digital profiles a snap. But don't be surprised if a hacker is lurking about, aware of your digital moves and looking to benefit from you or your family.
Engage with a social networking site such as MySpace or Facebook, and you will undoubtedly change the way you spend your time online. Every time you visit and interact, you will leave a trace behind. You will expand your digital footprint. As you do this, you will acquire an online identity. Your digital profile will be born.
However unassuming or grand your digital profile is, however private or public, you can be certain of one thing: your nuggets of information can be turned against you by hackers with malicious motives.
The tables have turned as cyber criminals have shifted their attention from e-mail to web traffic. Their motivation: gaining financial benefit from unsuspecting users. "Web 2.0 applications are vulnerable because user-supplied data cannot be trusted... In 2008, web 2.0 vulnerabilities will be added to more traditional programming flaws and web application attacks will grow substantially, according to the SANS Institute's Top Ten Cyber Security Menaces for 2008 report.
It is little wonder that social networking sites are gaining the attention of hackers looking to spread their malware. Web 2.0 provides a grand platform from which to launch attacks. Social network sites, wikis, blogs, chat, RSS feeds, and instant messaging are, by their open nature, fertile ground for the distribution of malware. The more freely users interact and contribute content, the more information hackers have that can be used against them.
To limit your exposure and avoid being a target, it is wise to refrain from posting information that could make you vulnerable. This includes what others may be posting on you as well, for example, hobbies, addresses, memberships, routines, schedules, finances, employment - the possibilities are extensive. Only post information that you feel comfortable with anyone seeing since once you do so, you will not be able to fully retract it. Even if you remove it from a site, saved or cached versions may still exist elsewhere in the digital universe.
Just as it is important to be critical about what you post, it is also important to be critical about what you consume. Since much of Web 2.0 content is updatable by the public, it is possible for a hacker to embed links that send users to corrupt sites where they can be tricked into other scams. By blending with the crowd of users, hackers and cyber criminals can work underground.
Web pages that appear to be legitimate can introduce malware and spyware into a network. The challenge is to tell the legitimate from the corrupt, and it's not always easy. Often there's no way to know one from another.