Web 2.0 hacking incidents on the rise

The Secure Enterprise 2.0 Forum, an industry initiative dedicated to the secure use of social media at work, and WorkLight, a Secure Web 2.0 for Business Company, today revealed that hacking attempts on Web 2.0 sites and social media are on the rise.

In a special report entitled “Web 2.0 Hacking Incidents – 2009 Q1”, the group analyzed databases of successful hacking attempts in the first quarter of 2009, revealing that Web 2.0 sites are now the premier target for hackers, amounting to 21% of all reported hacking incidents.

The report reveals the following trends in the targeting of Web 2.0 sites during Q1 of 2009:

• Web 2.0 services and sites lead the list with highest number of all recorded incidents (21%).
• Most popular attack vectors exploiting Web 2.0 features are SQL injection (21% of attacks) and Authentication abuse (18%). A new emerging threat is Cross Site Request Forgery (CSRF) that currently ranks as the 6th most popular attack vector with 8% of the reported attacks.
• Leakage of sensitive information remains the most common outcome of web hacks (29%), while disinformation follows with 26%, mostly due to hacking of online identities of celebrities.

The quarterly report indicates that social networks, wikis, and community blogging services and sites are the most popular social media targets for hackers. Other types of organizations targeted by hackers in recent months include media (18% of attacks) and retail sites (13%).

To download the report  :

Web 2.0 Hacking Q1.pdf

reference : http://www.net-security.org/secworld.php?id=7464