Secure Enterprise 2.0 Forum Reveals Social Networks, Wikis and Community Blogging are Popular Targets for Hackers

NEW YORK, US – May 5, 2009 – The Secure Enterprise 2.0 Forum, an industry initiative dedicated to the secure use of social media at work, and WorkLight®, a Secure Web 2.0 for Business Company, today revealed that hacking attempts on Web 2.0 sites and social media are on the rise. In a special report entitled “Web 2.0 Hacking Incidents – 2009 Q1”, the group analyzed databases of successful hacking attempts in the first quarter of 2009, revealing that Web 2.0 sites are now the premier target for hackers, amounting to 21% of all reported hacking incidents.

The report reveals the following trends in the targeting of Web 2.0 sites during Q1 of 2009:

• Web 2.0 services and sites lead the list with highest number of all recorded incidents (21%).
• Most popular attack vectors exploiting Web 2.0 features are SQL injection (21% of attacks) and Authentication abuse (18%). A new emerging threat is Cross Site Request Forgery (CSRF) that currently ranks as the 6th most popular attack vector with 8% of the reported attacks.
• Leakage of sensitive information remains the most common outcome of web hacks (29%), while disinformation follows with 26%, mostly due to hacking of online identities of celebrities.

“As Web 2.0 and social media become increasingly popular for both personal and professional use, it is highly likely that hackers will increase their efforts to exploit vulnerabilities,” said David Lavenda, a founder and chair of the Secure Enterprise 2.0 Forum and VP Marketing and Product Strategy at WorkLight. “This latest report by the Secure Enterprise 2.0 Forum clearly spells out the need for companies using these tools to implement a comprehensive security strategy and Web 2.0-specific security mechanisms.”

The quarterly report indicates that social networks, wikis, and community blogging services and sites are the most popular social media targets for hackers. Other types of organizations targeted by hackers in recent months include media (18% of attacks) and retail sites (13%).

“As the business world becomes more accustomed to the use of social media, it is quite predictable that some will try to exploit these tools, said Ofer Shezaf, internationally-renowned security expert and author of the report. “Yet the methods and vulnerabilities hackers will target are quite difficult to predict and neutralize. It is vitally important for companies to constantly monitor the security challenges presented by these new tools, as clearly demonstrated in this report.”

Click here for a free download of The Secure Enterprise 2.0 Forum Q1 2009 Web 2.0 Hacking Security Report