Click here to receive your FREE subscription to Campus Technology
Featured News
Web 2.0 Threats Loom Large for IT
1/25/2008
With the seemingly exponential growth of Web 2.0 technologies, IT professionals in education--and all other sectors, for that matter--face new challenges as control over technology slips away and moves into the hands of users. The very technologies that make Web 2.0 a reality (AJAX, in large part) seem to be considerably vulnerable to security breaches that can lead to data loss and theft and other malicious activities. And the growth of converged devices taking advantage of these technologies adds further to the problems.
Just this week, security firm Websense released a report that showed for the first time in history that Web sites compromised by "attackers" (phishers, etc.) now exceed those created specifically by attackers. In other words, more previously legitimate sites have been turned to malicious purposes than sites created for malicious purposes in the first place.
And the tool of choice in this new development? The Web 2.0 technologies used on those legitimate sites, which offer vulnerabilities attackers can take advantage of.
According to the Websense Security Labs report, which looked at security trends in the latter half of 2007, Web 2.0- and event-based attacks are on the rise, including spoofing search engine results to "drive traffic to infected sites."
Said Dan Hubbard, vice president of research for Websense, "We believe that attackers will continue to be creative and leverage Web 2.0 applications and user-generated content to create even bigger security concerns for organizations. With this in mind, organizations need to ensure their Web, messaging and data security solutions can protect the avenues hackers seek to exploit for financial gain."
But Websense is only the most recent raising red flags on the vulnerabilities of Web 2.0 technologies.
In higher ed, Georgia Tech's Information Security Center released a report entitled "GTISC Emerging Cyber Threats Report for 2008," in which Web 2.0 was cited first as one of the threats to watch in 2008, topping botnets, directed messaging attacks, and RFID attacks. (It also cited related mobile convergence threats--devices built to take advantage of Web 2.0 technologies--in its top 5.)
Commenting on the report, GTISC Director Mustaque Ahamad said, "As newer and more powerful applications enabled by technologies like Web 2.0 continue to grow, and converged communications applications increasingly rely on IP-based platforms, new challenges will arise in safeguarding these applications and the services they rely on. The GTISC Emerging Cyber Threats Report for 2008 highlights those areas of greatest risk and concern, particularly as continued convergence of enterprise and consumer technologies is expected over the coming year."
In that report, Web 2.0 was cited for potential client-side attacks on social networking technologies, aimed at "stealing private data, hijacking Web transactions, executing phishing scams, and perpetrating corporate espionage." Mobile convergence threats included "vishing," "smishing," and voice spam, plus denial of service attacks targeting voice infrastructure, according to the report.
Recommended Reading
- Sun, Stanford Working To Archive History
In May in San Francisco, experts from leading universities, libraries, and research institutions around the world met as part of an ongoing effort to address a pressing issue: archiving the world's history, right up to today.
- The Quilt Coalition Rolls Out XO Communications for High-Capacity Network Services
The Quilt, a coalition of 28 regional network organizations, has added XO Communications Services to its authorized vendor list. The Quilt represents 200 universities and thousands of other educational institutions across the United States. With this new relationship, Quilt members can purchase XO's high-speed IP transit and network transport services at competitive rates.
- Wimba Classroom 5.2 Expands Classroom Capture Support, Adds MP3 Downloads
At the NECC 2008 conference in Texas this week, Wimba launched a new version of Wimba Classroom, the virtual classroom component of the company's Collaboration Suite. The new 5.2 release expands options for classroom capture and adds a variety of other functional and ease of use features.
- Automation Chimera: Education Is Not Management
The lure of automating workflow online so human intervention is minimized is continually reinforced in the minds of higher education administrators by examples of automated campus systems such as financials, student information systems, and other enterprise systems. But what's good for management is not always good for learning.
- Cognos Releases BI Software for Linux-based IBM System z Mainframe
Cognos, which IBM acquired in January, has released an update to its business intelligence software that will run on the Linux operating system on IBM System z mainframes. IBM Cognos 8 BI was being developed by the two companies prior to the acquisition, but assimilation of Cognos into IBM accelerated development.
- Facebook and Collegiality: A Serendipitous Social Niche
Facebook is a way to greet a colleague as if she or he is on your own campus: a wave at a distance, a hello at the corner burrito place, a honk as you both leave the campus parking lot. Informal collegiality has been extended over the miles.
