Risks, Threats and Vulnerabilitites of Social Networks and Web Applications

Only available on StudyMode
  • Download(s) : 335
  • Published : February 11, 2013
Open Document
Text Preview
Identify Risks, Threats, and Vulnerabilities
of Social Networks and Web Applications
By
BARRY S KREMBS II
February 2013

Certification Statement
Title of Assignment:Identify Risks, Threats, and Vulnerabilities of Social Networks and Web Applications

CERTIFICATION OF AUTHORSHIP: I certify that I am the author of this paper/project and that any assistance I received in its preparation is fully acknowledged and disclosed in the paper. I have also cited any sources from which I used data, ideas, or words, either quoted directly or paraphrased. I also certify that this paper/project was prepared by me specifically for this course. Student Signature (electronic) Barry S Krembs II

ABSTRACT
While Social Media and Web Services are a part of life and an everyday occurrence, it is obvious that the threats of using these avenues, wrought with danger and only the most diligent observation prevents a system from being compromised if it is a target. Zero-Day exploits, Session Hacking, Email takeovers, “Botnets” have become a way of life, and dealing with these is critical to maintaining control of your computer. Cybercrime evolved from a take of one billion dollars in 2007 to over one trillion dollars in 2009 (Imperva, 2010). Consider that it is quadruple that now and that no one is safe, not even Presidents or Presidential Candidates. The Bamital botnet took over one million dollars a year and controlled hundreds of thousands of computers before it was taken down by Microsoft and Symantec last week (Finkle, 2013) “The most critical thing is that you have people looking, watching and using their brain.” Stated by Ryan Barnett, Director of application security research in 2010 (Westervelt, 2010). It is imperative that Web Applications have firewalls and that these are providing the basic protection from Technical Web Attacks, Business Logic Threats, Online Fraud, Network Security, and understand how these Firewalls are Strategic for Business (Imperva, 2012a).

Project Scope
While Social Media and Web Services are a part of life and an everyday occurrence, it is obvious that the threats of using these avenues, wrought with danger and only the most diligent observation prevents a system from being compromised if it is a target. Zero-Day exploits, Session Hacking, Email takeovers, “Botnets” have become a way of life, and dealing with these is critical to maintaining control of your computer. Cybercrime evolved from a take of one billion dollars in 2007 to over one trillion dollars in 2009 (Imperva, 2010). Attackers design malicious applications using free interfaces with social media and injecting their own codes into places that have loopholes and errors (Westervelt, 2010).

Zero-Day Exploits
These exploits take advantage of vulnerabilities that the software vender does not know about let alone prevent. Hackers formulate different variations of Malware to take advantage of these areas before the Developers can patch and protect against these vulnerabilities (Wikipedia, 2013). Oracle’s Java is an example of an application that is vulnerable. Their latest patch JAVA 7 Update 11 is in place to prevent up to fifty of these vulnerabilities as it just recently experienced some of these exploits. Many users are disabling this application in a Browser setting, likening it to “Kissing a black rat, in London, during the plague.” As stated in the Inquirer (Neal, 2013).

Session Hacking
Recently, there has been an increase in the hijacking of sessions and thus causing a Hacker the ability to take over a User’s session while they are ordering something and being able to continue transactions on a vulnerable Web application. These transactions are resulting in the exploitation of resources of the Web site and of the Credit Card Providers for these users after the User’s reaches their responsible percentage quickly. The Hacker uses their methods to exploit found vulnerabilities or have a User click on...
tracking img