IT Risk and Social Web Leverage

Leverage in all forms is a powerful thing.  For both good and bad.  The popularity and speed of social
websites provide an amazing degree of leverage for both businesses and hackers.  The Twitter
OnMouseOver JavaScript flaw and the resulting flood of exploitive tweets is a great example of the
latter. In a matter of hours, thousands of Twitter users were forced, due to no fault of their own, to
open a wide range of malware-laden sites.
We don’t know how many of those sites hosted zero-day exploits that could now be
forming/expanding botnets or executing other nefarious behavior.  However, it is highly likely many
computers were infected, all the result of a vulnerable web service.  And who could have predicted it?
Who could have known which zero-day exploits would be propagated due to a Twitter issue?  Who
would have known what new URL’s would be instantly deployed to host the exploits.  The short and
complete answer:  no one.
This is the real problem with today’s “block the bad” security model.   With the leverage of the social
web available to the hacker and cyber criminal communities, it is impossible to predict when “the bad”
will show up and in what form.  Waiting for updated antivirus signature files and web URL filter lists to
come in from vendors “after the fact” is worse than useless.  It is like nailing (continue reading...)