+++ 821.676 Press releases +++ 33.979 Newsrooms +++ 6.000 Media +++

Photo Sharing, Wikis, Social Networks -Web 2.0 and Malware 2.0. EU Agency issues Position Paper on security for the next generation web

A new ENISA report explains the risks of Web 2.0 - photo sharing, wikis, social bookmarking and social networking - and "malware 2.0", a new breed of web-borne infections you can catch just by visiting a web page and gives advice to tackle them

(PresseBox) (Heraklion, Crete, ) Web applications have become amazingly sophisticated to keep up with the demand for new services. “Web 2.0 applications are pushing existing Web technologies to their limits – as a result, even the best developers have had to resort to ‘hacks’ and loopholes in the system to make their applications work.” says Giles Hogben, an ENISA expert. “It’s no surprise that criminals are attacking these applications, and are using them as vehicles to distribute malicious code to users.“ The black-market in malware installations is now so well-organised and lucrative that criminals are offering package deals with standard prices per “installation”.

The success of Web 2.0 is fundamentally about enabling users to contribute content and communicate. But, at the same time, that success creates new challenges: For example it is more difficult to know whether to trust information when you don’t know who the original author was or where it came from. The related ENISA survey analysed what tactics people use to decide if a web page is fake. The result is highly surprising: Most people will trust a source as long as it appears more than once on the web. The tendency of blogs and wikis to replicate rumours means this is no longer a rational strategy. For example, some stories originating in the blogosphere about US vice-presidential candidate Sarah Palin have since been proven false. Another example is web based pump and dump stock rumours where share prices are artificially inflated. “We need better ways to establish trust in information in the Web 2.0 world”, says Mr. Andrea Pirotti, Executive Director of ENISA.

ENISA compiled the report using input from a group of international web security experts. It recommends a set of initiatives in web standards and architecture, as well as policy actions. These include eg., incentives for more secure programming and measures to protect personal data exchanged among private individuals.

For full report: http://www.enisa.europa.eu/...
Survey results: http://www.enisa.europa.eu/...

Have your say! To influence the future of European Network and Information Security: give your opinion in the online public consultation: http://ec.europa.eu/...

About ENISA - European Network and Information Security Agency

The European Network and Information Security Agency (ENISA) is an agency of the European Union. ENISA was created in 2004 by EU Regulation No 460/2004 and is fully operational since September 1st, 2005. It has its seat in Heraklion, Crete (Greece). The objective of ENISA is to improve network and information security in the European Union. The agency has to contribute to the development of a culture of network and information security for the benefit of the citizens, consumers, enterprises and public sector organisations of the European Union, and consequently will contribute to the smooth functioning of the EU Internal Market. ENISA assists the Commission, the Member States and, consequently, the business community in meeting the requirements of network and information security, including present and future Community legislation. ENISA ultimately strives to serve as a centre of expertise for both Member States and EU Institutions to seek advice on matters related to network and information security.

Press releases you might also be interested in

Subscribe for news

The subscribtion service of the PresseBox informs you about press information of a certain topic by your choice at a choosen time. Please enter your email address to receive the email with the press releases.

An error occurred!

Thank you! You will receive a confirmation email within a few minutes.