Industry Research : Imperva Report Examines Dangers In Light Of Military Singles Hack
Imperva, Inc. (NYSE: IMPV), a provider of a new category of data security solutions for high-value business data in the data center, today released its May Hacker Intelligence report Dissecting a Hacktivist Attack, which highlights how hackers exploit user-generated content features of social media websites by deconstructing the recently successful attack on MilitarySingles.com.
"Social networking, user-generated content and PHP-based applications are prevalent on the Web, but this report gives pause to consider how easily sensitive personal information can be accessed through these channels," said Amichai Shulman, CTO, Imperva. "Additionally, the attack on MilitarySingles.com calls into question the need for government and military personnel to have special policies regarding social networking, to prevent their information from being easily accessed and manipulated."
The report includes additional recommendations for social media websites to protect themselves from the dangers associated with user-generated content. Because many social media sites run PHP, a Web development language common to more than 75% of websites, they are vulnerable to Remote and Local File Inclusion attacks, which can be launched from user-generated uploads.
Highlights from Dissecting a Hacktivist Attack include:
How User-Generated Content is an Achilles Heel: Imperva describes how hackers can take advantage of user-generated content to initiate RFI attacks against PHP-based applications and offers advice to improve security.
How Enterprises Can Deploy Stronger Password Protection Techniques: Imperva believes that more than 90% of the MilitarySingles.com passwords were cracked in 9 hours. Imperva offers advice on how to better encrypt passwords to prevent future breaches.
Why Military and Government Employees Need to Interact Differently With Social Networking: Imperva questions whether it is appropriate for military and government employees with links to sensitive information to participate in social networking websites and suggests new public security policies may be required to prevent future breaches.
Today's Tip of the Day - Do You Divert Calls Between Offices?
More Editorial From Imperva
Published: Friday, May 25, 2012
Genesys® powers 25 billion of the world’s best customer experiences each year. Our success comes from connecting employee and customer conversations on any channel, every day. Over 10,000 companies in...
BroadSoft provides software that enables mobile, fixed-line, and cable service providers to deliver voice and multimedia services over their IP-based networks. The Company's software, BroadWorks(R), e...
Content Guru helps organisations to communicate better, enabling them to satisfy the increasing expectations of both customers and colleagues. Our innovative cloud-based technology reduces the cost an...
8x8, Inc. (Nasdaq: EGHT) leverages its patented software technologies to deliver high quality voice solutions with integrated messaging and video to businesses of any size with employees in any locati...