Britney Spears hack highlights reputational risk of weak Web 2.0-based service passwords

Burlington, MA & Redwood Shores, CA, July 2009 (Eskenzi PR) – The apparent hacking of Britney Spears' Twitter picture service account - with consequent false reports of her death - is a reflection of the increasingly mischievous nature of a small, young – and probably immature - section of the Web user base, says Imperva, the IT compliance and business risk mitigation specialist.

Mildly alarming as reports of Britney's premature demise were, they also came in the wake of incorrect Web reports from New Zealand of the actor Jeff Goldblum also having passed away," said Rob Rachwald, Imperva's director of marketing.

"What the complex online events leading up to the incorrect reports of the celebrity deaths spreading around the Web show us, however, is the sheer power of the Internet in terms of potential reputational damage," he added.

According to Rachwald, since Twitter's picture service currently only has a four-digit numeric password system, a brute force attack would be able to hack into the account in a matter of hours.

And, he says, as new Web 2.0 services evolve on the Net, the effort and focus of the application owners is going to be devoted to the fast availability of new features and commercial models.

As a result, he explained, the new services' IT security protection is likely to get left behind and will almost certainly not be integrated into the application.

For this reason, he went on to say, as well as being careful when it comes to setting secure passwords on these next-generation services, companies need to implement Web application firewalls alongside the services so as to afford better overall protection.

"The key issue here is that companies need to install additional security technology at the same time as when they deploy these new Web 2.0-based services in their organisation," he said.

"This is because Web application firewalls and other protective Internet security systems are becoming more and more important, as they can compensate for internal security control issues," he added.

For more on incorrect reports of Britney Spears' demise: http://preview.tinyurl.com/kn5m6a

Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world’s leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com.

<>