The U.S. Department of Defense has begun blocking access to MySpace and YouTube on its network, citing security concerns and the need to prevent the network from being slowed by video traffic. "This is a bandwidth and network management issue," Julie Ziegenhorn, spokeswoman for U.S. Strategic Command, told Stars & Stripes. "We’ve got to have the networks open to do our mission. They have to be reliable, timely and secure."
Many troops stationed overseas use the DoD network to access the Internet, but some others use local providers. Ziegenhorn said the sites were becoming "a drain on the system," but the Stars & Stripes story also mentions security several times. MySpace has been a regular target of phishing scams seeking to steal account credentials. MySpace accounts themselves are of limited value, but can serve as a delivery mechanism for keylogging trojans, capturing home computers that may be used for shopping or online banking as well as social networking. Keylogging trojans would be problematic on computers on a secure military network.
Attacks targeting social networks present a small percentage of all phishing scams, but became more common in the second half of 2006 as hackers used them to seed botnets through malware distributed on sites including MySpace, LiveJournal and Orkut.
Several leading social networks have also proven vulnerable to XSS exploits, serving as a laboratory for phishers to test new technical attacks and social engineering techniques. The Netcraft Toolbar blocks common cross-site scripting attacks, protecting users from coding weaknesses in trusted sites, and has also protected users from many attacks on MySpace due to the prompt reporting of spoofing sites by the Netcraft Toolbar Community.
Posted by Rich Miller in Security
Your link here? Advertising on the Netcraft Blog