Who is responsible for clickjack attacks?

Clickjacking attacks are perpetrated by black hat security experts, hackers, cybercriminals, and kids who have more computer smarts than real world sense. Recently, though, I have been wondering how much responsibility should fall on web site owners when it comes to the negative effects of clickjacking.

If someone, for instance, used a clickjack attack on a WordPress blog, would you hold WordPress responsible?

I think that to some extent we have to say ‘yes.’ I’m not saying that the web site is fully responsible. After all, clients will always demand some level of access to their content that supersedes the server’s ability to monitor it for illicit content, malware, and clickjacking attacks.

Some sites, however, are extremely lax in their security protection measures. They basically don’t care what their clients post as long as they get paid on time for their server space. This is where I start to hold web site owners responsible¬† for the content on their pages.

If a site tries to regulate its content, not in terms of censorship but in terms of security, then it’s understandable that a few things might slip through the cracks. Especially if they have a client who is particularly savvy and on the cutting edge of hacker tech. If a site doesn’t regulate at all, though, then it becomes a hot bed for hackers and clickjackers looking to find new victims.

Trust me, the hacker community is fairly tight. They share information with each other all the time. When one of them finds a host that doesn’t regulate for security at all, a huge number of them will know about it.

What’s the answer to this problem?

I don’t think that we can effectively regulate the internet. What kind of governing body, after all, would tell a host in Africa that it has to follow certain regulations? Even if such a body existed, how would it enforce those regulations?

The ultimate responsibility, therefore, falls to us. Instead of worrying about clickjacking sites, we should be compiling lists of hosts that allow such activity to take place. In other words, we behave like the cybercriminals by sharing our information with each other. A site that lists and advertises other web sites that commonly host malware, clickjack attacks, and other scams could educate internet users, basically telling them where the bad parts of town are. That way we can avoid them and anyone who uses them.

Advertisements
Explore posts in the same categories: Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: