The growing popularity of social networking sites has not gone unnoticed by cyber criminals, who are moving into the enterprise space using these channels.
This is according to Stefan Tanase, senior security researcher at Kaspersky Labs, who will speak at the ITWeb and Kaspersky Labs Social Networking Security Forum 2011, taking place at Southern Sun Grayston in Sandton on 12 April.
Tanase says Web sites like Facebook, MySpace and Twitter have not only attracted millions of Internet users, but cyber criminals too.
He says organisations have to know that cyber criminals are exploiting security flaws found within social networks. “Lately, such sites have become a hotbed of malware and spam, and yet another source of illegal earnings on the Internet.”
According to Tanase, cyber criminals do not only exploit security flaws found within these Web sites, but they also use them to divert legitimate traffic towards Web sites that are serving malicious content.
They either use social engineering tactics or exploit some technical vulnerabilities in the organisation to infect users' machines, he explains.
Organisations should know the biggest threats delivered via social media are targeted attacks through the employees, he warns. “Employees are sharing so much information on social networks nowadays, that they can easily become the point of breach in a targeted attack against the enterprise.”
He points out that all the personal information they share can easily be collected by someone with bad intentions and later be used in sophisticated social engineering attacks. “Usually, targeted attacks come with serious consequences, like intellectual property theft or corporate espionage.”
Information leakage can also put an organisation under threat, Tanase points out. “Employees are, of course, human beings and can make mistakes from time to time,” he says.
They are known to unwittingly post confidential information about their job and their company to social networks, believing the information is safe, he points out. “Such information about current projects, financial situation or future plans can prove to be invaluable for competitors.”
If a company's social networking accounts are compromised, it can also put the organisation at risk of cyber attacks, he warns. “Usually, these accounts are managed by people who are not technically skilled, especially when it comes to security.
“Many enterprises do not have strategies in place to protect them against cyber attacks.”
This lack of IT security education and strong policies can lead to such an account being compromised, which puts the company under threat, he points out.
“When opening up a corporate [social networking] account, the company instantly starts to communicate with thousands of customers who may or may not have their computers already compromised.”
He explains that such computers can post links which lead to Web pages that distribute malware on the corporate social networking account. This can result in other customers being infected. Companies must constantly filter their incoming comments, replies and wall-posts, and remove malicious links, he adds.
Instead of having real security strategies or guidelines on social networks, most businesses block their employees from accessing these Web sites altogether, Tanase says. However, not allowing employees to access social media from work is the classic story of the 'forbidden fruit'.
“The problem with enforcing security is usually, as with most IT problems, located between the computer screen and the chair.
“It's like telling a kid not to do something because it's forbidden. It will be the first thing he's going to try to do.”
Related story:
Know your social media strategy
Share