How Hackers Utilize Social Media to Attack an Organization’s Network
Submitted by Kai on Wed, 2011-12-21 09:35.
It’s a common problem we’ve all seen before: An employee at work logs into their personal Facebook, Twitter or LinkedIn page to see an interesting video link shared by a “friend.” Once they click the link, a virus spreads throughout their account and onto their computer. As a reoccurring problem in the workplace, organizations are left struggling to find a way to manage social media sites.
With many Internet applications such as online social media outlets and web services, the line between corporate and personal usage has quickly distorted, causing an increase in data loss and malware outbreaks. Services such as blogs, Facebook, Twitter and LinkedIn now pose a great threat in the workplace, despite their functionality and organizational benefits.
Based on popularity, many organizations label these social media sites as trusted websites, however, user generated content is not taken into account. Through newsfeeds, recommendations and status updates, hackers manipulate users into downloading malicious content or into viewing malicious sites, abusing their primary weakness, friends. According to a recent study (Editors note: 2008) by Kaspersky Labs, social networking sites are 10 times more effective at delivering malware than previous methods of email delivery.
Two primary weaknesses have emerged from social media attacks, Complex Delivery Methods and Data Harvesting. Cisco studies show that organizations are spending more than $1.29 billion a year to fix targeted attacks, which increases the need to employ a security solution with social media access while simultaneously safeguarding organizational policies.
User Generated Content: Genuine or Malicious?The growing popularity of social media sites come from its ability for end users to maintain their own page and share links with their personal connections. Hackers utilize the likelihood that people will click on their malicious link by exploiting the trust between a user and their connections. They are able to embed malware into friend’s content, thus compromising the privacy and security of these sites.
Through user delivered content such as tweets or status updates, hackers post malicious content that is delivered to all contacts linked to an account, through URLs, links, photos and videos. With user content and updates being generated at a rapid pace, hackers are able to utilize social networking platforms to quickly send malicious content to a vast majority of users.
Using Information to Create a Personal AttackDespite the dangers associated with malicious content delivery, an even greater problem can arise. The ability for hackers to create dangerous content based on information they have gathered about the user, poses a huge threat to an organization.
Thanks to the technology crazed world we live in, practically everything is either on your computer or mobile device, making information easy to find for anyone looking. Hackers are able to easily integrate this information to create malicious content customized to a person or organization.
Not only is data harvesting the most threatening, but it is also the hardest to control. Preventing employees from clicking on a link they find appealing is an unrealistic solution. This leaves organizations needing to find a way to protect themselves as well as their employees from malicious content that might be opened by an unsuspecting end user.
ConclusionAn organization’s ability to block or control certain sites are no longer useful now that most attacks are user generated and come from so-called “clean” sites. As IT departments struggle to keep up with the growing number of potentially threatening sites, a new security solution is necessary to counter socially engineered attacks.
Essential to defending an organization is inline real-time threat protection and malware analysis of all content. Deep content inspection, anti-malware analytical engines and high-performance architecture group together to effectively analyze web traffic at all endpoints for malicious attacks.
Security solutions with the ability for deep content inspection give organizations the advantage of utilizing all social media, while guaranteeing compliance mandates are met and the organization is protected, regardless of what the end-user is accessing. The solutions provide visibility of the application content and the aptitude in which to apply flexible policies over users, applications and protocols based on the real-time understanding of these applications’ intent.
The ability to see the content available and apply policies over users based on real-time comprehension of the content is just as important. Additionally, being able to analyze web traffic for potential attacks will provide organizations with the comfort and knowledge that they are protected.