Social networking websites like Facebook and Twitter are some of the most trafficked sites on the Internet. The increase in popularity and activity of these sites has created new risks to not only individuals, but also organizations.
In a major shift, email attachments are no longer the attack vector of choice for computer hackers and others intent on gaining access to government and industry systems, security experts say. Instead, as increasing numbers of people adopt social media, those sites are becoming the new attack portal of choice.
It may seem hard to believe, but today, malware attacks delivered via email account for a small percentage of virus attacks; the vast majority, analysts say, come through the web, with socialnetworking sites being a prime culprit.
One recent survey found that the number of people who have accounts at social networking sites is actually 10% greater than the number of people who have email accounts. Because hackers and identity thieves are opportunists, it's little wonder they've adopted these websites as targets.
Keep in mind that the problem is not so much people twittering away major secrets as letting slip many smaller pieces of information that an adversary can piece together. Even well-meaning workers can inadvertently cause a major breach.
There are plenty of recent examples demonstrating that social media sites can compromise security. Recently, an Israeli soldier posted details of an impending West Bank raid on his Facebook page, leading to the mission being aborted. The gunner from an artillery unit wrote, for all the world to see, "Wednesday we are cleaning Qatanna, and on Thursday, God willing, going home." The post contained the exact time and location of the planned sweep.
Other soldiers in the unit alerted their officers, and the planned raid was called off. Need we add that the soldier was in deep trouble'
Businesses, too, must worry about social-media leaks. One new tactic for corporate spies is to invent a Facebook user (often an attractive young woman), then "friend" employees from competitors and watch their page, encouraging them to divulge company secrets.
Details of a major cyberattack on a financial firm have emerged; hackers sent a plausible Facebook message to a worker inviting her to click a link "to see photos" of a company outing. But when she did, she actually downloaded malware that wormed its way into her employer's network, stealing invaluable secrets.
Follow this expert advice to use social networking wisely and safely:
Be discreet. Never type anything into a profile page that would expose you to unwanted visitors or the possibility of identity theft or malicious threats. This includes personal and business names and addresses, phone numbers, job titles, birth dates, schedule details, daily routines, and business or family information.
Be skeptical. Social networking sites are full of useful business information- as well as useless disinformation. Treat anything you see online (stock tips, personnel gossip, etc.) with a high degree of skepticism.
Be thoughtful. Never type anything online that can come back to bite you. This includes outrageous claims, slander,obscenity, and insults.
Be professional. If you're posting a picture or video to a social network site, make sure it presents you in the best possible light.
Be wary. People on the Internet aren't always who they seem to be. The "CEO" you're chatting with in Denver may actually be a 14-year-old kid in Milwaukee - or a prisoner in Romania.Until you can independently verify someone's identity, never reveal personal,
business, or financial information.
Check privacy policies. All major social networking services have privacy guidelines. Take the time to read and understand these documents.
Questions to ask yourself about your posts on social networking sites.
Do you:
Aca,!Ac Keep sensitive, work-related information off your profile'
Aca,!Ac Keep your plans, schedules, and location data to yourself'
Aca,!Ac Protect the names and information of coworkers, friends, and family
members'
Also, remember to:
Aca,!Ac Keep your anti-virus software updated.
Aca,!Ac Beware of links, downloads, and attachments.
Aca,!Ac Beware of "apps," or plug-ins; these are often written by unknown third
parties who might use them to access your data.
USASMDC/ARSTRAT has the following social media sites:
www.facebook.com/armysmdc
www.twitter.com/armysmdc
www.flickr.com/armysmdc
www.youtube.com/armysmdc
While interaction on the sites is greatly encouraged, employees should always keep security in mind.
Social Sharing