« March 2016 | Main | May 2016 »

1 posts from April 2016

14 April 2016

Social Media – The Hacking Revolution

View Katy Buller's profile on LinkedIn 

When it comes to social media and networking, it’s all a bit of fun, right? Connecting with friends, family, business colleagues, strangers, dangerous criminals…Wait, what was that last one? Yes, you read that correctly. Social networking sites are becoming an increasingly used tool by ‘cyber-criminals’ to target organisations or people, for the means of getting your vital information and data. You are probably wondering, how can someone use the information I post across social media to commit a crime against either myself or my organisation? In all honesty, it is quite scary just how straightforward some of these attacks can be.

Think first about what you share over social media on a personal level. You have your age, photos, job role and company posted across most networking sites. Often personal details to a more shocking level are disclosed on social media, ranging from medical problems, travelling, relationship troubles or frustrations with work. Social media is international and here to stay. We share and connect with people across the world every single day. In fact, we spend on average a quarter of our time online on social media sites, and these websites account for an astonishing one third of all internet usage. It helps to build relationships but it can also tear them down just as quickly. There are instances of burglaries taking place due to information obtained on social media; employees losing their jobs due to inappropriate posts or comments they have made on various networks as well as many other examples. When brought to a professional level, it is easy to see the links and how the information and interactions organisations have across networking sites can be just as damaging.

Many news stories these days break on Twitter; organisations are facing an increasing demand to engage more effectively with customers across such channels. This is now one of the primary methods that organisations use to communicate with their customers, which means it is more susceptible to attack than ever. Over the past few years there has been a notable rise in the amount of accounts being hijacked and attacked by hackers. Corporate accounts have been infiltrated and damaging messages have been posted. Not only this, but attackers can also use the data found across social networks to monitor the effects of current attacks by updates posted by organisations, to then alter their attack – as seen by the recent JANET hack. Furthermore, targeted attacks on organisations can be conducted such as spear-phishing to obtain information about company employees. This is then used to send seemingly legitimate emails across an organisation’s network, to trick employees into providing information such as passwords or credit card details, or even to install malware onto company machines to conduct further monitoring for additional attacks.

The list appears to be endless, so the question now is, how can you protect yourself?

Be Vigilant.

Have you noticed any strange requests, or unknown users trying to connect with you? Have you noticed any colleagues’ accounts or organisational accounts posting things that aren’t generally seen as ‘the norm’ for them, or could be damaging? Point it out for them, let your friend, colleague or your company know if you have seen something that may not be quite right.

Be Aware.

Be aware of what information you are divulging about yourself. If you are on holiday and away from your home, be cautious about who or what you are saying. Also, be aware of what social network you are using and what is appropriate given the platform you are using. Be aware of who is talking to you, and what information they are trying to get from you.

Be Proactive.

You can take proactive measures to protect yourself across social networking sites. For example, ensure that you are using two factor authentication when logging into your accounts. By doing so, this will alert you as to whether someone logs into your account that isn’t you, which means your account credentials may have been stolen, and it adds an additional layer of security on your account. Also, remove any information, photos or posts that you don’t want to be known as public knowledge and in turn ensure privacy is at the maximum level on your profiles to prevent those you aren’t connected with from finding out your information.

We can help you to effectively mitigate and govern risks, such as those discussed above in relation to social media. Is this something you need help with, or would like to chat about? Please get in touch.

Katy Buller 

View Katy Buller's profile on LinkedIn 

Latest posts from Cyber security updates