t was once said we should keep our friends close and our enemies closer, but in this digital age, how does one tell the difference? Can you trust a Facebook friend? A Tweet? Or could you be at risk to opening the door for a piece of malware designed to glean valu- able data?
I
Given that the average cost of each secu- rity incident arising from a Web 2.0 applica- tion in the last 12 months for Canadian businesses was $2.3 million, according to a study by security vendor McAfee, it would seem to be something Canadian businesses should start taking more seriously. However, some 50 per cent of Canadian small businesses say they have no policies re- garding social networks and 70 per cent say they have no policies to monitor social media use on company mobile devices, according to respondents of the global survey authored by faculty affiliated with the Center for Edu- cation and Research in Information Assur- ance and Security (CERIAS) at Purdue University in Indiana.
The respondents are clearly aware of the security risks (57 per cent said it’s a concern), about productivity (27 per cent) and legal risks (eight per cent), but by and large, most seem willing to overlook the downsides for the upsides, which include increased revenue
streams (73 per cent) and somewhat in- congruously, expectations of better pro- ductivity (52 per cent) and communication (48 per cent). There is no doubt that complacency is part of the issue. Everyone is well versed to be suspicious when an e-mail pops up in his or her queue from someone he or she doesn’t know offering a magic solu- tion for flagging libidos, however, on the flip side, most people are probably not as suspicious if that missive comes from a friend or contact.
Once opened, though, people are likely to recognize spam and realize their account has been hacked, and, hopefully, respond by sending an alert to them so they can address the issue.
The rapid rise of social networking has added yet another wrinkle to that tire- some cat-and-mouse game with cyber- criminals seeking to hack either someone’s personal information for gain or penetrate the corporate network of Canadian businesses for similar profits. Carl Mercier, director of development for social web security at Websense, and Defensio founder, says as much as 40 per cent of Facebook posts contain links and about 10 per cent cloak malware. “We’re seeing what we saw with e-mail 10 or 15 years ago,” says Mercier.
WWW.SECURITYMATTERSMAG.COM
“Criminals are moving from e-mail to so- cial networks.”
The reason, he says, is efficiency: “If you want to spread a virus by e-mail, you send thousands of e-mails. Today you just post one link on Facebook.” As both Justin Timberlake and Lady Gaga discovered, maintaining a Facebook page is a great way to stay in touch with their fan base, but with great interest also come the opportunists.
Mercier says both world-renowned musicians have millions of fans who were exposed to a malware link, which was also making the rounds via Twitter. Websense figures some 20 million users, mostly fans of high profile pages, were exposed.
Getting an e-mail from a contact or checking a Facebook post by a friend tricks the target into letting his or her guard down, especially if in the middle of a busy day and distracted, says Alexandru Cosoi, BitDefender’s head of online threats lab. “You think, ‘Oh, this person is a friend so it’s okay.’” While celebrities like Timberlake and Lady Gaga now monitor or screen their pages more vigilantly as these types of in- cidents become more prevalent, it’s a clear warning to corporations joining the milling throngs on social network sites
FOLLOW US ON AND • SECURITY MATTERS 17
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32