By: Greg Ogorek
While there are plenty of smart criminals, there are just as many who seem to go out of their way to publicize intended or past crimes and misadventures. Before social media, criminals’ rants and raves were confined to hastily-scrawled manifestos on walls of dimly lit rooms, reams of paper strewn about the floor, or anonymous letters waiting to be discovered by police after the deed was done and law enforcement was left to investigate and pick up the pieces. Now, social media has given a rise to a whole new way for threat actors to broadcast their actions to the public.
Social media can be used for engaging in research, investigations, and monitoring of illegal activity. Law enforcement keeps tabs on convicted felons, looking out for posts about previous or future criminal actions. Organizations are able to monitor positive and negative commentary about their company, brand, and products or services in order to enhance their reputation and improve customer interaction. Governments seek to mitigate threats against the State and monitor specific targets of investigations. Everyone seems to have a stake in what’s being shared on social media.
So, how can security professionals take advantage of what is being posted in the open source, specifically social networking sites, to protect their organizations? First, let’s take a look at a few examples that vividly demonstrate oversharing on social media gone wrong:
- A couple residing in Ohio were arrested for allegedly robbing a bank. The robbers began posting photos of themselves with stacks of cash in various audacious poses. Police were able to track the couple down and match their photos to physical descriptions from the robbery; they are now in jail.
- Two journalists were gunned down by a former co-worker in live TV. The shooter was live tweeting about the shooting before and after the event.
- An individual makes comments on social media about a major sporting playoff event. The poster claims to intend to do harm to the facility, the players, and fans with a homemade device. With proper services in place, the sporting organization was able to stop the individual as they approached the ticketing gates.
- A man from Florida posted pictures of himself with a gun, jewels, cash, and drugs. From these pictures, police were able to locate the man, and eventually charge him with 142 felonies.
- An employee attending a private company all-hands meeting began to tweet about facts and figures being discussed behind closed doors. Because the company diligently monitored social media posts about their brand, they were able to identify the leaker and stop the activity within minutes.
All of these examples show how social media monitoring can help identify threat actors before and after they commit crimes. The real-time intelligence that social sites provide gives security professionals a greater chance of finding that needle in the haystack that could be the difference between a protected organization and one that has been attacked.
While Facebook, Twitter, and Instagram may be some of the most popular social sites, there are far more that need to be monitored. That’s why it’s important for security professionals to have access to a single tool with the ability to scour all of these sites at once, providing a comprehensive view of potential threats their company may face.