Threat Intelligence Blog

Posted June 14, 2011

If there’s any message you should take away about utilizing social media in a secure manner, it can be summarized in one word: education.

Education is needed to convey to your network users that the stakes here are high. Even if the intruder isn’t seeking a dime from your company, the potential cost with respect to response, data loss and reputation can be crippling. As indicated, the vast majority of these incidents are the result of your users’ social-media behavior. Actually, the exploitation of social media for the purpose of malware attacks is growing at the same or at an even greater pace than the overall use of these sites. Online tools – like the popular, URL-shortening ones for Tweets – are very handy in masking malware threats, and a lack of security-savvy on the part of users establish social networks as a virtual playground for cyber criminals.

In seeking to avoid fallout from this that would impact your business, we at Cyveillance strongly advocate the following five-point plan for our customers a plan that has helped us earn recognition by industry-research leader Gartner Inc. as a top provider of the surveillance/collection/analysis of social-media activity for commercial-organization networks:

1. Launch a social-media policy. We realize that many of our customers already have a policy in place. We examine it, however, to get a sense of whether it’s up to date. Social media changes all the time. Legal documents do not. We look to see whether the policy addresses “real” modern-day concerns about social media, or if it’s really just a copy/paste of some antiquated HR form. Here as some questions to consider within the policy: Is it OK for employees to say that they are representing the company on Facebook, Twitter, etc.? If so, what are the guidelines as for appropriate content to post?

2. Train everyone. As stated before on this blog, your weakest link can be your most uninformed employee. Printing and distributing a policy is fine. But reinforcing it with training is even better. Don’t lecture them. Instead, engage in interactive workshops or computer-based training sessions to test their awareness of the latest social engineering attack techniques. Too many organizations put all of their focus on firewalls and passwords. These days, hackers don’t necessarily need to know how to get around these measures to do damage. They just need to get a single user within the network to trust them via a cleverly disguised email.

3. Establish the significance. Meaning, make sure your users realize how important it is to remain informed and alert. If your logo is used to support some kind of malware scheme, for example, your future relationships with customers and partners will suffer. As conveyed previously, there’s tangible, bottom-line value in a company’s reputation. Within minutes, a successful intrusion can crush the good reputation that an organization has been building for years.

4. Don’t try to do it all on your own. Social media is a very, very large universe. In fact, nearly 56 percent of Internet users in the U.S. use some type of social media, according to the Pew Research Center. That translates to a lot of traffic to monitor. Consider tools such as social media monitoring solutions and protection appliances to address this need for you.

5. Keep it current. No matter what tools you use – as well as intrusion techniques you share with users – make sure everything is up-to-date. The entire landscape of social media and the methods used to exploit it are in a constant state of rapid transformation. What worked this month won’t necessarily work the next. Your security team needs to stay on top by constantly educating and re-educating itself and company staffers on the latest trends.

The bottom line is that – in the “share more, not less” world of today criminals can easily obtain the information needed to craft emails that can fool even the most savvy of users. With no “silver bullet” solution to thwart all intrusion attempts, the best practice is to educate users to make decisions, and equip yourself with the best monitoring tools to detect attacks in progress.

James Brooks, Director of Product Management, Cyveillance

Question to consider: What essentials do you feel are needed in a social-media policy?

Additional Posts

RSA Token Vulnerability and One of America’s Most Secret Agencies Invoked in Latest Spear Phishing Attack

A targeted scam or “Spear Phishing” attack making the rounds today invokes the National ...

Don’t Let the Social Media “Generation Gap” Expose Your Network

Here’s a true story I like to tell to explain how wide the social media “generation gap” is. ...