How cybercriminals invade social networks, companies
By Byron Acohido, USA TODAYSAN FRANCISCO — “Hey Alice, look at the pics I took of us last weekend at the picnic. Bob”
That Facebook message, sent last fall between co-workers at a large U.S. financial firm, rang true enough. Alice had, in fact, attended a picnic with Bob, who mentioned the outing on his Facebook profile page.SLIPPERY WORM: Koobface changes its tricks
So Alice clicked on the accompanying Web link, expecting to see Bob’s photos. But the message had come from thieves who had hijacked Bob’s Facebook account. And the link carried an infection. With a click of her mouse, Alice let the attackers usurp control of her Facebook account and company laptop. Later, they used Alice’s company logon to slip deep inside the financial firm’s network, where they roamed for weeks. They had managed to grab control of two servers, and were probing deeper, when they were detected.
Intrusions like this one — investigated by network infrastructure provider Terremark — can expose a company to theft of its most sensitive data. Such attacks illustrate a dramatic shift underway in the Internet underground. Cybercriminals are moving aggressively to take advantage of an unanticipated chink in corporate defenses: the use of social networks in workplace settings. They are taking tricks honed in the spamming world and adapting them to what’s driving the growth of social networks: speed and openness of individuals communicating on the Internet.
The rest HERE
Social: Etymology: Middle English, from Latin socialis, from sociussecg man, companion, Latin sequi to follow companion, ally, associate; akin to Old English
It was only a matter of time before the vectors of attack began a shift toward a “social engineering” model as the basis for successful attacks. Once the technology world had begun to spring forth appliances and programs to watch the gate, the best way to attack once again became very important lesson that the Greeks learned by the defeat of Troy.
Thus we have the phrase: “Beware of Greeks bearing gifts”
Of course now we have the common vernacular of a “Trojan” being a piece of software that inserts itself into a system and takes control much as the original horse did with soldiers inside at the battle of Troy. Both exploits require a “social” element that can be predicted by the attacker.
Today’s exploits using social networks is just a logical extension of the same principles that worked at the battle of Troy. Of course the paradigm that is different is that the “walls” of the citadel have changed from actual walls, to digital means to prevent attackers from getting in.
Firewalls, appliances, software, and rules on actions (policies) are all attempts at keeping the aggressors out. However, the one constant element of human nature makes all of these things potentially useless in the shifting world of digital warfare. We humans are “social” and generally that means we want to be helpful, engage others, and trust one another. This is especially so when we get an email from a friend.
With the advent of the internet came the seeds of our problems today. The initial use of the internet in its most rudimentary form was to have a command and control system for the military and universities. The passing of data during an attack as well as ease of doing so generally, grew to become the internet of today. Today’s internet is much more an animal of a social nature. Thus you have IM, Facebook, YouTube, MySpace, etc out there to talk to all of your friends.
It’s this very thing that is our undoing.
As social animals who no longer seem to have the abilities to detect danger as well as our predecessors did thousands of years ago, we are simply just laying it all out there. Our lives are an open book not only from our own hands, but also from numerous databases that are in private and government hands. Our digital persona is out there and potentially available to an attacker. Add to this now that we are putting MUCH more out there ourselves on the likes of Facebook, and you have a recipe for disaster.
Of course one might say that Cro-Magnon man did not have to worry about his SSN being sold by hackers and his identity stolen. However, one can make an analogous comment with the idea that during later times through the Medieval period giving one’s name to someone gave that person power over you. Put into context, you are now today giving out much more than your name on Facebook or Twitter.
So, where does that leave us? We now have all these means to digitally p0wn ourselves and still lack the sensibilities to refrain from it. Perhaps education? Maybe some better rules within these media sites on security?
Don’t count on Facebook to do much about that as the CEO/Founder once said.
Here’s to you Zuckerberg, you big code stealing clown. I will let you know here and now, privacy is still a social norm. Especially to anyone who’s been burned by identity theft or abuse because their privacy was invaded with your inaction.
In the end, the problems with social networking and security are no longer just the province of “personal” issues. We now have them as a vector of attacks such as the AURORA attacks on Google. It was the social element that allowed for the trojan/malware attacks to work.
“Oh, look! An email from my buddy that has an E-Card!” CLICK CLICK CLICK!
Until we learn to moderate our behaviors and to detect threats better, we are libel to see many more successful attacks.
Subscribe to comments with RSS.