Archive for Social Networking

| July 25, 2012
Comments Off

Social Networks Are Malware Launch Pads

Social networkingSocial networks’ role in the growth of the global virtual society has been well documented. What is not so well documented according to Help Net Security is the role social networks have in spreading malware. The security and privacy mechanisms of social networking firms such as LinkedIn (LNKD), Twitter and Facebook (FB) have proven insufficient to prevent exploitation.

The article notes that “To Err is Human,” and human errors lead to exploitSocial mediaation and manipulation whether the social network is online or offline. Social networks hold a plethora of personal information on the users that form the network. Individual connections between users collectively form a web of connections. To build each link between users an implicit trust is required between the two users and implicitly across the entire network. Any information provided by an individual user through chained connections becomes a part of the full network. When an attacker is able to exploit one user in the social network, they have the potential to be able to push malicious content into the network. The network’s connectivity enables the spread of the exploitation. The blog explains that attackers exploit the weakest link in the chain.

The inability of users to determine the legitimacy of content flowing through the social network aids this exploitation process. Help Net Security says the biggest problem with the online social networks is that they do not have built-in protection against malware. For example, current social networks do not scan the URL’s and embedded content coming from third-party servers such as Content Delivery Networks. Therefore, there is no way to authenticate the URL’s passed among the user objects in the social networks.

The infection process begins with the exploitation of humanWeakest link ignorance and followed by spreading of the malware through the trust upon which the network is based.

The article further explains that to start the exploitation process, an attacker will pick an issue that affects human emotions to evoke a response so the social network user will do something the attacker wishes. Phishing and spam messages about weather calamities, politics and financial transactions are used for starting infections. The author states that since social network exploitation begins by exploiting an individual’s ignorance common attack strategies have emerged.

One of the simplest infection techniques is to put malicious URLs on a Facebookuser’s Facebook message wall. When a user clicks on an illegitimate hyperlink it can result in automatic download of malware through the browser. Some of exploits used are:

  • Browser Exploit Packs (BEP) which fingerprint the browser version and other software on the user machine. Based on this information, a suitable malware is served to the user which uses exploits for that particular browser.
  • Drive-by-Download attacks begin by visiting a malicious Botnets and Browsers – Brothers in a Ghost Shellpage. They exploit vulnerabilities in browsers and plugins. Successful exploitation of the vulnerability causes a shell code to run that in turn downloads the malware into the system.
  • Malicious advertisements (malvertisements) happen when an attacker injects a malicious link in a users Facebook wall to spread malware. The fake post is linked to a third-party website which has malicious advertisements embedded in it. These advertisements are linked to malicious JavaScripts which executes the malicious content in the browser.

Trojan horseHelp Net Security states that online social networks are not harnessing the power of Safe Browsing API’s from Google (GOOG) or similar services to instantiate a verification procedure before posting a URL back to a user profile. Lack of such basic protections is a key factor in making the social networks vulnerable to exploitation.

Microsoft (MSFT) recently spotted a Facebook attack in the wild that exploited Facebook users trust in a social engineering campaign. The attack tries to trick Facebook users into installing a backdoor Trojan with keylogging capabilities according to the Help Net Security report.

MSFT says the Facebook Wall messages varied but they all lead to Computer trojan horsefake YouTube pages. Once there, the user is urged to download a new version of “Video Embed ActiveX Object” to play the video file. Unfortunately, the offered setup.exe file is the Caphaw Trojan.

The trojan bypasses firewalls, installs a FTP and a proxy server and a keylogger on the affected machine. Microsoft’s Mihai Calota says ” … has built-in remote desktop functionality based on the open source VNC project.” MSFT says the Facebook attack can be used to steal money, “We received a report .. that money had been transferred from his bank account … The keylogging component, coupled with the remote desktop functionality, makes it entirely possible for this to have happened.”

rb-

The articles correctly state that security and Boy with knife and electricityprivacy mechanisms are indispensable for safe online social networking. Built-in security is necessary because attackers exploit the trust, curiosity and ignorance of the social network customers to their own profit. User should demand safe and secure transmission of the information and user’s privacy. These should also be a focus of the social networking companies.

To protect themselves, users should:

  • Have up to date AV software running on their computers
  • Keep their browsers and operating systems fully patched
  • Change the passwords on all their sensitive accounts regularly
  • Warn friends and Facebook if an account seems to be hacked by using the Facebook “report/mark message as spam” option.
Related articles
Category: Security, Social Networking | Tags: , , , , , , , , , ,
| June 26, 2012
Comments Off

Credit Agency to Trawl Facebook

FlounderGigaOm has an article that documents the efforts by Schufa, the largest credit ratings firm in Germany to mine data from the Facebook (FB), LinkedIn (LNKD) and Twitter accounts of its customers. cites documents leaked to German media, that the firm whose slogan is “We Build Confidence” would use the information “to identify and evaluate opportunities for and threats to the company.”

Facebook (FB)“It cannot be that social networks are systematically scoured for sensitive data, resulting in credit ratings of customers,” said consumer protection minister Ilse Aigner.

rb-

Get over it.

I wrote about firms like RapLeaf mining social networks for employers and banks back in 2010. What is surprising to me and Mr. Meyer is that this latest social network mining operation comes out of Europe and especially Germany, a country where most people are very conscious of data protection concerns.

This goes back to the internet-age old issue of privacy. Where is the line between public and private is it different for some groups than others? Do the NSA, CIA, MI5 and who ever else is listening get different access to data than Rapleaf, ApGet over itple (AAPL), Facebook, Twitter?

Just because the info is out there, public by default do they have the right to use it?

On the other hand users of Facebook and Foursquare happily tie their credit cards to these accounts, post status updates and check-in to places for the world to see.  

Maybe we are just getting what we deserve.

Category: Security, Social Networking | Tags: , , , , , , , , , ,
| March 17, 2012
One comment

Seinfeld Explains Facebook’s Success

Reddit has a Seinfeld clip from 1992 that proves that explaining why Facebook, and all social media, is such an irresistible life-resource hog.

 

Seinfeld Season 04 Episode 07 The Bubble Boy

Related articles
Enhanced by Zemanta
Category: Social Networking | Tags: , , ,
| January 26, 2012
One comment

Spot Can Run, But He Can’t Hide

Internet of ThingsThe new pet-oriented Global Positioning Systems (GPS) on the market, now make it possible to constantly track your best friend according to a report in MIT’s Technology Review.

Garmin GPSThe GPS devices made just for pets are generally small enough to be attached to a collar which allows Owners to track their furry companion’s every paw print in real-time. The New Jersey Star-Ledger points out unlike microchips embedded in the skin of an animal which store identifying information, these devices aren’t invasive, and owners don’t have to wait for a stranger to find and bring their lost pet to an animal shelter to scan the chip.

“This could easily be a multimillion-dollar category,” David Lummis, a “pet market analyst,” at New York-based market research firm Packaged Facts, recently told the New Jersey Star-Ledger. Pet owners are now more “crazy” about their four-legged friends than ever. If the recession is any indication, Mr. Lummis told the paper that he $58 billion pet products industry has merely slowed a few percentage points during the recession.

Tagg the Pet TrackerThat kind of consistent growth has attracted attention of  Qualcomm (QCOM) the biggest maker of mobile-phone chips.  San Diego-based Snaptracs, a wholly owned subsidiary of Qualcomm, has released Tagg the Pet Tracker.

The rechargeable Tagg device can be attached to a collar (provided it’s not a spiked or bejeweled one), plus a home base unit. Owners are able to set a virtual perimeter for Fido to wander. TR says a text message or email alert will be sent if Fido strays too far. The device has a battery life of some 30 days and is water-resistant; it’s intended for dogs (or cats) 10 pounds or heavier. The necessary hardware and one year of Verizon (VZ) service costs $200 according to Technology Review. The service costs $5 a month after that. It’s a small price to pay, Dave Vigil, president of Snaptracs told the paper, considering pets are becoming increasingly “like family members.” Users can also find their pets at any time through a computer or smart phone.

Jessie and WileyGPS giant Garmin (GRMN), has also entered the doggie lo-jack market. The paper says the Olathe, Kansas based company released the GTU 10 device, a 1.7-ounce gadget. Garmin users can also set up a perimeter and receive alerts, or track real-time from a mobile device or computer. The GTU 10 operates on AT&T‘s (T) wireless network and costs $200 for the first year and $50 a year after that.

Another competitor is Retriever. TR says Retriever has similar functions with virtual fences and alerts but adds a social networking element. Retriever will share Spot’s location with a friend, presumably so if your old pal Spot gets loose while you’re out-of-town, you can help steer the on-site rescue. To judge from its site, Retriever appears to not yet be on the market, nor is a projected price listed.

Technology Review also notes other products in this niche. Global Pet Finder, is not available anymore on Amazon (AMZN) as of this article. The SpotLight device costs $169.99 and is limited to T-Mobile coverage. SpotLight costs $179.88 per year for a subscription.  The Love My Pets device and 1 year subscription costs $189.95 uses the Sprint (S) network. The Love My Pets system costs $14.95 per month for a subscription according to a CSR.

rb-

Qualcomm’s goal is to encourage new uses of its radio chips, not to make a hit product. These products are part of the Internet of Things. As the Apple (AAPL) iPod and iPhone have shown, people are willing to shell out a lot of cash for the things, but it is in the services where the money is to be made on the Internet of Things. Content is still king.

Related articles
Category: Internet of Things, Social Networking | Tags: , , , , , , , , , , , , , , , , , ,
| October 18, 2011
One comment

Staff End Runs Security

Social networkingWhen I in my remote Bach Seat, contemplating sharing tech services, I am constantly facing the consumerization of IT. The iPads have made an official beachhead and Skype has made it inside the perimeter. So I should not feel alone according to recent reports from Trend Micro and Cisco (CSCO).

Facebook Help Net Security reports that despite more workplaces regulating social networking site access, employees bypass security roadblocks to engage in social networking. The research by Trend Micro says that employees are finding ways around security roadblocks, making social networking a way of office-life around the world. Trend Micro’s 2010 corporate end-user survey, found that globally, social networking at the workplace steadily rose from 19 percent in 2008 to 24 percent in 2010.

The survey also found that laptop users are much more likely than desktop users to visit social networking sites. Globally, social networking usage via laptops went up by 8 percent from 2008 to 2010. In the U.S., it increased by 10 percent In 2010, 29 percent of laptop users versus 18 percent of desktop users surveyed said they frequented these sites at work.

MalwareThe survey also found that laptop users who can connect to the Internet outside of company network are more likely to share confidential information via instant messenger, Web mail and social media applications than those who are always connected to a company’s network.

A 2010 Cisco survey, which looked at the security impact of personal gadgets and social networking in the workplace, found that employees are consistently (Cisco’s words) finding ways around security policies. 68 percent of those surveyed by Cisco said that employees use unsupported social networking applications.  Heavy use of unsupported collaboration, P2P and cloud applications were also reported. More than half said social networking is one of their organization’s three greatest security risks. More than a third reported that their company lost data or experienced a breach because of employees using unsupported devices.

rb-

So why is Facebook such a problem for enterprises? For one, it is a huge time waster.  Datacenter Knowledge reports that Facebook users spend a total of more than 16 billion minutes on social networking site Facebook per day. Facebook VP of Technical Operations Jonathan Heiliger stated that 3 billion photos are uploaded to Facebook each month and users view more than 1 million photos every second during a presentation at the Velocity 2010 conference

The more popular the social network, the more effective social networks become as malware distribution platforms. KOOBFACE, the “largest Web 2.0 botnet,” controls and commands compromised machines globally. This demonstrates the scale of the threat, and emphasizes the need to educate users and implement strong policies.

Trend Micro says that trying to just prevent users accessing social networks from work could potentially increase the risk to an organization as users look for ways around computer security possibly increasing the chance of exposure to security threats. The lesson, in Cisco’s view, is that you better find the technologies–and resources–to support personal devices and applications because they will be used regardless. “The best strategic approach is to focus less on restricting usage and more on effective solutions to ensure highly secure, responsible use,” said Fred Kost, Cisco’s director of security solutions.

Call me old-school but  it seems that employees have always learned to work within reasonable company boundaries. Another option for those organizations that need web 2.0 in the organization should tale a look at Palo Alto Networks who have developed a firewall that can block the wasteful parts of social media and leave some parts of the web 2.0 app accessible.

Consumer technologies evolve faster than the IT department budget, and it could be a constant game of catch-up trying to accommodate the latest rogue gadgets and widgets. Ultimately, rogue IT use is not so much a failure of technology, but a failure of policy and policy enforcement.

Related articles
Category: Security, Social Networking | Tags: , , , , , ,
« Older Entries  

Switch to our mobile site