Social Media and Cyber Security - The Two Sharp Edges of Data
Today a Free, Facile and Fascinating mode of communication is Social Media. The information whether accurate or not is shared over the social media, which is growing at a high speed. Social media is an effective and profitable way to engage customers and build communities - but only if the risks are identified, mitigated, managed and monitored as part of a comprehensive social media governance plan.
The same social media platforms - Facebook, Twitter, Instagram and YouTube – that we use a hundred times a day to keep up with friends, family and updates have given rise to a vast global cyber criminal network. Over the last few years, social media has lifted the lid on the seedy underbelly of its platforms including Instagram, TikTok and Cash App, which have become a new breeding ground for online scammers.
Social media provides a pathway to a multitude of personal information. Access to such data can be of great value to attackers who seek highly personalised data to carry out targeted attacks like spear-phishing or compromise business email systems. With users choosing to access social media on mobile platforms, consumers and businesses need to be extra vigilant in the face of increasing sophisticated attacks on endpoint devices. Such data breaches can also result in a serious loss of reputation for businesses.
Why do cyber criminals choose social media platforms like Facebook, Twitter, Instagram, and YouTube? The answer is that these sites make it very easy to share and pass on just about anything – and that includes malware. In fact, security researchers found that social media platforms, on an average, have 20 percent more methods to scam and rip off consumers than other websites. These methods include adverts, sharing buttons and plug-ins. Plus, the fact that most people have hundreds, if not thousands, of connections on these social media platforms make it very convenient to distribute malware to a wide audience with surprisingly few negative consequences.
As these platforms become more intrinsic to our daily lives, social media platforms have become a crucial attack vector that enterprises can no longer ignore. Compared to eCommerce and corporate websites, social media platforms contain up to 20% more avenues where malware can be delivered to users, such as advertisements, social engineering, shares, and plug-ins.
Some common threats that come with the use of social media include -
• Disinformation – Abundance of personal information such as date or place of birth, universities attended can be used by threat actors for stealing identity and spreading disinformation.
• Fake Accounts– Threat actors pretending to be an employee can disrupt the brand name. Also known as ‘botnets’, these fake accounts can be used to spread fake news, instigate online debates on religion and manipulate public opinion.
• Password attacks – Accounts can be compromised with stolen passwords, social engineering and brand impersonations.
• Phishing attacks – Threat actors can use personal information available on social media platform while impersonating as a real person/company.
Social Media mounting cyber crimes
Cyber-attacks through social media have raised concerns over data theft and privacy issues, as data on social media platforms can be easily compromised through phishing, malwares, password hacking and botnets.
Sanjay Manohar, MD - McAfee India says, “With a young population, and the availability of cheap internet and smartphones, the number of social media users will increase to 448 million by 2023 (Source: Statista). More importantly, social media is creeping rapidly into business use. More and more users use unsanctioned apps like WhatsApp and Facebook on mobile devices, and use the same mobile device for both official (sanctioned) apps and personal (unsanctioned) apps. It is a critical urgency for businesses to implement cloud security solutions that provide protection for both sanctioned and unsanctioned apps.”
Vijendra Katiyar, Director – Enterprise Business, India & SAARC, Trend Micro however says that social media threats are not contained within the social networking sites’ walls. “Public interest in social media is in itself a powerful tool that cybercriminals have repeatedly used to their advantage.”
Govind Rammurthy, MD & CEO- Mircroworld Technologies Inc. says, “Threat actors are now farming likes and clicks while loading malicious links on pages that were deemed safe earlier, fake giveaways have also been used as a cheap method to farm likes, clicks, and traffic. Malware is now being shared through links via various messengers on social media and phishing is being attempted under the guise of reputable brands. Giving in to satiate your ego and finding quick friends and followers on social media could also make you prey to a phishing attack. If all of this wasn’t just enough, cyber bullying, online dating scams and identity theft has also been on a steady rise through social media.”
Over the last few months, the Security Response Team at Tenable has tried uncovering many threats on social media. “To give you an example,” says Diwakar Dayal, Managing Director - Tenable “Scammers are using fake profiles to trick unsuspecting TikTok users to sign up to adult dating websites or pay for fraudulent “premium” Snapchat accounts. We also detected the impersonation of well-known influencers and Bollywood celebrities such as Salman Khan and Neha Kakkar with the intention of boosting likes and followers to raise the popularity of a fake profile. Similarly, on Instagram, a growing phenomenon of Porn Bots has continued to evolve with newer methods for peddling adult dating spam. While on YouTube, our research found that scammers are creating videos to deceive users into believing they have a way to "hack" Cash App, the popular mobile app backed by Square, for free money.”
Reasons behind the attacks
The explosion of Internet has revolutionized human relations, most notably with the increasing use of social media sites, and these virtual communities have taken up an important place in the daily life of almost all web users. There are currently over 700 of these networks around the world. These networks ask users to supply personal information, which allows the users to create an online “profile”. They also provide tools that allow users to upload their own content and a list of contacts, with whom they can interact. Due to our current addiction to over-sharing everything about our private lives online, the vulnerabilities arising from the use of social media networks are increasing.
Says Govind Rammurthy, “The advancements in technology are directly proportional to the sophistication in the level of cyber attacks that are being carried out. Consequently, every platform which is blessed with technology in some form is vulnerable to cyber threats. Adversaries are switching platforms to avoid detection, making it difficult to pinpoint a specific platform that would appear to be the most vulnerable.”
Sophia Priyadarshini, Associate Product Manager - Instasafe Inc. feels that there can be innumerable platforms vulnerable to a cyber threat. “The most vulnerable ones are the social networking accounts like Facebook, Twitter, Instagram, LinkedIn, SnapChat etc. Phishing and malware threats on social networks can also be very similar because they often rely on external links. Historically, social engineering attacks have been static in nature; send a well-crafted phishing email to millions of unsuspecting users, cross your fingers, and wait for the gullible few to respond. Chatbots open an entirely new realm for social engineering by engaging a victim in a two-way conversation, building trust, and causing the user to let his or her guard down.”
Most social media platforms don’t allow users below the age of 13. The latest data reports that 59 percent all eligible audiences are already using social media. The average user has an account on more than 9 different social media platforms, and spends an average of 2 hours and 16 minutes on social media each day. Some social media sites are particularly popular among specific population groups.
India has 351 million social media users at a daily usage rate of about 2.4 hours (Source: Statista). The biggest threats are (1) Identity theft either due to unattended accounts or due to vulnerabilities in third party apps that integrate with social media. (2) Phishing attacks and scams that trick people into handing over sensitive personal data.
The problem is that some people forget that they are connected to their business Instagram and end up posting their personal life on Stories. Therefore, it’s very common to see business profiles with videos and images of personal moments.
Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet says that there are a few mistakes that users commit that make them fall prey to the bad actors. “One of the most common and big mistake people do is to use the same username and password for their social media sites as they do for their work systems, network access, and VPN connections; this creates a potentially significant attack vector for gaining access to the corporate networks.”
When the thin line between public and private is crossed, we need to think harder about what we have been doing.
According to Ajay Dubey, Country Head- NetSec and Channels, Forcepoint, in order to best assess the changing threat landscape, one must look at the evolution of data. “Historically, the goal of an attack was to disrupt the service that a company was offering to their customers. However now, with digital transformation underway and data being the new oil, we find that the threats today are focused on data exploits, data destruction, and data modification.”
Sudhindra Holla, Director - Axis Communications India and SAARC opines that as a security provider of smart solutions, they have realized that their products are also prone to cyber-attacks. “To ensure that our users are protected our solutions come fitted with a no back-door policy. We believe, by taking proactive measures we can mitigate the IT risks. Timely responses and transparency if any vulnerabilities detected, minimizes the flaws. We provide free upgrades and release patches if any threat detected to support our partners and customers. Thus, it becomes important to safeguard our user’s data. Securing security solutions is a continuous process and we regularly educate and share best practices of cybersecurity with our stakeholders.”
Localization of Data Vs Data breach
Social networking has changed the way we interact with people and do business; while there are numerous benefits to sharing and communicating through social media, it also has its share of risks. Cybercriminals have taken advantage of the free and easy way that people use social media platforms.
Data localisation is the act of storing data on any device physically present within the borders of a country. As of now, most of these data are stored, in a cloud, outside India. This is what the RBI wants to change through its data localisation rules.
Localisation mandates that companies collecting critical data about consumers must store and process them within the borders of the country. The RBI had issued a circular mandating that payments-related data collected by payments providers must be stored only in India.
The main intent behind data localisation is to protect the personal and financial information of the country’s citizens and residents from foreign surveillance and give local governments and regulators the jurisdiction to call for the data when required.
The other argument is that data localisation is essential to national security. Storing of data locally is expected to help law-enforcement agencies to access information that is needed for the detection of a crime or to gather evidence. Where data is not localised, the agencies need to rely on mutual legal assistance treaties (MLATs) to obtain access, delaying investigations. On-shoring global data could also create domestic jobs and skills in data storage and analytics too, as the Srikrishna report had pointed out.
Points out Sanjay Manohar, “The revised Personal Data Protection Bill, 2019 (Draft Bill), which was cleared by the Union Cabinet earlier this month is a step in the right direction, and will increase awareness and vigilance against data breaches. As many details are yet to be finalized, it is too early for us to comment.”
Sean Duca, Vice President and Regional Chief Security Officer, Asia Pacific & Japan, Palo Alto Networks feels that although there has been a lot going around about the regulations of data being stored or kept within the Indian premises, but it is also true that when it comes to breach, physical location of data is absolutely irrelevant. “The same can be compromised from any part of the world. However, data localisation is critical for law enforcement because if there is a breach and the access to the same is hosted in a different country, the process to deal with maybe complex and time consuming.”
Whereas Prashanth G J, CEO at TechnoBind Solutions Pvt Ltd opines, "No....in fact it may even increase as security frameworks as India is still some distance away in terms of the maturity. But we also look at it as an opportunity to help customers comply with the guidelines. The upcoming data protection bill will surely help in creating a framework specific to Indian regulations."
The bad actors will always try to go after the popular platforms. This increases their chances of breaking into gullible people’s mobile phone or laptops. They will succeed not because a platform was bad but because people are vulnerable. It is also true that a Strong network security alone cannot protect against social cyber security risks. Human error and a casual approach to
employee use of social networks at work are liabilities, and so therefore we need to make ourselves responsible for every step we take on social media.
There is a way to adapt to these online tools and bring a balance to social media. Given we are always online, we will always write statuses, tweets, share images, upload videos and thus create “content”. And since we won’t stop creating content, the most effective remedy to our social media ills has to do with changing the kinds of content that we produce.
A few simple ways to stay safe while using social media -
1. Use a Password Manager – Do not use either the exact same password or a variation of the same password for multiple accounts. Password managers remember all of your passwords for you, storing them in an encrypted vault. You’ll only have to remember one master password, which you can use to log on to all of your social media accounts. You can even set up two-factor authentication.
2. Don’t accept random Friend Requests or Follows - Accepting everyone who follows you can be a bit dangerous, especially if you’re revealing personal information on your accounts.
3. Click links with Caution – If you get a strange Facebook message with a link to check out a third party site. That’s something you don’t want to click on, as these links often ask for your personal information which can be sold on the dark web.
4. Don’t Reveal Personal Information – Do not reveal your Address, Phone number, Email, Financial information, Job information and Sensitive photos. Remember that once you post something on social media, people will always be able to find it, even if you delete the original post.
6. Customize Privacy Settings - Customize your privacy settings to control who can and can’t see your content.
7. Update Software on Device - Software updates may be a little annoying, but many of them include security updates, so it’s important to do them as soon as they’re available.
8. Log Off when Done – It is easy to leave yourself logged in on all the apps on your phone, especially because we use them so often. But if you lose your phone, or any mobile device, and you’re still logged into social media accounts, then you’re making it very easy for hackers to access your accounts and steal your personal information. Even though it may seem like a hassle, be sure to log out of social media accounts when you’re done using them.
9. Lock Phone - make sure that your phone locks automatically after a certain period of time maximum 30 seconds. On top of that, make a passcode that’s as long as possible and not based on anything obvious.
10. Use a VPN (Virtual Private Network)- VPNs encrypt your web traffic in a tunnel, replacing your IP address so that hackers won’t be able to access any of your information
OEMs addressing security flaws on social media
Sean Duca, Vice President and Regional Chief Security Officer, Asia Pacific & Japan - Palo Alto Networks
“On an access control level, Palo Alto Networks has put application-level controls into its firewall products to manage applications such as social media. However more broadly, it is important to pay careful attention to the people, process and technology aspects of cybersecurity, because it is the combination of advanced technology and savviness of the security team that will be fundamental to maintaining consumer trust.”
Sanjay Manohar, MD, McAfee India
“A seamless convergence of On-premise, Network and Cloud security elements will address this issue effectively. This will create a single defence mechanism that works cohesively against attacks and ease the administrative and cost burden of managing security across On-prem, Hybrid and Multi-cloud environments separately. True convergence offers (1) Simplicity in policy administration, centralized incident management and reporting (2) A combined set of APIs and proxy based controls to secure user, devices and data, no matter where they are. Unified Cloud Edge is McAfee’s vision for a Cloud-native security platform that enables organizations to apply consistent data security and threat protection controls across On-premise, Network and Cloud.”
Govind Rammurthy, MD & CEO, Mircroworld Technologies Inc.
“We introduced a new cybersecurity solution called Nemasis (VAPT). Nemasis (VAPT) is a vulnerability management suite, which helps to uncover weaknesses and vulnerabilities in an organization's IT infrastructure by focusing on areas that are susceptible to a security breach and helps them improve their security outcome. With such a futuristic technology we aim to bring the cybersecurity of the next generation into today’s era while preaching the prevention better than cure motto.”
Shrikant Shitole, Senior Director and Country Head for India, FireEye
“While FireEye provides a complete suite of enterprise solution powered with its Threat Intel to detect and prevent advance and emerging cyber threats, it also helps organizations with the evidence needed to measure, manage and improve their cybersecurity effectiveness. FireEye Email Security is a highly recommended solution – it can reduce cost and increase employee productivity through a single email security solution that minimizes the risk of costly breaches caused by advanced email attacks. FireEye Endpoint Security combines the best of legacy security products, enhanced with FireEye technology, expertise and intelligence to defend against today’s cyber attacks. FireEye Network Security is an effective cyber threat protection solution that helps organizations minimize the risk of costly breaches by accurately detecting and immediately stopping advanced, targeted and other evasive attacks hiding in Internet traffic.”
Ajay Dubey, Country Head - NetSec and Channels, Forcepoint
“At Forcepoint, we have long realized that we must do more to understand human behaviour and the intersection between humans and data to stay secure. Sophisticated cyber-attacks succeed because organisations overlook the human behaviour element – for instance, intended malice or inadvertent human errors – when trying to safeguard their critical data and users. Firms need to better understand the context that gives rise to malicious, or inadvertent but nonetheless risky, behaviour.”
Nikhil Korgaonkar, Regional Director – India & SAARC, Arcserve
“Arcserve develops modern data protection solutions designed to neutralize the impact of cyber attacks by providing immediate data/system restore and real-time replication for continuous data protection. Our newest solution takes our cybersecurity to the next level with fully integrated threat prevention and protection, for all-in-one cybersecurity and application availability. This solution is delivered via our Appliance Series, the only turnkey self-contained appliances for backup and onsite/offsite disaster recovery. Through our global collaboration with Sophos, a leader in network and endpoint security, organizations can now employ the only market solution that integrates anti-ransomware and other threat prevention technologies, such as deep learning AI for both known and unknown malware, and award-winning disaster recovery and high availability capabilities for prevention against data loss.”
Rohan Vaidya, Regional Director of Sales - India, CyberArk
“CyberArk allows the principles of privileged access to be applied to organisational social media platforms. Our platform enables authorised users to seamlessly authenticate to an account without knowing their passwords, making it harder for hackers to uncover and steal credentials. It eliminates shared credentials by storing passwords in a digital vault and requiring users to login individually for access. Also, it automates password changes: changing privileged credentials ensures attackers can’t use old passwords across systems. Finally, we audit account activity, so all posts can be traced back directly to an individual authorised user, making it easy to identify employees who may be posting harmful content.”
Murali Urs, Country Manager-India, Barracuda Networks
“Barracuda’s total email protection provides comprehensive protection against attacks, the powerful engine has a traditional gateway layered with an artificial intelligence application that defends the network against phishing attacks and will prevent many of these attacks from ever getting to system. It combines complete email protection portfolio in a single bundle which makes email safe through Email-filtering, spam blocking, encryption, archiving, and backup. It protects users and data from targeted spear phishing attacks and account takeover with an AI engine that detects threats, which traditional email gateways cannot. It also has an automated incident response which provides remediation options to quickly and efficiently address attacks. Barracuda’s user training also helps keep the social engineering attacks at bay.”
Sophia Priyadarshini, Associate Product Manager, Instasafe Inc.
“InstaSafe, is a Gartner recognised Zero Trust Network Access or SDP technology provider offers authorized users of enterprises & governments secure and fast access to internally managed applications hosted in enterprise data centres or the hybrid public cloud. SafeHats is a Forrester recognised bug bounty platform is an extension of customers’ security team. Designed for enterprises, the platform taps into a vast pool of highly skilled and carefully vetted security researchers and ethical hackers to comprehensively test your application's security. Together, we enable businesses & organisations to protect & secure their digital assets.”
Bhupesh Malhotra, Country Head - India, SecuraShield
“Being one of the purest IT security providers, we offer an array of solutions to protect the network and endpoints. We provide proactive security solution that keeps the data safe from hackers and intruders. Our R&D teams works to develop solutions that are always ready to mitigate any security risk arising, emerging sophistication of the attacks. Also with the strong R&D capabilities, we have incorporated proactive detection technology against all types of viruses, Trojans, spyware, malware and detect new threats based on file and URL reputation, Firewall & USB DLP. Be it the emerging threats involving IoTs or sophisticated malware attacks such as ransomware, our team have stood guard with best of best solutions.”
Prashanth G J, CEO, TechnoBind Solutions Pvt Ltd
"We are working with partners and highlighting to them the opportunities of working with their customers and make their social media platform secure. We start with a workshop where we understand the extent of the social media spread within the customer’s digital transformation journey. Post that we either help modifying the process to make it secure or help deploy security technologies to plug the gap."