A hunting ground for cybercriminals

download-2The interconnectivity of social media means it is a perfect hunting ground for illegal activity, and increasingly people are realising that their “friend” many not actually be their friend.

Cybercrime on social networks can be broken down into three categories:

  • the traditional broad-sweep scams, trying to lure you to click on something or visit pages that will push malware on to your computer
  • searching for careless public exposure of personal data
  • using social media as a platform to connect, exchange ideas and trade stolen information

Malware, scams and ransomware

The first category is the most widespread.

“The problem with social media is that people have an inherent trust,” explains Mark James, security specialist with IT security firm ESET. “And that is what is being tapped into by those cybercriminals.”

“People still believe that you have to click on something and download a file to be infected,” he says.

“This really isn’t the case anymore. There are things like drive-by-downloads, infected adverts and things like that. It’s very easy to be compromised on your machines.”

In many cases the initial malware is just a gateway into the system. It doesn’t do any real harm, yet. But once a back door is established to the infected computer, that access may then be put up for sale.

A package of data offering, of access to thousands of infected computers, will be snapped up by another criminal for use in a variety of ways.

With access to the computers received, criminals may then install software which, say, hijacks the victim’s online banking, or reads usernames and passwords.

One of the most profitable scams is installing ransomware, malicious software that encrypts the data on a victim’s computer and then asks for payment before restoring the system to its original state.

Reconnaissance

Social media is also an ideal hunting ground for anyone who has a clear target to attack, be it an individual or a company.

If you want to see who works in which company and in which position, or who they are friends with professionally and privately, this information can often be easily picked up on social media.

Any attack on a specific individual will be much easier if the target has made a lot of private information publicly available on their profiles.

If the target is a corporation, it is easy to single out an individual or a group of employees, and then target their machines in a focused attack. And once one machine in a network is affected, getting access to the entire structure is not difficult.

“There’s such a big crossover between your personal social media accounts and the impact you can cause within a corporate environment,” warns Michael Sentonas, vice president of technology strategy at cybersecurity firm Crowdstrike.

“Most organisations allow their users to connect to Facebook, to Instagram, to Twitter and other platforms and that’s where an attack – even if it was targeted at a home user – can have a significant impact on the workplace.”

Putting up defences

“Our only effective protection is a multilayered approach,” Mr James of ESET explains. “There’s no single protection anymore, there’s no magic bullet or single piece of software that’s going to protect us.”

While security software is important, it’s only a first step. It is a cat and mouse game where the bad guys produce the malware and the good guys try to produce the means to stop it.