SOCIAL NETWORKS: THE #1 MALWARE SOURCE – Last year, I predicted that the web was the battleground and social networks would get ugly. Both those predictions proved true. This year’s threat is no different – just more specific. Social networks have in fact become so ugly that they will be the #1 source of malware infections. Why? Nielsen Online says social networks have become more popular communication tools than email. Also, social networks by their very nature are gathering places, which tends to imply increased levels of trust. Finally, social networks leverage complex, Web 2.0 technologies that can suffer serious security vulnerabilities. When you add those factors together, it’s no wonder that social networks will become to malware what email used to be to the virus; the #1 source of infection. – Corey Nachreiner, WatchGuard® Senior Security Analyst, CISSP www.watchguard.com
I spent a few years working for a technology services company that provided online detection of various forms of malware that posed a security and privacy threat to both consumers and business. Some of the work spanned various industries such as financial institutions and insurance companies as well as law enforcement agencies to detect fraud, counterfeiting and cybercrime in general. This was well before Facebook, Foursquare and Twitter became universal social networking platforms. Clearly the problem is much worse today as underscored by the above quote.
One thing that users seem to be oblivious to, whether they be business managers or consumers, is that social networks are cloud computing applications. They sit out on the Internet, a relatively open and unsecure environment where all types of predators lurk – identity thieves, terrorists and scam artists. Their ‘corporate’ vision and mission is carried out with the sole intent of stealing your identity, emptying your bank account and infecting your IT system with malware and harmful viruses, all without a shred of moral fibre or social conciousness. Beneath the surface are some very social criminals that want to be your ‘friend’ in a most unwarranted way.
It is unfortunate that social networks platforms do not, as a rule, provide disclaimers or warnings for people before they sign on. While the premise of ‘friending’ or ‘following’ people is innocent enough, there is little in the way that protects people from the possibility of online identity theft, fraud or in the worst cases, stalking and surveillance. The most egregious cases come from those who arrogantly declare privacy as a thing of the past, knowing full well that those who profit most are those who engage in online criminal activity.
It’s not surprising that many business are reluctant to take up social networking platforms. These software applications, mostly free, do not have the security safeguards that would prevent unwarranted intrusions into an enterprise’s data bases or email systems containing confidential and proprietary information. Security Solutions is one of the fastest growing areas of IT services and a facet of corporate governance that has taken on strategic importance in the digital age. As much as social networks have seen incredible growth in the past 5 years, so has online fraud. Concurrent with this has been the growth in security solutions such anti-malware applications, vulnerability assessment and penetration testing.
At some point, marketers and social media advocates need to wake up and understand the risks inherent in open and unsecure software systems. In doing so, they might be a bit more successful in moving their social media agenda forward. The responsibility to ensure that consumers are well out of harm’s way needs to be a serious consideration.
– Ted Morris, 4ScreensCRM
(Cross-posted at http://www.cloudave.com)