Companies’ Security and Social Media Attacks

In one of my previous articles, social media attacks and individual security measures was discussed extensively. With the continuous surging of enterprises going online because of the huge  and easily accessible online market, hackers and cybercriminals are shifting grounds and are increasingly turning attention to companies, corporate organizations and government agencies through the employees of these enterprises who are users of social media network. The bad habits of users of social media have made the operations of hackers fast and smooth without any hindrance to gaining personal data and fooling unsuspecting victims.

Social media risks have been an issue for individuals; security experts said the risks have spread its tentacles to organizations and companies’ users, as hackers look to manipulate and collect sensitive, personal information online and also carryout phishing attacks which might be detrimental to the security of the enterprise. For instance, hackers with their God-given wisdom and intellect, devishly use it to trick unsuspecting individuals on social media sites, such as Instagram, Facebook, Twitter and other social media platforms into clicking on malicious links, downloading of virus-loaded files that will make them vulnerable to attacks and ignorantly sharing sensitive information with social media friends. Gary Bahadur, a security expert said that when a hacker deploys a social engineering attack (on social media), they take advantage of people's trust.

Potentially, employees with little or no understanding of social media security pose greater risks for enterprise which among others, recklessly posting personal information online, which can be exploited by hackers and use in attacking the enterprise or organization. According to experts, exploiting social networks is easier for hackers because it is the path of the least resistance. Enterprise networks are becoming more sophisticated and conscious of cyber security, but uninformed employees using social media are more likely to fall victim to attacks because they don't know the value of their personal information or how much data they're actually exposing on the Web.

Hackers often carryout their operation by presenting scams in the form of news about fake celebrity death reports and sex tapes, unbelievable world news, must-see videos, free offers for smartphones, plane tickets, or gift cards. These spread rapidly on social media because people are more likely to click on links posted by a friend or if it has many shares and likes. This describes how individuals attribute more trust and value into something because it's been clicked on or approved by other users. Another security expect with Symantec (Samir Kapuria) said, "They're automating the ruse more through social media, so the victims are being brought right to the doorstep of the bad guys, they're using the power of social networking, along with the surge of mobile devices, and they're getting more efficient and effective with how they conduct their business."

Employees need to take appropriate precautions and measures to protect their identity because it can also affect their work environment. For example, when users fail to configure completely different usernames and passwords for social media sites, it can put their email accounts, bank accounts and especially enterprise accounts at risk. An employee should use a total different username and password for the company’s email accounts and that of social media networks.

The young generation should be properly educated on the dangers of social media so as to protect or limit the amount of information they share online. According to Bahadur, "Once they(the young generation) hit the corporate world, their online presence could be a disaster, and  they won't understand the concept of privacy and sensitive data." Employees need to be aware of social media risks and recognize that overexposing themselves online can make them and their employers an easier target for hackers. "If there is gold over here, heavily protected, and silver over there, not protected, then the hackers will go after the silver, not the gold." (Christopher Budd)