Social Media Vulnerabilities and Considerations for the Corporate Environment

by Rob Hornbuckle Oct. 1, 2017 via Infosecwriters

Social networking is now one of the most dangerous security threats to an organization, according to recent studies by well-respected security firms such as Gartner, McAfee, and Norton. With over 1 billion people on Facebook alone, this will be a major threat for years to come. Hackers use this treasure trove of information freely provided by people about themselves and their companies to get the jump on many an organization. In fact, a recent study from McAfee has shown that half of organizations admit to a security breach resulting from social media in recent years. Consider also that only about a third of organizations have a response strategy or breach prevention policies when it comes to social media. This unchecked threat has the potential to not only wreak general havoc but can also be quite costly. While Facebook is the most notable social networking site, others to consider include: LinkedIn, Twitter, Yammer, MySpace, and Instagram. In an effort to mitigate this risk, all angles of vulnerability surrounding social media must be considered including: privacy attacks, malware distribution, data leakage, phishing attacks, identity theft, and evil twin attacks. Advanced attacks must also be considered including access-point spoofing, session hijacking, and targeted phishing attacks. Corporate practices can also be adjusted to better control response and prevention concerning social media attacks.

http://www.infosecwriters.com/Papers/RHornbuckle_Social_Media.pdf