Social media is a useful tool for any business. Its ability to reach and engage with customers is unrivaled. However, with the rise in use, so comes the rise in attacks using this medium. Hackers and fraudsters have also cottoned on to the ‘potential’ in this new communications platform, giving them the ability to target big brands – exploiting the rapid increase in investment into social media marketing activity.
In a report into the scale of attacks, Nexgate found that – on average – a Fortune 100 firm has around 320 social media accounts, with 213,539 commenters producing 546,658 posts. This creates a huge opportunity for hackers and fraudsters who seem to use three main types of threat. Account hijacking, unauthorized accounts and content-based threats (including malicious links and phishing lures).
This not only represents a danger to the companies themselves, but also their reputation amongst their customers who may begin to lose interest in a brand they associate with poor security measures. Indeed, with this in mind – it was found that on average, 40% of Facebook accounts that claimed to represent a Fortune 100 brand were unauthorized accounts, as well as 20% of accounts on Twitter.
Furthermore, social spam on all accounts grew by 658% between mid-2013 and mid-2014. 99% of the links associated with these posts led to websites containing malware of phishing attacks. It is easy to see how these kinds of persistent attacks can damage a carefully constructed brand. But there are other, more nefarious purposes, including stealing customer data, manipulating markets and perpetrating various internet con schemes.
Even worse, the average firm had between two and three of their accounts that showed signs of being compromised. Hijack indicators, such as malware links posted by the brand managers themselves, were alarmingly regular. In fact, so common have these attacks become that it is now possible “to identify historical patterns that can be used to determine whether or not a hijack has occurred, such as bursts in posts or abnormal content.”
Recommendations on how to prevent these attacks widely vary, but any approach should include first mapping the social footprint a company has, followed by identifying the unauthorized accounts and petitioning their removal. Official, company accounts should then be monitored for malicious and inappropriate content that could damage the company’s brand and respond in the appropriate fashion. This should then be followed by establishing (if not already existent) organizational roles and responsibilities, including the creation of a ‘social media acceptable content use policy.’
Unfortunately, given the scale and complexity of most large companies’ social media infrastructure, manual reviews of all social media content is simply impractical. This is the reason why companies need to set up automated discovery, monitoring and remediation technology that can effectively find these unauthorized accounts, remove the malicious content and detect account hacks.
The security principles set forth in industry standard ISO/IEC 27002 provide a framework for effective security, built around the cycle of Plan, Do, Check, and Act (PDCA). Many good security products are on the market, but all are designed to meet specific threats – and will not block other threats. At GRT Corp. our security philosophy is built around these words by noted security expert Dr. Bruce Schneier: “Security is not a product, but a process.”