Social Networking: The seven deadliest hacks

My favorite type of Social Networking remains that which involves chatting with mates over a drink in the pub. Call me old-fashioned. There are, of course, various associated threats to “security” to consider: for instance, the extortionate cost of a pint these days could be considered a crime, and after a few drinks I might reveal information that should otherwise remain secret, which consequently might affect my personal reputation. It’s also how I met my wife.

I’m also well versed in more modern socialising. I have 38 “friends” on Facebook most of whom I probably wouldn’t recognise if they walked past me in the street, and around a hundred or so contacts on LinkedIn mostly comprising new and old work colleagues, a couple of hopeful recruitment consultants, plus a few folk I met whilst engaging in Social Networking 1.0 (i.e. at the pub).

Anyway, it’s been a while since I discussed social networking on this blog. Last December I stated the view that organisations who continue to allow full and unrestricted access to social networking sites need to wake up to the fact that they are putting the security of their data and other assets at risk.

Adding some more fuel to the fire is an article just published on Dark Reading entitled The Seven Deadliest Social Networking Hacks where Kelly Jackson Higgins proposes the case that Social networks are the next major attack venue for trolls, spammers, bot herders, cybercriminals, corporate spies — and even jilted ex-lovers or enemies — to make money, or just plain wreak havoc on their victims’ personal lives.

The seven deadly hacks discussed are:

1) Impersonation and targeted personal attacks
2) Spam and bot infections
3) Weaponized OpenSocial and other social networking applications
4) Crossover of personal to professional online presence
5) XSS, CSRF attacks
6) Identity theft
7) Corporate espionage

Personally, I think the following cartoon (from here) neatly sums up one of the biggest risks….

facebook-cartoon.gif 

SearchCIO
SearchSecurity
SearchNetworking
SearchDataCenter
SearchDataManagement
Close