Story image

Social media a gateway for cyber criminals

16 Feb 16

Personal and professional lines are becoming increasingly mixed online, with social media putting a lot of personal data in the public domain.

As a result, companies need to think about how they are keeping corporate assets secure.

That’s according to Ixia, who says that despite the value social media gives to businesses, there are risks.

“The value of social media to business is clear. It can amplify customer engagement, build brand identity, and raise awareness of products and ideas,” says Stephen Urquhart, general manager ANZ, Ixia.

“This increased exposure means added risks,” he says.

“Social media platforms put a lot of personal and professional information into the public sphere, making social profiling easier than ever. This, in addition to the ease of communication provided by social media platforms, increases the opportunity for cybercriminals to dupe employees into clicking on dodgy links or inadvertently downloading malware,” Urquhart explains.

He says organisations need to offer training and have appropriate network security infrastructure in place to avoid the risk of information breach or data theft arising from social media activity.

According to Urquhart, phishing remains one of the top vulnerability sources of for businesses.

“Social media can make it easy for a cybercriminal to pose as a colleague or a friend, send a phishing message via a social media platform or email, and fool someone into unknowingly providing an entry point to an organisation’s system,” he explains.

Urquhart says organisations can protect themselves against the potential of such an attack with five steps:

1. Make sure employees engage in social media only when using a secure connection or network

2. Educate employees about phishing scams, including how to recognise them and how to avoid them

3. Implement a policy that restricts what information can be shared publicly and which sites can be visited

4. Test the network regularly to reduce the likelihood of potential vulnerabilities

5. Subscribe to a threat intelligence service for a proactive way to minimise potential threats

“Social media has become unavoidable for most businesses, so organisations and individuals need to protect their social media presence just as they would protect their laptop or their network,” Urquhart adds.

Cofense launches MSSP program to provide phishing defence for SMBs
SMBs are highly susceptible to phishing attacks, and often lack the resources necessary to stop advanced threats
Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.