|
By Sean Wilkins
One of the biggest threats that have come out of the last year is a focus on the targets which use the ever more popular social media websites, including Facebook, Twitter, youtube and Skype among others. According to numbers from Facebook and highlighted in Cisco's Annual Security Report (ASR), the subscriber base of Facebook has went from 100 million in August of 2008 to over 350 million in December 2009.
Twitter's user base is constantly growing as well at a higher initial rate but is retained by a smaller number of users then Facebook. This and the fact that threats tend to follow the audience, has made Facebook, Twitter and these other sites large targets. According to Cisco, many of these attacks are possible because of their audience's transitive trust in the people they are networking with. This additional amount of trust that is put into the networking community allows attackers an even easier target since a large portion of this new audience is with older individuals, many of which are not as technically savvy as their younger counterparts.
The question that comes out of this is what the best solution for mitigating these additional attacks is and how to reduce them in a way that will impact the larger community.
Most of the attacks which are taking place still require a decent amount of input on the part of the user in order for the attack to be successful. An example of this is the Koobface worm highlighted in the Cisco report. In order for the Koobface worm to successfully infect the user's machine they must go to a third party website and download and run an "update" which unleashes the worm. Now most technically savvy users will have their radar peak when this type of action is attempted and just not download or run the software which avoids the attack. However, if a non-technically savvy user gets a message from a "friend" or follows a link from a trusted tweet and believes the download is legitimate then the worm's infection can be successful. This is the type of behavior which is highlighted in the report and is a continuing threat against these types of user.
The bottom line is that training is the issue that must be remedied with these types of user, with a little training (10 minutes maybe) any smart person will be able to be taught a simple process for analyzing a given situation and avoid it when possible. These types of attack are not specific to Facebook or Twitter and have been used on all of the other major social networking sites as well as a common technique used with email SPAM attacks. The concept behind it is rather easy and requires very little setup on the part of the attacker. The simplest rule to follow is to only install updates from the manufactures websites unless the destination site is known to be trusted (not implied trust), if this is unknown then a default position of not trusting anything would greatly reduce someone's risk of infection.
Another issue which is highlighted in the report is the spread in use of small URL links. An example of these would be links from go.to, shorturl.com, bit.ly and ow.ly. These types of services are very easy to setup and are provided by a number of different companies on the web. These services work by providing a short URL which is then redirected to a longer URL in order to save the space used while posting. These are very popular with twitter users as the 140-character limit in posting makes posting long URL's quite inconvenient. The problem with these short URL's is that they mask the true destination domain name and directory, making it possible for an attacker to use them to relay users to a site which contains malware. As it is always a good idea to know the actual destination before going to it, the use of add-ins like Firefox's "LongURL Mobile Expander" can be used to decode the true destination before a link is clicked onto.
Only registered users can write comments.
Please login or register. |
