Social media in for worse cyber attacks in 2012
Social media sites and cellphones will prove to be fertile
grounds for cyber criminals to exploit globally important events in 2012 to steal
personal information and data and make financial gains, cyber security firm Websense
has said.
The Websense document, 2012 Cyber Security Threats, has said identity information
posted by users of sites such as Facebook, Twitter or LinkedIn may prove more valuable
to cybercriminals than even credit cards.
Bad guys will actively buy and sell social media credentials in online forums, the
report says, adding that trust is the basis of social networking and if a bad guy
compromises your social media log-ins, there is a good chance he can manipulate
your friends. The primary blended attack method used in the most advanced attacks
will be to go through your social media friends, mobile devices and through the
cloud. We have already seen attacks that used the chat functionality of a compromised
social network account to get to the right user. Expect this to be the primary vector,
along with mobile and cloud exploits, in the most persistent and advanced attacks
of 2012, Websense researchers have said.
The number of people falling victim to believable social engineering scams will
rise significantly if the unscrupulous attackers find a way to use mobile location-based
services to design hyper-specific geo-location social engineering attempts, the
report said. People have been predicting this for years, but in 2011 it actually
started to happen.
Also important are globally important events including the London Olympics or U.S.
presidential elections. Cybercriminals will continue to take advantage of today’s
24-hour, up-to-the minute news cycle, the report said, adding that now they will
infect users where they are less suspicious. Sites designed to look like legitimate
news services, Twitter feeds, Facebook posts/emails, LinkedIn updates, YouTube video
comments, and forum conversations may proliferate it said. 2011 proved that in the
world of enterprise security, anything and everything goes. This year, as broader
adoption of mobile, social and cloud technologies explodes, we will see the bad
guys move rapidly to take advantage of this shift, said Dan Hubbard, chief technology
officer, Websense.
The most advanced criminals are going to ride the waves of personal devices, personal
social media use, and personal web activities of people to create more advanced,
social engineering attacks to get in. Many of the business and government attacks
in the coming year won’t necessarily be about how complex the code is, but how well
they can convincingly lure unsuspecting victims to click, Hubbard said.
Courtesy: Time of India
