Home » Increased Hacking Seen in Social Networking in the Workplace
While social networks such as Facebook and Twitter are increasingly the way to communicate, one expert cautions about the use of them in workplace settings.
According to Ondrej Krehel, Identity Theft 911 information security officer, hacking into social networks is increasing, and " even with many security layers of protection deployed across corporate networks, something seemingly as insignificant as clicking on a picture or a link from friends can have dramatic consequences."
He suggests that corporate security officers can "hardly protect their environment if users act on their own and respond to 'social engineering' by hackers," which is tricking people into revealing personal, confidential information without ever meeting them.
"Many people use the same passwords for all of their accounts," he told Security magazine, "so compromising one of them allows attackers access to email, and then to all of their financial sites and credentials. We suggest that all users keep their credentials separate for their personal, financial and social lives. On the other hand, anti-virus vendors are still searching for the best methods of scanning more complicated file formats, and in many cases it is hard to identify all of the possible avenues of attack in certain file formats, pictures, Word documents, or even .pdf files."
Once hackers are on a PC or inside the corporate network, they can install additional back-doors for future connections, and steal more corporate data. Their strategy is combined state-of-the-art malware and social engineering of the end users.
"People don’t realize it, but we live in the Digital Age where even the head of the FBI is prohibited by his wife from doing Internet banking," he says. "Shouldn’t regular users be concerned?"
I want to hear from you. Tell me how we can improve.
This month in Security magazine, we highlight COVID-19 and enterprise security's response. How has the pandemic changed business continuity plans, and what lessons have been learned? Also this month, we profile Chris Hallenbeck, CISO at Tanium, his view on metrics and information security. In addition, security experts discuss video analytics, how to make AI work within your cyber strategy and more.