Home » Increased Hacking Seen in Social Networking in the Workplace
While social networks such as Facebook and Twitter are increasingly the way to communicate, one expert cautions about the use of them in workplace settings.
According to Ondrej Krehel, Identity Theft 911 information security officer, hacking into social networks is increasing, and " even with many security layers of protection deployed across corporate networks, something seemingly as insignificant as clicking on a picture or a link from friends can have dramatic consequences."
He suggests that corporate security officers can "hardly protect their environment if users act on their own and respond to 'social engineering' by hackers," which is tricking people into revealing personal, confidential information without ever meeting them.
"Many people use the same passwords for all of their accounts," he told Security magazine, "so compromising one of them allows attackers access to email, and then to all of their financial sites and credentials. We suggest that all users keep their credentials separate for their personal, financial and social lives. On the other hand, anti-virus vendors are still searching for the best methods of scanning more complicated file formats, and in many cases it is hard to identify all of the possible avenues of attack in certain file formats, pictures, Word documents, or even .pdf files."
Once hackers are on a PC or inside the corporate network, they can install additional back-doors for future connections, and steal more corporate data. Their strategy is combined state-of-the-art malware and social engineering of the end users.
"People don’t realize it, but we live in the Digital Age where even the head of the FBI is prohibited by his wife from doing Internet banking," he says. "Shouldn’t regular users be concerned?"
I want to hear from you. Tell me how we can improve.
This month in Security magazine, we examine how physical security leaders are being propelled into a unique position of revenue preservers and risk managers for their businesses. In addition, we profile Scott Ashworth, Director of Security for Atlanta United. Also, security leaders discuss how to develop cybersecurity careers, election security, data protection strategies, measuring and reporting security operations maturity and more!