The Social Media Security Problem for Corporations around the World

May 10, 2016

American Airlines once received a tweet from someone with the Twitter handle @QueenDemextriax_, reading in part, “I’m part of Al Qaida and on June 1st I’m gonna do something really big.” The airline promptly replied to the tweet, saying the user’s IP address and details had been forwarded to security and the FBI.

What followed was a complete meltdown that gained the Twitter user 30,000 followers. “I’m so sorry I’m scared now,” she tweeted. Then, “Why would I blow up one of your planes, I have my own jet.” And finally, “I blocked the FBI just in case.”

The person behind these tweets was a 14-year-old Dutch girl named Sarah.

American Airlines’and Sarah’s tweets were both deleted, and we don’t know if the FBI was ever contacted. But there’s no doubt the tweet was passed on to the airline’s corporate security unit, whose job is to protect people, buildings, and assets within a company. Corporate security has a duty to explore all avenues, and as seen in the example above, this now includes social media. This article will explore the ways in which social media has become an increasingly complicated source of threat to companies, and how corporate security teams can analyze and mitigate the threats successfully.

What Types of Threats Do Companies Have to Mitigate?

Social media threats target an array of things. They could be physical – in that they target a building or people. Rather, they could target a company’s assets or hack its IP address. The threats could be written or sent through photos and videos.

Let’s say an actor working on a film set posts a photo of the script to Instagram, and the photo is clear enough for the words to be read. Corporate security would be responsible for mitigating this threat immediately, as it threatens a production company’s intelectual property.

Bomb threats certainly fall under the jurisdiction of corporate security, as do death and assault threats against employees. Each year individuals tweet out supposed bomb threats, many from airports, and it’s up to corporate security units to decide if they are legitimate.

A popular example is one dubbed the “Twitter joke trial.” A U.K. man named Paul Chambers sent a tweet saying he’d “blow the airport sky high” when it was shut down due to weather. While Chambers claimed he had no intention of actually doing so, the tweet was taken seriously. Chambers was arrested and convicted of causing a menace under the U.K.’s Communications Act 2003. He won an appeal against the conviction two years later.

In February 2016, a Buzzfeed Canada writer namedScaachi Koul received a slew of death threats on Twitter after putting out a call for stories by non-white, non-male contributors. She deleted her Twitter account, but the threats targeted at Koul, as well as other people who receive similar threats, demonstrate the ease at which these social media threats can be made. Corporate security teams face real challenges in determining if the threats are valid.

According to the Guardian’s Stuart Jeffries, a death threat used to be exceptional and shocking, but today it has become part of everyday life. “It’s the go-to response of anyone with two thumbs and a keyboard whenever someone does or says something they don’t like,” he writes. Although each threat may be complicated in its own way, corporate security teams must develop best practices to approach and mitigate every threat successfully.

What Strategies Are Companies Employing to Mitigate Threats?

The need for companies to identify a process by which to monitor and react to threats on social media is apparent. But as of now, many companies mitigate social media threats in a similar way they mitigate threats offline.

Walmart, for example, identifies theft threats in its stores by deploying non-uniformed members of its loss prevention unit to patrol the aisles and catch thieves in action – and they catch a good number of thieves each month. If a threat was received through social media and the location of the store was known, corporate security would most likely bring in more members of its loss prevention unit to mitigate the risk. This isn’t much different from what Walmart already does with in-store threats.

But now imagine the threat was directed to Walmart in general. Corporate security sees the online threat, but not which location is being threatened – there are over 4,000 stores in the U.S. If the sender of a threat didn’t block his or her IP address, law enforcement could easily trace his or her location. However many Internet-based threats do not present an IP address. This makes it more complicated and time-consuming to track. Although, it’s not impossible.

When Harvard University received a bomb threat, for example, authorities were able to identify the threat was a hoax, even though the sender had hidden his IP address. He was trying to avoid an exam. Authorities were able to detect the student connected to a Tor exit node (Tor is a service to hide an IP address) on campus at about the same time the threatening email was sent. In this, he was caught. The same could be done if the threat was sent through social media.

Striking a Balance

The role of corporate security has expanded beyond physical borders – it’s now up to security to keep watch over online threats, too. However the threats are complicated. It’s difficult for corporate security to efficiently identify and analyze them, and it takes a significant amount of time and manpower to filter through potentially hazardous social media posts.

Going forward, companies need to implement technology to better mitigate threats. The right technology is capable of filtering through threats and zeroing in on location, and saves corporate security spending hours doing it manually. The sooner a company invests in technology and devises a social media specific strategy to respond to threats, the less havoc threats will wreak.

Nate Pruitt is a member of the advisory board at Snaptrends, a company that automates and simplifies social media monitoring with state-of-the-art analytics. Find Nate at https://www.linkedin.com/in/natepruitt

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 September

This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.

View More Create Account

The Social Media Security Problem for Corporations around the World

Related Articles

Report Abusive Comment