LinkedIn, Facebook, Twitter Users Beware
Social networkers have more reason to be careful than ever.
CSO — When reports surfaced this week about attacks on Twitter and LinkedIn, I took notice. I use these social networking programs extensively, along with Facebook.
Looking at the specific nature of the attacks, this seems like more than FUD. It is something to be taken seriously, given the deep penetration of these sites in the business world. But don't be spooked by headlines suggesting this threat is something new. It has existed since the day these programs went live.
Social networking is increasingly part of our daily lives. For some, it's as natural as breathing. People post status updates to their Facebook pages from their mobile phones (my dopey but lovable cousin likes to do this while driving to work at rush hour). The line between real business and personal business is mushy and deteriorating. This makes it a tempting target for those who would exploit security holes in the technology. That's especially true when it comes to social engineering attacks—where the bad guy sends out what appears to be legitimate messages from legitimate contacts, duping people into opening messages and URLs that are laced with malicious code.
My use of these programs shows how the line between the personal and professional has blurred.
I use LinkedIn exclusively for business. I use it to build my base of contacts in the security world and it has become an online Rolodex of sorts. When I'm looking for people to interview for something I'm writing or I want to assign guest columns, I reach out to people on LinkedIn. From there, I set up phone interviews or go back and forth by e-mail for those who are more strapped for time. It has become what the old-fashioned phonebook and Rolodex were to me 15 years ago, when my journalism career began.
I use Twitter to make quick contact with my security sources and to ask general questions of those in my network. But it often becomes a place where we just chat about everyday life, TV shows and the weather. The casual nature of it makes Twitter a particularly easy target, as we saw with the recent Twitter incidents.
Then there's Facebook, the grayest program of all for me. Most of my security contacts are on there and I often use it to get a business-related message out. I also use it to display all the content I create for CSOonline, as do many of my colleagues and industry associates.
attacks
- Google Settles Buzz Privacy Lawsuit
- HP Buys 3Par, Apple Rolls Out New Gear
- Apple had Two Months to Fix Critical QuickTime Bug, Says Researcher
- What Security Can Learn From the $15M Sprint Employee Breach
- Ping a Scammers Haven? Security Experts Say Watch Out
- Consumer Group Lampoons Google CEO Over Privacy Issues
- Security Program Automatically Tracks Down Missing Patches
- Women Did Well on Defcon Social Engineering Test
- Facebook Glitch Let Spammer Post to Walls
Delivered every other week, this newsletter features a comprehensive look at security from CIO.com.
