cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

How Social Media Can Protect You Against Cybercrime

Level 12

By Joe Kim, SolarWinds EVP, Engineering and Global CTO

Social media has given us many things, from the mass circulation of hilarious cat videos, to the proliferation of memes. However, social media is not commonly thought of as a tool for cybercriminals, or a possible aid in combatting cybercrime.

However, as government IT pros frantically spend valuable time and money bringing in complex threat-management software, one of the methods most easily used by hackers is right in front of you—assuming you’ve got your favorite social media page open.

Social skills

Social media can be a tool to both protect and disrupt, and attackers are eagerly screening social media profiles for any information that may present a vulnerability. Any status providing seemingly innocuous information may be of use, revealing details that could be weaponized by hackers.

Take LinkedIn®, for example. LinkedIn provides hackers with a resource that can be used nefariously, by viewing profiles of system administrators, attackers can learn what systems they are working on. This is a very easy way for a cybercriminal to gain valuable information.

As mentioned, however, social media can also be a protective tool. By helping ensure that information is correctly shared within an organization, IT pros can more easily identify and tag attackers.

Cybercrime is organized within a community structure, with tools and tactics doled out among cybercriminals, making attacks faster and more effective.

This is a method that government IT pros need to mimic by turning to threat feeds, in which attack information is quickly shared to enable enhanced threat response. Whether it’s through an IP address or more complex behavioral analysis and analytics, a threat feed can help better combat cybercrime, and shares similar traits to social media.

For government IT pros, the most important part of this similarity is the ability to share information with many people quickly, and in a consumable format. Then, by making this information actionable, threats can be tackled more effectively.

Internal affairs

The internal sharing of information is also key, but not always a priority within government. This is a real problem, especially when the rewards of more effective internal information sharing are so significant. However, unified tools or dashboards that display data about the ongoing status of agency networks and systems can help solve this problem by illuminating issues in a more effective way.

Take performance data, which, for example, can tell you when a sudden surge in outbound traffic occurs, indicating someone is exfiltrating data. Identifying these security incidents and ensuring that reports are more inclusive will allow the entire team to understand and appreciate how threats are discovered. This means you can be confident that your organization is vigilant, and better equipped to deal with threats.

Essentially, government IT professionals should think carefully about what to post on social media. This doesn’t mean, however, that they should delete their accounts or start posting under some poorly thought-out pseudonym.

When used correctly, social media can provide public service IT professionals with more protection and a better understanding of potential threats. In a world where cyberattacks are getting ever more devastating, any additional help is surely worthy of a like.

Find the full article on PublicNet.

15 Comments
MVP
MVP

Social media has been a tool for social engineering to get basic data to start the social engineering attacks.   This could be at the software sales/marketing level or something a bit more insidious. Through a little research on LinkedIn they can find data about you, but those you work with allowing them to drop appropriate names and information to get more data about the company or names of people to further direct their attack...a carefully crafted phone call followed up by a phishing email or trojan bearing email as a followup to a call.  So it is a bit more then seeing what a person works with at a particular location in order to see if default accounts/passwords exist or other avenues of attack exist for a particular software tool...

What any person posts on social media can have far reaching consequences.  Today's kids and to some extent adults don't understand it until it catches up with them.  The concept of it being used for social engineering escapes the thought processes of many....

I've seen two movies in the last year that dealt with technology advocated by business/government, adopted by the masses, and abused by negative individuals with negative agendas.  And I think people responsible for decision making should watch both, for the intent of being forewarned.

1. The Circle.   The Circle (2017) - IMDb

2. Kingsman:  The Secret Service         Kingsman: The Secret Service (2014) - IMDb

Further, technology advocates and decision makers should ALSO be in the theaters to learn the lessons of The Terminator series and to imagine how their tech and decisions can extrapolate to the creations of a Dystopian world.

And last (or perhaps first?) those same people should read George Orwell's 1984 to see a future where technology has been used by a Chinese or Soviet-era government to brain wash their citizens, and to control the population.

And it wouldn't hurt to take a general history course or two, to see what choices were made in the last few thousand years that were mistakes, that causes governments to fall, and allowed undesirable administration to take control.  You can rarely go wrong understanding history.

MVP
MVP

Nice write up

MVP
MVP

Social media, like any other tool, can be a benefit if you learn to use it wisely and securely. Unfortunately most people just jump in.

Level 14

Social media is a tool... unfortunately, people believe that everyone is who or what they say they are. It is human nature to trust that everyone is good.

I try to explain to folks that the internet is like the giant elephant that never forgets. Every post, thought or missive you enter, might comeback to haunt you, or worse make you a cybercrime target. In a good and a bad way it is the gift that keeps on giving.

Level 20

I'm excited to soon be finally building up a new Orion instance for an air-gapped network I work with regularly!

Level 11

I'd be interested in discussing this with you if you'd be so inclined. To say that most of my career has been spent inside closed networks, would be an understatement . I'm always interested in ways that we can make products more applicable, and more helpful for disconnected environments.

I, too, would be interested in learning more about your experiences.  I have an air-gapped environment that needs better monitoring, while remaining PCI compliant.

Level 20

Yes I'd be glad to discuss the challenges we all are facing now.  With DISA and DSS now requiring all new and all renewed certification of information systems requiring going through the RMF process new tools are needed.  The old classic NISPOM certification is being retired basically.  Since the ultimate goal of RMF is a continuous monitoring it would seem Orion is a perfect fit with some of it's modules to help.

rmf_dodit-e1395181938972.png

It's a cycle that continues around and around.

Level 20

Many of the same requirements we have certainly would apply to your environment as well Rick... no doubt.  I think these recent changes are going to be good for the tool providers like SolarWinds for sure!

I have worked with security consultants to test my company. Their starting point was with LinkedIn. They scanned my company's profile, determined the organizational structure of the executives, made some persuasive phone calls, and hacked passwords in less than a day. Amazing.

In the end it comes down to User Training. Repeated User Training. Bludgeoning... Repeated User Training. lol

Level 16

To me the disadvantages still outweigh the advantages of social media. I guess I'm a bit Old School but through participation in local clubs, user groups, seminars, etc you will know enough people in person to negate the need for social outlets like LinkedIn. Eventually you get to know all of the players in your local area.

Level 13

Social media = trouble.  Stay off of it.

Level 11

Speaking of defending against social engineering, what are your feelings about KnowBe4? I've been getting their emails for some time, but have no experience with their products.

Level 21

I think exercises such as that are a great way to show people the risk they are taking with social media.  It's one thing to preach it but I think it hits home a lot harder if you can use a practical exercise to actually show the risk.

About the Author
Joseph is a software executive with a track record of successfully running strategic and execution-focused organizations with multi-million dollar budgets and globally distributed teams. He has demonstrated the ability to bring together disparate organizations through his leadership, vision and technical expertise to deliver on common business objectives. As an expert in process and technology standards and various industry verticals, Joseph brings a unique 360-degree perspective to help the business create successful strategies and connect the “Big Picture” to execution. Currently, Joseph services as the EVP, Engineering and Global CTO for SolarWinds and is responsible for the technology strategy, direction and execution for SolarWinds products and systems. Working directly for the CEO and partnering across the executive staff in product strategy, marketing and sales, he and his team is tasked to provide overall technology strategy, product architecture, platform advancement and engineering execution for Core IT, Cloud and MSP business units. Joseph is also responsible for leading the internal business application and information technology activities to ensure that all SolarWinds functions, such as HR, Marketing, Finance, Sales, Product, Support, Renewals, etc. are aligned from a systems perspective; and that we use the company's products to continuously improve their functionality and performance, which ensures success and expansion for both SolarWinds and customers.