VIP Call Girls Morena 9332606886 Free Home Delivery 5500 Only
How Social Media can Open Doors to Social Engineering
1. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
SOCIAL MEDIA AND SOCIAL ENGINEERING
@katieeking
#CyberSec14
2. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
• Founder of Zoodikers Consulting
• 25 years of advising C-suite and
marketers
• Saatchi, Aastra, BBC, BT, Cisco, Visa,
Harrods, Orange, Police Federations,
Universities, Health Trusts…
• Chairperson of PRCA’s South East
Group
• Commentator on social media for BBC
TV and radio
• Speaker/moderator at high-profile
industry events
Katie King
@katieeking
@katieeking #CyberSec14
3. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
http://www.whitehouse.gov/the-press-office/
2014/09/30/presidential-proclamation-national-
cybersecurity-awareness-month-2014
IBM 2014 Cyber Security Intelligence Index @katieeking #CyberSec14
4. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
IBM 2014 Cyber Security Intelligence Index @katieeking #CyberSec14
5. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
Symantec: Norton 2013 Report @katieeking #CyberSec14
6. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
IBM 2014 Cyber Security Intelligence Index @katieeking #CyberSec14
7. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
@katieeking #CyberSec14
8. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
Four Key Takeaways
The impact of cyber crime
How do cyber criminals exploit social media?
The light and dark side of social media
How to reduce the likelihood of falling victim
@katieeking #CyberSec14
9. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
Motivation
Financial
Political
Hacktivism
Noteriety
@katieeking #CyberSec14
10. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
Hackmageddon August 2014 Cyber Attacks Statistics @katieeking #CyberSec14
11. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
The Impact of Cyber Crime
Loss of Trust
Loss of Intellectual Property
Financial Loss – average cost per lost data to a company
is $145
@katieeking #CyberSec14
12. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
Symantec: Norton 2013 Report @katieeking #CyberSec14
13. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
@katieeking #CyberSec14
14. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
2014 TRUSTe UK Consumer Confidence Index @katieeking #CyberSec14
15. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
Who is behind the attacks on
organisations?
IBM 2014 Cyber Security Intelligence Index @katieeking #CyberSec14
16. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
Why the increase of cyber crime?
Growth of data
Cloud networks
Popularity of social networks
Internet of Things
BYOD
@katieeking #CyberSec14
17. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
The LIGHT
Side Of
Social Media
@katieeking #CyberSec14
18. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
@katieeking #CyberSec14
19. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
The DARK
Side Of
Social Media
@katieeking #CyberSec14
20. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
The LIGHT
Side Of
Social Media
The DARK
Side Of
Social Media
@katieeking #CyberSec14
21. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
Social Media and Cyber Crime Threat for Organisations
Network of online relationships
Organisations are seen as collections of individuals
Social media is a platform for cyber criminals to send
malware
For example, a user could log onto a social network through
their corporate network thus opening a pathway for malware
@katieeking #CyberSec14
22. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
Hackmageddon August 2014 Cyber Attacks Statistics @katieeking #CyberSec14
23. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
How does social media open doors to social engineering?
@katieeking #CyberSec14
Popularity + growth
Abundance of data and lax privacy
The transition from emails to social media
Requests can appear ‘authentic’ on social media
24. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
@katieeking #CyberSec14
Protection
Social Media Policy & Education
Cyber security sytem
Evaluation and Contingency
Heightened privacy
25. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
Key takeaways
The new normal
Take action now
Have a policy in place
@katieeking #CyberSec14
26. How Social Media Can Open Doors To Social Engineering – Katie King, MD Zoodikers Consulting
Thank you.
@katieeking #CyberSec14
Editor's Notes
In computing, a denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users.
Social Engineering is the art of manipulating people into doing things, such as giving computer access or confidential information.
Popularity + Growth
Social media is another platform for cyber attackers to target from meaning they’re not just limted to websites and emails. New social media platforms are being developed everyday and it’s this growth that cyber attackers are banking on.
Abundance of data and lax privacy.
Social engineering plays on people’s gullability. If your phone number is easily accessed through social media platforms, as well as other information (your last holday, your last purchase) cyber criminals could easily ring you up posing as your bank to dupe you out of confidential information. Hackers are easily able to piece your profile together through various social networks. By upping your privacy settings and being selective about who can view your personal information you can be less desirable to hackers / cyber attackers.
The transition from emails to social media.
It’s now increasingly common for communication to occur over social networks. DM’s via Twitter and messages over LinkedIn can provide valuable and confidential information about an individual or their organisation. (A good question to ask here is ‘how many times have you received a spam message in a social network inbox?’ – a show of hands)
Requests can appear ‘authentic’ on social media
Now that social media is so integrated users place a lot of trust into it. You may receive a friend request or a follower from someone you may appear to know. There may be mutual friends, or they may have many followers themselves, but don’t be fooled as hackers may go to extreme lengths to befriend you on a social network if you’re seen as a valuable target. It may be that your organisation is at risk of attack and attackers are gathering as much information on employees as possible.
The Malcovery spam data mine is currently seeing an increase in spam messages that appear to originate from popular social networks. When users click on the link contained in the email, malware is installed on their device.
Here’s a recent example.
These messages were sent with subject lines like:
“Let’s connect on LinkedIn”
“You have 6 friend suggestions, 14 friend requests and 23 photo tags”
With the emails claiming to come from:
facebookmail.com
linkedin.com
All seems pretty trustworthy right?
These campaigns often use very polished (but not perfect) spam messages to deliver the malicious content.
Large enterprises need a defence system from leading IT companies to protect them against cyberthreats
SOCIAL MEDIA POLICY & EDUCATION
Have a policy in place and educate employees on the risks of cyber crime. Ask the IT department to teach employees how and why cyber criminals may want to attack the company. Put a policy in place, partcularly if a VPN network is in use as this is another platform for attackers to place malware. Also where possible ask employees not to disclose to much information via social media. With the large amount of company data on LinkedIn, it’s ideal for long term cyber espionage operation.
EVALUATION + CONTINGENCY
This one is for the larger businesses particularly. With the growing pace of technology and the
CYBER SECURITY SYSTEM
This is necessary for large MNCs such as JP Morgan and Chase to take out Cyber Secuirty offerings from the likes of Cisco, Symantec, IBM etc but small businesses must also protect themselves, even if just on a smaller scale like installing anti-malware onto machines.
HEIGHTEN PRIVACY
Make sure your social profiles aren’t accessible to all. Timelines on social netowkrs make it easy for cyber criminals to paint a full picture of your life. Be selective about who you allow to view your profile and try not to disclose personal information, even dropping the year off the date of birth means cyber criminals have one less vital piece of information they may need to attack. Being selective also extends to emails. Don’t open emails from unknown sources and as it will likely contain malicious software.
THE NEW NORMAL
Advanced attacks and targets attacks are no longer a shock, but the norm. Large organisations such as JP Morgan and Chase expect hackers on a daily basis. This is a big earner for organised groups of hackers, so not only is this the new normal, but technology becomes more evolved and involved in everyday life, cyber attackers will only grow in numbers.
TAKE ACTION NOW
Every business is affected: Banks were once the primary targets of cyber criminals, but today, diverse actors move with lightning speed to steal money, intellectual property, customer information and state secrets across all sectors. You may not think your data is valuable to anyone, but combined with other people’s data and in the wrong hands, you could lose out finanancially and emotionally.
HAVE A POLICY IN PLACE
Particularly important for businesses but also for indidvuals. Remember to regularly check your privacy settings as these sometimes change in new terms and conditions. For organisations there should be a contingency plan as well as a clear social media policy to reduce risks of attack via this route.