2011 Social Media Malware Trends


Published on

Social media is now the top delivery vehicle for malware. And social media attacks are no longer limited to those who simply post too much private informatio to their profiles. They utilize advanced techniques. What are those techniques and what can you do to avoid them? Security and forensics analyst Paul Henry of Lumension explains

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

2011 Social Media Malware Trends

  1. 1. Social Media as the Top Malware Delivery Vehicle: How to Protect Your Network Presented by Paul Henry Security and Forensic Analyst, Lumension MCP+I, MCSE, CCSA, CCSE, CISSP-ISSAP, CISM, CISA, CIFI, CCE, ACE, GCFA, VCP, SANS Institute Instructor
  2. 2. Should I allow network users to access social media? <ul><li>Impact on productivity </li></ul><ul><li>Lack of control </li></ul><ul><li>Compromise of security </li></ul>
  3. 3. The New World of Social Media Malware <ul><li>Attacks are no longer limited to those who post a wealth of private information online </li></ul><ul><li>Hackers now leverage advanced techniques </li></ul><ul><ul><li>Click jacking </li></ul></ul><ul><ul><li>Spear phishing </li></ul></ul><ul><ul><li>Password sniffing </li></ul></ul>
  4. 4. Click jacking <ul><li>Click jacking attacks are regularly going viral on Facebook </li></ul><ul><li>Be careful with that ever popular “like” button </li></ul>
  5. 5. Spear phishing <ul><li>Phishing now makes up 23 percent of all attacks in the realm of social media </li></ul>
  6. 6. Password Sniffing <ul><li>People often share passwords across multiple accounts </li></ul><ul><ul><li>It may be a complex password but if shared across multiple accounts it increases risk </li></ul></ul><ul><li>Just as importantly, what about your secret questions used to reset your password? </li></ul>
  7. 7. Surfing Unencrypted <ul><li>Users think nothing of surfing social media sites via open, unencrypted WiFi </li></ul><ul><ul><li>You are exposing your account username and password often </li></ul></ul><ul><ul><ul><li>Are you using that password across multiple accounts? </li></ul></ul></ul><ul><ul><ul><li>A bad guy can harvest your secret questions once he/she is able access your social media accounts…. </li></ul></ul></ul><ul><ul><ul><ul><li>Why guess the password when he/she can reset it to the password of his/her choosing? </li></ul></ul></ul></ul>
  8. 8. So What Can You Do? <ul><li>Educate users </li></ul><ul><li>Put policies in place </li></ul><ul><li>Patch, patch, patch </li></ul><ul><li>Leverage an endpoint security solution </li></ul>
  9. 9. User Education <ul><li>Ensure site visits are encrypted </li></ul><ul><li>Pay attention to what is displayed in the browser bar </li></ul><ul><li>Don’t share personal information, such as birth date or address </li></ul><ul><li>Don’t trust people you don’t know </li></ul><ul><li>Password credentials </li></ul>
  10. 10. User Policy <ul><li>Lay out usage policies, such as: </li></ul><ul><ul><li>No downloading content from social media sites </li></ul></ul><ul><ul><li>Use your personal email (rather than work email) for access </li></ul></ul><ul><li>Even better, put tools in place to enforce these policies </li></ul>
  11. 11. Deploy Patches <ul><li>The top security priority is patching client-side software (SANS Institute) </li></ul><ul><li>Don’t focus on Microsoft alone </li></ul><ul><ul><li>more than 2/3 of today’s vulnerabilities come from non-Microsoft applications </li></ul></ul><ul><ul><li>check Microsoft, Mozilla and Apple regularly for browser patches </li></ul></ul><ul><li>Look at ALL vulnerabilities (not just critical) </li></ul>
  12. 12. Effective Software <ul><li>Multiple Consoles </li></ul><ul><ul><li>3-6 different management consoles on average </li></ul></ul><ul><li>Agent Bloat </li></ul><ul><ul><li>3-10 agents installed per endpoint </li></ul></ul><ul><ul><li>Decreased network performance </li></ul></ul><ul><li>AV is no longer enough </li></ul><ul><li>Move away from point products </li></ul>
  13. 13. What You Need <ul><li>At the very least , you should be leveraging software that employs: </li></ul><ul><ul><li>Application control or whitelisting </li></ul></ul><ul><ul><li>Antivirus </li></ul></ul><ul><ul><li>Patch and remediation </li></ul></ul><ul><ul><li>Enforcement of the Rule of Least Privlidge </li></ul></ul>
  14. 14. Questions?