Page 45 - index
P. 45
The Anatomy of a Social Media Cyber Attack
How Social Media Makes Cyber Security Attacks Bigger, Badder, and More Effective
Evan Blair, Chief Operating Officer, ZeroFOX
Social media has forever changed how we interact. Three out of four internet connected people
are on social, totaling nearly 3 billion accounts among Facebook, Twitter and LinkedIn alone. It
has created a close-knit internet community, altered how businesses develop and facilitates
global conversation. But social is as vulnerable as it is powerful. Cybercriminals exploit this
unprecedented internet connectivity to target organizations via their brand, employees and
customers. From a cyber criminal’s perspective, the scale of social media makes it the simplest
and lowest-cost method to target organizations. According to Norton, 4 out of 10 people have
fallen victim to cybercrime on social media.
Social media cyber attacks come in a variety of forms. Social networks, despite their best
intentions and security measures, provide a fresh avenue for oldest-trick-in-the-book attacks,
like phishing and drive-by malware downloads. Using social media increases the scope and
efficacy of an attack while dramatically lowering the cost and effort of execution. Unlike email,
social media goes unmonitored by an organization’s existing security framework, allowing
hackers to strike an organization’s people from top to bottom without ever tripping the network
alarms.
Hackers often leverage botnets to assist with social media-based cyber attacks. A botnet is a
collection of automated accounts that work in tandem to replicate the actions of the hacker-
operated “bot-head.” To amplify and sharpen attacks, botnets engage in widespread
trendjacking or hashtag hijacking. Trendjacking or hashtag hijacking is the tactic of appending
unrelated hashtags to a post to capitalize on a trend or to target a specific audience. Doing so
amplifies the attack to the largest or most susceptible populations.
Bot accounts are often filled with attractive, funny or otherwise eye-catching photos. They will
connect with an organization's affiliates to seem more legitimate, a tactic known as “gatekeeper
friending.” Bots post randomly throughout the day to seem more human and disguise malicious
links by interspersing them with canned book quotes, algorithmically generated strings of words
or benign links. This also helps them fly under the radar of social networks’ Terms of Service,
which prohibit such accounts.
Automated accounts are not always malicious--many are used to simply retweet the weather or
the news. But some are more spammy. Creating botnets offers a hacker a couple options for
making a quick dollar. After a botnet builds up a base of followers, online marketers will pay to
have their content posted via the botnet reaching, in some cases, hundreds of thousands of
users. This is a common practice for cheap advertising and spam. Those controlling the botnet
can also sell, or “flip,” the head account. People pay top dollar for an account with a large
prebuilt following.
45 Cyber Warnings E-Magazine – November 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
