This year, social networking sites have become popular targets for cyber crime according to a study of hacking episodes by Web Hacking Incidents Database (WHID). This is a shift from 2008 when government and law enforcement agencies were the most enticing targets.
Security experts believe social networks like Twitter and Facebook are targeted because of the sheer number of users. Defacement is the most common motivation for ego-driven hackers, and these high traffic, high involvement communities are a great way to disrupt many victims at once.
A study by Webroot sheds light on a few other reasons why social networks make a ripe targets for hackers.
- 36% of social networkers admit they don’t hide personal information
- 33% admit to using the same password for all of their online accounts
- 28% accept “friend requests” from strangers
With such a high percent of social networking users being unaware of the dangers, “hackers lure users into taking actions they shouldn’t by making it appear as if a friend within their social netowrk has sent them a message – only the message is from a hacker who has hijacked the friend’s account,” warns Mike Kronenberg CTO of Webroot’s Consumer Business division.
The technique described by Mr. Kronenberg is known as phishing, and it’s one of the most preventable ways hackers obtain access to confidential information. SQL injections, Cross-site Scripting (XSS), and Cross-site Forgery Requests (CSFR) are more covert, technical methods that hackers use to get the infomation they need.
“As a web service or SaaS provider, you can help protect your users from these attacks by hosting your applications in a secure environment. Users need to be savvy, and when they can’t stay up to speed on all the risks, community users should be weary and overly cautious at all times,” suggests Chris Drake, CEO of FireHost.
This entry was posted on Friday, August 21st, 2009 at 9:00 am and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
