Social Enterprise can damage your wealth.

December 21, 2009 by varidion Leave a Comment

Attackers love to tempt people with freebies, security experts say.  “The bait that works best is a popular device,” says Sherri Davidoff, a penetration tester who breaks into corporate networks.  One of her most successful techniques is simple; a fake employee survey.  Victims fill it out thinking they’ll qualify to win an iPod if they hand over sensitive information and 30% do!

It’s this trust that allowed the Koobface worm to spread throughout Facebook and led to a rash of direct-message attacks on Twitter.  The worm connects to a site using log-in credentials stored in the gathered cookies and sends messages to the friends of an infected user.  It also sends and receives information from an infected machine by connecting to remote servers and allows attackers to execute commands on infected machines.  The worm is also targeting users of other social-networking sites, including MySpace, Bebo, Friendster, hi5, MyYearbook, Tagged.com, Netlog, Fubar, and LiveJournal.com.

It’s all part of the next round of social enterprise attacks and the Enterprise must be prepared.  Social Networking applications are more than just another website, many have plug-ins and modules that push and pull information via HTTP while others use SSL and port hopping to bypass the corporate firewall.  So if your protection, i.e. your firewall, doesn’t understand the applications your not protected.  Assuming that all port 80 is HTTP is wrong.  Assuming that all SSL traffic must be official because it’s encrypted is also wrong.  Assuming you also block these sites via URL checking is also wrong.

The only way to protect yourself is by properly identifying the applications entering and leaving your network, by actual name and type not by IP address and port.

Just think what could be leaving your network…  as you embrace the social enterprise because of the good benefits like productivity gains and cost savings, don’t inherit the bad bits such as data loss and theft.  Speak to us about auditing your network and the applications using it and I bet we find applications in use you thought were blocked.

Filed under Managed Security, Social Enterprise Tagged with , , ,

About varidion
Varidion are a managed provider of Cloud based Communication and Networking Services.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>