Spam Gives Way to Social Media Hacks

Spammers are moving on from mass e-mail blasts to targeted attacks using social networking sites like Facebook and LinkedIn, Cisco security executive Tom Gillis said Monday.

"2010 was the first year spam volumes went down," Gillis said during an onstage interview at DEMO Spring 2011. "Does that mean spam is less of a problem? No."

Spammers have found it can be more effective to use Facebook and other social networks to launch attacks targeted at specific companies or people, said Gillis, vice president and general manager of Cisco's security technology business unit and formerly an executive at IronPort Systems before it was purchased by Cisco.

IN DEPTH: The complicated new face of personal computing

Cisco recently tracked attacks launched via LinkedIn in which fake profiles were used to send connection requests that appear legitimate yet are used to install malware on a machine. These attacks can be launched against specific companies in an attempt to steal financial information.

With e-mail spam, it's not uncommon for 2 billion messages to be sent in a single attack, Gillis said. But spammers, in some cases, are now abandoning those types of attacks for the targeted ones using social networks that Gillis described. On Facebook, worms such as Koobface demonstrate this threat.

Websense Defends Facebook

The security vendor Websense has developed a new tool called Defensio for Facebook specifically to help individuals and corporations protect their Facebook pages. The product was launched Monday on stage at DEMO.

"During this six-minute demo, more than 450,000 posts of malicious content, spam, spyware, phishing and fraud will be posted onto Facebook," said Websense CTO Dan Hubbard.

Defensio for Facebook works much like an antivirus program, except that it is completely Web-based and instead of scanning an operating system and applications, it just scans Facebook content, including wall posts, videos, photos, comments and URLs.

"This is a really easy way to see if your page is infected by something," Hubbard said.

In addition to running one-time scans, it can provide ongoing protection at levels decided by the user. For example, Defensio can block profanity in comments or malicious links. Defensio can either delete malicious content automatically or alert the page owner, depending on user-defined settings. While individuals can use Websense, it seems more likely to benefit corporations trying to promote and protect their brands across multiple Facebook pages.

Separately, Cisco's Gillis said that security must continue to adapt to both social networks and the proliferation of mobile devices. Within five years, mobile devices could be the primary tool used to access enterprise information, he said.

Personal and business data is being mingled, and virtualization is freeing applications from the binds of the hardware running underneath, he said.

Eventually, "security will be decoupled from the physical infrastructure," he said. Better models of authentication will be crucial. "The reason we have these problems is we don't know you are who you're saying you are," Gillis said.

Read more about wide area network in Network World's Wide Area Network section.

Subscribe to the Security Watch Newsletter

Comments