Facebook is Hackers' Open Door to SMEs
Article date: Wed, 02 Nov 2011 10:35 GMT
Employees' Facebook habits are costing bosses more than just time by inviting hackers to cause untold damage to their businesses.
With recent figures showing that more than 600,000 Facebook profiles are hacked every day, security experts are warning SMEs to ramp up their security policies.
Andrew Frowen, MD Intaforensics said: "Facebook is endemic in today's society. Young people are freely putting up their personal information to the point where there is no real need for phishing or social engineering scams to obtain valuable information because it is openly available.
"Cross-referencing information available on Facebook and other social network sites gives the cyber criminals an in-depth look at your social and professional circle, with which they can send out an authentic looking email infected with malware to people high up in their company, potentially giving them access to their whole computer - be that a personal or work computer."
The development of Facebook Apps has opened the door wider for hackers to access individuals' valuable data. Security firm Symantec reported this week that cyber criminals have developed apps which trick users into revealing a key area of coding to give them access to the user's browser - potentially giving them access to email accounts, bank accounts and sensitive company information.
Stuart Coulson, security expert at UKFast explained: "Cyber security needs to be something which is embodied in the culture of the business; from the initial contract (with restrictions to what can/can't be done) alongside a strong internet security policy which is checked and reviewed periodically."
Mike Small, senior analyst for Kuppingercole, explained that employees are completely oblivious to the risks that they are posing to their companies. He said: "All of security is about risk vs reward. It's very difficult for people and companies to have a true assessment of risk - people don't like to fly planes but some statistics say that it is safer than crossing the road. Using a computer, along with sites like Facebook, people have an unjustified sense of how secure they are."
The security experts agreed the crux of a comprehensive cyber security strategy is to sit it alongside other business insurance policies and be prepared before a problem occurs.
Coulson continued: "An IT solution can be implemented to reduce access to drives, collateral, information and finally the USB ports and devices on the computer, this way if the employee's computer was compromised there would not be universal access to all information."
Top Five Cyber Security Tips:
- Secure against internal threats as well as external - Andrew Frowen, Intaforensics
- Know what you have that is valuable to hackers and secure it appropriately - Mike Small, Kuppingercole
- One solution will not fit all in cyber security, research your strategy properly - Edwin Keen, the University of Bolton
- Identify the mission-critical areas of your business and focus on protecting these - Daniel Prince, Lancaster University
- Educating employees is the key; ensuring that cyber security is embedded into training from induction to continued refreshers - Stuart Coulson, UKFast
print this article.Return to Press Releases