Social media fuels threat of cyber attacks
By Tonny Mwendwa
It is on a lazy afternoon and a financial institution's firewall has just been breached, leading to a monetary loss through 'cyberspace'. On the other end of the city, an insurance firm has lost a material amount of money through fraud perpetuated by identity theft.
These scenarios are replicated in almost every facet of business in which processes have been highly automated with information security not keeping pace with the evolving nature of applications.
The expectation that private information will remain secure is challenged by the popularity of social networks, which encourage the interactive sharing of information by users.
According to the Sophos Threat Report of 2011, social networking spam and malware attacks are on the rise. Imagine the potential danger of a robber being able to gather sensitive personal information about a cash supervisor in a bank from a social network site, leaving the supervisor and the bank potentially vulnerable to an attack through it’s employee. Information security needs to become a core competency for any organisation. Organisations need to dispel the notion that information security is now less important owing to improvement in attitudes towards security and security design.
One of the emerging IT trends is social networking. While organisations may prudently opt to take the path of not getting socially connected, chances are high that a bulk of their employees will be ‘socially networked’.
The major problem with social media is people’s willingness to share information about themselves on the Internet, which provides a convenient method for attackers to identify specific groups and individuals that work for the organisation that they intend to attack.
An attacker might easily infiltrate a social network to obtain technical details or befriend individuals to discover sensitive information that might result in further access into the target network or organisation.
There is a growing misconception that firewalls will provide all the necessary border security needed. However, the application landscape has changed dramatically, creating the challenge of application classification.
The problem is not the growing diversity of applications, but the inability to strictly and consistently classify the firewalls as good or bad. Although a few are clearly low risk and often reward, others are clearly high risk. Most, however, lie somewhere in between.
Moreover, which end of the spectrum these applications fall on can vary from scenario to scenario, even user to user or session to session.
Although firewalls are deployed in-line at critical network junctions, most are far-sighted. They can see the general shape of things, but not the finer details of what is actually happening. They rely on a convention rather than requirement.
For example, a given port corresponds to a given service (e.g., TCP port 80 corresponds to HTTP). As such, they are also incapable of distinguishing between different applications that use the same service.
In addition, most firewalls simply lack the visibility and intelligence to discern: which network traffic corresponds to applications that serve a legitimate business purpose but are being used for unsanctioned activities; and which network traffic, even though it corresponds to legitimate business activities, should be blocked because it includes malware or other types of threats.
Recent hardware advances have resulted in processing power increasing while the cost of getting this power within the business information technology infrastructure has considerably come down.
While raw processing power has gone down to the user devices, information technology infrastructures have become more vulnerable to various attacks such as brute-force attacks.
This provides an example of the accessibility of raw computing power to the average person. It is therefore paramount that organisations maintain pace with such developments, as cryptographic solutions that may be secure today but so in the near future.
While this article does not even begin to scratch the surface in line with the current information security challenges now and in the future, we must remind ourselves of the principle that IT security is a process and not a solution, and that improved security merely raises the bar in terms of the skill levels required to identify and exploit vulnerabilities.
—Mwendwa is a Consultant, Technology Advisory Services Department, Deloitte Kenya.
The views expressed in this article are the author’s and not necessarily those of Deloitte Kenya.
Counties splashed Sh12.3b on travel during lockdown
- How to find the best work-life balance for self
- Opportunities galore for SMEs under key Africa trade deal
By Leah Nduati
- Insurers okay use of liquefied gas as alternative fuel for motorists
- Tourism industry upbeat ahead of Christmas peak
- Five steps to staff well-being when building a healthy workplace