OIT report: Social networks present threats

The spread of malware, viruses and other cyber attacks on social networking sites like Facebook and MySpace presents one of the main emerging cybersecurity threats, according to a report issued by Tech’s Information Security Center.

The report, entitled “Emerging Cyber Threats Report for 2009,” outlines various forms of computer security threats that have been increasing in occurrence and are expected to become more prevalent in the near future. These new threats include new ways in which users’ computers can become infected with malware, viruses and botnets, as well as new ways of conducting phishing scams.

“Based on research that we do here at Georgia Tech and friends that we have in the industry who are top leaders in this field, we identified these major threats,” said Mustaque Ahamad, director of the Information Security Center. “Our report is more forward-looking…like what we can do to save face as we deal with the kinds of threats that we are talking about.”

“Malware, basically, is software that will do bad things if it somehow manages to get installed on your machine…it finds a stealthy way to get there,” Ahamad said. “A lot of this is driven by the intent to steal sensitive data that you may have.”

Another type of threat addressed in the new report is that of botnets, which are a type of security breach to a user’s computer in which an attacker can remotely take control of the computer. “With a botnet, [the user’s computer] becomes part of a larger network [of computers],” Ahamad said. These computers are often referred to as “zombie computers,” which are taken over and used en masse with other computers for nefarious purposes.

In the early days of computers, typical security threats did not have to be very advanced, as the idea of security protection was minimal. However, today computer systems are more complex, and many people have secure operating systems and use anti-virus and malware protection software. “The bad guys have become more sophisticated,” Ahamad said. “They don’t try to blindly get you, but try to get to you where you feel like it is a legitimate action.”

Herb Baines, OIT director of Information Security, described some of the methods in which attackers utilize social networking to conduct their schemes. “Things like ‘adspoits’ on these social networks. You’ll see a lot of various ads, individual ads, corporate ads, things like that…that may have a malware hidden behind it.”

One of the characteristics of ads on social networking sites that makes them potentially dangerous, besides having the ability to be personalized based on the information that users edit on their profiles, is the fact that these ads link to external websites, outside the confines of the social networking site. “All of these social networks will allow you to click on external links [in ads],” Baines said. “In the case of Facebook, they have done a lot to combat malware on their end, but it’s all those external links that they have no way to police.”

One example of a recent exploit using social networking to infect computers with malware occurred in August this year with the Facebook “Court Jester attack,” in which over 18,000 profiles were targeted within a 24 hour period with links posted in “wall” messages that led to the download of malware.

OIT estimates that on a monthly basis, 10 of the 8,000 systems connected to ResNet/EastNet are affected by malware.

“The bad guys tend to take the path of least resistance,” Ahamad said. “Social networking makes it easier.”

There are many things that users can do to protect themselves from these risks. “Go to OIT’s website and download the free software that is available to them,” Baines said. “Make sure your machine is up to date. Use good anti-virus software, use secure browsers, block cookies, javascript and popups.”

“There is some protection on OIT’s part,” Baines said. “However, it still comes down to the users’ awareness.”