- Pricing and telematics lead the charge as insurtech patents jump 40pc
- FCA puts general insurance pricing practices under review
- Volvo and Baidu reach agreement to produce autonomous vehicles
- Cyber and D&O exposures increasingly intertwined, Airmic report finds
- Arch selects Touchstone for cat risk modelling
Social media leaving doors open to hackers
Written by staff reporter
A new study from ESET UK has revealed that 80% of IT professionals believe social media is an easy way for hackers to gain access to corporate networks because it is often neglected in terms of security, and furthermore 36% even admit that their company could be breached by a hacker through one of their employees’ social media access at work.
The study, which looked at the attitudes of 200 IT professionals, was carried out in May 2015 and also revealed that 12% of organisations have already had a virus enter their network via social media. Other findings revealed that despite 56% of respondents revealing that their organisation does have a policy which limits social media usage, 56% admitted that the policy wasn’t actually enforced.
As part of the study ESET UK also surveyed 1,000 employed consumers in order to establish their opinion of social media within the workplace. When the consumer respondents were asked why their organisation limited social media usage, 36% of respondents said they believed it was to increase productivity, rather than prevent social media security threats entering the network. Worryingly when consumer respondents were asked if they, or anyone they know, has had their Facebook identity stolen or attempted to be stolen a quarter of respondents said yes.
“Social media is often entirely overlooked within an organisation’s security posture because it is not recognised as a threat. This, however is wrong. Hackers are continuously looking for ways to access corporate networks, and social media can often be an open door, said Mark James, security specialist at ESET UK. “Cyber criminals use social media as a way to sneak malware and exploits past corporate firewalls, and scammers also trick social media users into visiting sites which they think are legitimate in a bid to steal information. However the biggest concern is that IT professionals have no visibility into what their employees are doing on social media and if the pages they are visiting pose a threat to the organisation.”
“One of today’s biggest social media threats is like-jacking. Likejacking is a malicious technique of tricking users of a website into posting a Facebook status update for a site they did not intentionally mean to like, which then enables the spreading of hoaxes and spam. The scam is very common and it usually involves an enticing video and it directs users to a compromised website, which then tries to install malware on their computer. Like-jacking is a big threat to consumers and they should be cautious about what they are liking on social media sites as it can be a lot more harmful that they would think,” James said.