LinkedIn, Facebook, Twitter Users Beware
[FUD Watch with CSO Senior Editor Bill Brenner] The headlines are full of doom and gloom about attacks against Twitter, Facebook and LinkedIn users. Take this threat seriously, but don't let the alarming headlines drive you away
By Bill Brenner , Senior Editor
January 08, 2009 — CSO —
Looking at the specific nature of the attacks, this seems like more than FUD. It is something to be taken seriously, given the deep penetration of these sites in the business world. But don't be spooked by headlines suggesting this threat is something new. It has existed since the day these programs went live.
Social networking is increasingly part of our daily lives. For some, it's as natural as breathing. People post status updates to their Facebook pages from their mobile phones (my dopey but lovable cousin likes to do this while driving to work at rush hour). The line between real business and personal business is mushy and deteriorating. This makes it a tempting target for those who would exploit security holes in the technology. That's especially true when it comes to social engineering attacks -- where the bad guy sends out what appears to be legitimate messages from legitimate contacts, duping people into opening messages and URLs that are laced with malicious code.
My use of these programs shows how the line between the personal and professional has blurred.
I use LinkedIn exclusively for business. I use it to build my base of contacts in the security world and it has become an online Rolodex of sorts. When I'm looking for people to interview for something I'm writing or I want to assign guest columns, I reach out to people on LinkedIn. From there, I set up phone interviews or go back and forth by e-mail for those who are more strapped for time. It has become what the old-fashioned phonebook and Rolodex were to me 15 years ago, when my journalism career began.
I use Twitter to make quick contact with my security sources and to ask general questions of those in my network. But it often becomes a place where we just chat about everyday life, TV shows and the weather. The casual nature of it makes Twitter a particularly easy target, as we saw with the recent Twitter incidents.
Then there's Facebook, the grayest program of all for me. Most of my security contacts are on there and I often use it to get a business-related message out. I also use it to display all the content I create for CSOonline, as do many of my colleagues and industry associates.