Are Social Networks the New Front Line For Social Engineering?

The corporate sector is increasingly using Internet-based technologies, and cybercriminals have found ways to take advantage of corporate Canada’s adoption of social media and internet technologies.

Using social networks and search engines, attackers are stealing intellectual corporate property which is more valuable than day-to-day financial and customer data by performing astutely crafted social engineering attacks. These attacks are mostly devised by scam artists looking to get insight in the stock or commodities market, or by companies seeking to surpass their rivals.

Thousands of companies in the Canada alone have been targets of such cybercriminals in the last five years; and each month, as much as 30 or 40 companies are facing intrusions with most companies not even reporting the intrusions. In other words, cybercriminals are going rampant stealing corporate secrets to monetize them.

The social engineering attacks usually begin with the criminals using social networking sites like Google, Facebook, LinkedIn and Twitter to find targets. Upon finding one, they lure a particular employee by devising a spear phishing attack which makes the employee click on a viral attachment or Web page link.

Once the computer has been infected, the intruders penetrate deeper into the organization’s network by using various social engineering tactics. Making an administrator give out the username and password is usually a piece of cake for the talented and well-trained scam artist. As the cybercriminals gain more access to useful data, it becomes easier for them to map the layout of the network and make note of key servers that control e-mail and store data.

This is where all the havoc starts building up. The scam artists frequently disable antivirus protection and set up multiple backdoors with different configurations so that even if the intrusion is detected, they can get back and re-infect the network. And before the companies know it, their trade secrets will already have been stolen.

Prevention is the best defense.  Corporations must face IT security straight on.  Training staff and setting up the right defenses is essential.  Dynamix Solutions specializes in providing IT security services in the Toronto area.  Need some help trying to figure out what the right security solution is for your business, give us a call.   No business is free from the risk, and it takes just one breach to bring your business to its knees.  Call us today.

Leave a Comment