Follow GFI:
Find us on Facebook Follow us on Twitter Find us on Linkedin Subscribe to our RSS Feed Find us on YouTube Find us on Google+
 

Google Advisory: Facebook and Twitter regularly victims of malware

on July 27, 2010
Google Advisory: Facebook and Twitter regularly victims of malware – Christina Goggi
Social networking sites have taken the world by storm and continue to find their way into the workplace. While these sites can work as an effective promotional tool for any organization, they also pose a series of problems, not only including cyberslacking but also malware attacks.
Alarming results from Google Safe Browsing Diagnostic Tool
Google Safe Browsing Diagnostic Tool showed some alarming results when various popular social networking sites were diagnosed. In July 2010, Facebook.com, was victim to malicious software including 133 scripting exploits, two trojans and one worm. Also, successful infection resulted in an average of 4 new processes on the target machine. Even worse, Twitter.com was also victim to malware including 4724 scripting exploits, 3727 trojans and 216 exploits in July 2010. Clearly, social networking sites are unsafe and organizations need to find an immediate solution to this problem.
What is at stake?
Attackers see social networking sites as an excellent opportunity to spread malware. Having short URLs makes it easy for malware creators to mask links to infected sites and send users to websites they would usually think twice before visiting.
If the corporate network gets infected by any type of malware, it can interrupt a good share of the organization’s productivity and its bottom line. To mention a few of the consequences, sales and orders could be lost, the provision of products and service packages could be interrupted and a number of important processes might not be performed in time. This could also lead to legal repercussions and risks in cases where personal information was saved in the databases and was meant to be kept secured.
What can companies do?
Unfortunately, a number of SMBs (small and medium-size businesses) only recognize lost productivity – when employees spend an amount of time browsing non work-related sites – as these social networking sites’ primary flaw. Because of this, organizations end up either blocking them completely or setting up usage policies without any controls put in place.
Blocking access has proven to be counterproductive as studies, such as the one by ENGAGEMENTdp (2009), have shown that the most valuable brands in the world are experiencing a direct correlation between top financial performance and deep social media engagement. On the other hand, usage policies are essential but not enough to protect the corporate network form malware attacks.
Businesses need to establish a good web filtering and security solution to protect their network from such risks. For instance, GFI WebMonitor offers multiple virus scanners which can scan for hidden downloads and prevent employees from inadvertently downloading malicious software, reducing the average time taken to obtain the latest virus signatures and decreasing the risk to the organization’s site by each new virus.
In this way employees will not feel that their Internet access is restricted while safety measures are still being taken.

Social networking sites have taken the world by storm and continue to find their way into the workplace. While these sites can work as an effective promotional tool for any organization, they also pose a series of problems, not only including cyberslacking but also malware attacks.

Alarming results from Google Safe Browsing Diagnostic Tool

Google Safe Browsing Diagnostic Tool showed some alarming results when various popular social networking sites were diagnosed. In July 2010, Facebook.com, was victim to malicious software including 133 scripting exploits, two trojans and one worm. Also, successful infection resulted in an average of 4 new processes on the target machine. Even worse, Twitter.com was also victim to malware including 4724 scripting exploits, 3727 trojans and 216 exploits in July 2010. Clearly, social networking sites are unsafe and organizations need to find an immediate solution to this problem.

What is at stake?

Attackers see social networking sites as an excellent opportunity to spread malware. Having short URLs makes it easy for malware creators to mask links to infected sites and send users to websites they would usually think twice before visiting.

If the corporate network gets infected by any type of malware, it can interrupt a good share of the organization’s productivity and its bottom line. To mention a few of the consequences, sales and orders could be lost, the provision of products and service packages could be interrupted and a number of important processes might not be performed in time. This could also lead to legal repercussions and risks in cases where personal information was saved in the databases and was meant to be kept secured.

What can companies do?

Unfortunately, a number of SMBs (small and medium-size businesses) only recognize lost productivity – when employees spend an amount of time browsing non work-related sites – as these social networking sites’ primary flaw. Because of this, organizations end up either blocking them completely or setting up usage policies without any controls put in place.

Blocking access has proven to be counterproductive as studies, such as the one by ENGAGEMENTdp (2009), have shown that the most valuable brands in the world are experiencing a direct correlation between top financial performance and deep social media engagement. On the other hand, usage policies are essential but not enough to protect the corporate network form malware attacks.

Businesses need to establish a good web filtering and security solution to protect their network from such risks. For instance, GFI WebMonitor offers multiple virus scanners which can scan for hidden downloads and prevent employees from inadvertently downloading malicious software, reducing the average time taken to obtain the latest virus signatures and decreasing the risk to the organization’s site by each new virus.

In this way employees will not feel that their Internet access is restricted while safety measures are still being taken.

About the Author:

Christina is Web Marketing Content Specialist at GFI Software. She is a keen blogger and has contributed content to several IT sites, besides working as an editor and regular contributor to Talk Tech to Me. Christina also writes for various publications including the Times of Malta and its technology supplement.

 
Comments
Sue Walsh July 28, 20105:48 am

Great article. Scammers and hackers are descending on Facebook and Twitter because of the huge audiences they have and how much easier they are to reach. URL shortening services have been a boon to them too as they can hide their malcious URLs with them.

It really is a paradox for companies. They see the value in social media for connecting with customers and boosting their brand image while at the same time have to worry about lost productivity and malware coming from them!

Christina Goggi July 30, 201012:36 pm

Thanks Sue! Yes, it is indeed a paradox as studies keep proving how effective these sites are when it comes to promoting the company (e.g. a 2010 study by Burson-Marsteller showed that “79 percent of the largest 100 companies in the Fortune Global 500 index are using at least one of the most popular social media platforms: Twitter, Facebook, YouTube or corporate blogs” – http://www.burson-marsteller.com/Innovation_and_insights/blogs_and_podcasts/BM_Blog/Lists/Posts/Post.aspx?ID=160); yet with these sites come web security risks which, as mentioned, can lead to loss of productivity.
I feel that what can be done at this stage is monitoring and filtering the corporate network, while establishing a solid Internet usage policy.

Iam Huey July 30, 20109:48 pm

But of course. With more than 500 million active users that spend over 700 billion minutes per month, Facebook is a malware’s heaven.

Cristina July 30, 201010:04 pm

@Sue, I agree. Social networking sites are double-edged swords. It has the potential of generating a decent income stream, leads, and clients. However, it also poses a huge risk on security, as well as affect productivity when used excessively for the wrong purpose at the wrong time.

I also agree with the use of shortened URLs. It’s just the perfect trojan horse for spammers, scammers and malicious attackers.

Jarus August 11, 20106:31 am

@Iam

I think this information is a mix of common sense, utter genius and paralyzing realization. It’s true that the sheer volume of users makes it a “heaven for malware”, but the real issue is how user friendly the sites are for both legitimate users and malware creators.

Accessibility works both ways, and unless stricter security measures can be implemented on these sites, I don’t think it’s a concern that’ll readily fade into the background.

Oliver B August 12, 201010:36 am

I think what I found interesting was the fact that “the most valuable brands in the world are experiencing a direct correlation between top financial performance and deep social media engagement”.

I’ve read in articles posted elsewhere that Facebook actually increases productivity if used in moderation. It allows employees to have a quick break in between bouts of work, while being able to return to their duties feeling refreshed and invigorated without having to leave their cubicle.