Pages

1 August 2015

Security Implications of Social Media

By Col Harjeet Singh
31 Jul , 2015

The use of social media has become a ubiquitous component of the ever more interconnected world in which we now live. The use of social media platforms such as Twitter, Facebook and LinkedIn can provide organisations with new and innovative ways in which to engage with their staff. However this highly dynamic and end-user focused environment also brings with it a number of security concerns. The data held within social media can provide an attacker with a wealth of information about the internal workings of an organisation, including detail on roles and responsibilities, projects, relationships and expose information about internal IT systems, including the ability to identify security vulnerabilities.

“We become what we behold. We shape our tools, and thereafter our tools shape us.” ——Herbert Marshall McLuhan1

Social media is used by terrorist organisations as a tool for ideological radicalisation, recruitment, communication and training…

Social computing is not a fad. Nor is it something that will pass us by. Gradually, it will impact almost every role, at every kind of organisation, in all parts of the world. The term “social media” refers to internet-based applications that enable people to communicate and share resources and information. Social media can be accessed by computer, smart and cellular phones, and mobile phone text messaging (SMS). To give an idea of the numbers, there are more than 110 million blogs being tracked by Technorati, a specialist blog search engine; an estimated 100 million videos a day being watched on video-sharing website, YouTube and more than 130 million users on the social network Facebook.


The Supreme Court of India, on March 24, 2015, struck down Section 66 A of the Information and Technology Act, which allows police to arrest people for posting “offensive content” on the internet. The bench said the public’s right to know is directly affected by Section 66 A and the Section clearly affects the Right to Freedom of Speech and Expression enshrined in the Constitution of India.

What is Social Media?

Social media is best understood as a group of new kinds of online media, which share most or all of the following characteristics:

There is no way organisations can hold back the flow of social media, so it is better to put policies and technologies in place to manage it…
Participation: Social media encourages contributions and feedback from everyone who is interested. It blurs the line between media and audience.
Openness: Most social media services are open to feedback and participation. They encourage voting, comments and the sharing of information. There are rarely any barriers to accessing and making use of content, password-protected content is frowned on.
Conversation: Whereas traditional media is about “broadcast” (content transmitted or distributed to an audience) social media is better seen as a two-way conversation.
Community: Social media allows communities to form quickly and communicate effectively, sharing common interests.
Connectedness: Most kinds of social media thrive on their connectedness, making use of links to other sites, resources and people.

There are several kinds of social media:
Social networks: These sites allow people to build personal web pages and then connect with friends to share content and communication. The biggest social networks are MySpace, Facebook2 and Bebo. Perhaps the most ‘grown-up’ of the popular networks is LinkedIn, which allows users to build their business and professional contacts into an online network. It has been criticised for not being open enough and for charging for too many of its services – but next to Facebook, it is still the most popular online social network among people aged 25 and over.

The unprecedented reach of social media is something armies cannot afford to ignore…
Blogs: These are online journals, with entries appearing with the most recent first.3 At its simplest, a blog is an online journal where the entries are written in a personal, conversational style. They are usually the work of an identified author or group of authors.
Wikis: These websites allow people to add content to or edit the information on them, acting as a community document or database. Wikis are websites that allow people to contribute or edit content on them. A wiki can be as private or as open as the people who create it want it to be. The best-known wiki is Wikipedia, the online encyclopaedia which has over two million English language articles.
Podcasts: Audio and video files that are available by subscription, through services like Apple iTunes.
Forums: Areas for online discussion, often around specific topics and interests. Forums are a powerful and popular element of online communities. Internet forums are the longest established form of online social media. They commonly exist around specific topics and interests. Each discussion in a forum is known as a ‘thread’, and many different threads can be active simultaneously. This makes forums good places to find and engage in a variety of detailed discussions. They are often built into websites as an added feature but some exist as stand-alone entities. The sites are moderated by an administrator, who can remove unsuitable posts or spam. However, a moderator will not lead or guide the discussion. This is a major difference between forums and blogs. Blogs have a clear owner, whereas a forum’s threads are started by its members.

Social media is becoming a key information source for the public when violent terror acts occur…
Content communities: They organise and share particular kinds of content. Content communities are social networks – you have to register, you get a home page and then make connections with friends. However, they are focussed on sharing a particular type of content. The most popular content communities tend to form around photos (Flickr),4 bookmarked links (del.icio.us) and videos (YouTube).5
Micro-blogging: Social networking where small amounts of content (updates) are distributed online and through the mobile phone network. Twitter is the clear leader in this field.6

People can find information, inspiration, like-minded people, communities and collaborators faster than ever before through the various types of social media. New ideas, services, business models and technologies emerge and evolve at dizzying speed in social media.

People joining a social network usually create a profile and then build a network by connecting to friends and contacts in the network, or by inviting real-world contacts and friends to join the social network. Among the defining characteristics of social media are the blurring of definitions, rapid innovation, reinvention and mash-ups.7 Some marketers have cottoned on to the power of this and encourage people to reinterpret their content. MySpace, for instance, allows members to create vivid, home pages to which they can upload images, videos and music.

The use of social media in India was first highlighted during the 2008 Mumbai attacks…

The unique way that the internet continually improves in response to user experience is driving innovation on an unprecedented scale. Social media is developing in response to the appetite for new ways to communicate and to the increasingly flexible ways to go online. Its future direction is impossible to predict. What is beyond doubt is that social media – however it may be referred to in the future – is a genie that will not be disappearing back into its bottle.

A Security Challenge And Opportunity

New entrants to the global workforce are posing increasing security challenges to their employers as they mix personal and private lives. Nowhere is this more evident than in the use of social media, often accompanied by a low regard or even total disregard for privacy concerns. Most people believe the age of privacy is now over and are, apparently, unconcerned about the data that is captured about them.8

This attitude is at odds with organisational concerns about the disclosure of sensitive information through social media to potentially millions of Twitter and Facebook users. This has led to concerns about privacy linked to security and is driving proposals for cyber security directives that link privacy and security, especially where data breaches are concerned. According to the Cisco 2013 Annual Security Report, the highest concentration of online security threats is on mass audience sites, including social media. The report revealed that online advertisements are 182 times more likely to deliver malicious content than pornography sites, for example.

The ability of individuals to share information with an audience of millions is at the heart of the particular challenge that social media presents. In addition to giving anyone the power to disseminate sensitive information, social media also gives the same power to spread false information, which can be just as damaging. The rapid spread of false information through social media is among the emerging risks identified by the World Economic Forum in its Global Risks 2013 report. The report’s authors draw the analogy of shouting “Fire!” in a crowded cinema. Within minutes, people can be trampled to death before a correction can be made to the message. There have been several incidents over the past year where false information transmitted on the internet has had serious consequences. For example, a fake tweet by a someone impersonating the Russian Interior Minister, claiming that the Syrian President had been killed or injured, caused crude prices to rise by over $1 before traders realised the news was false.

Social media means that the community impacts of terrorist attacks are more widespread and longer lasting…

Social media is used by terrorist organisations as a tool for ideological radicalisation, recruitment, communication and training. In addition, terrorist groups take advantage of it to communicate with cyber crime organisations and to coordinate along with them fundraising activities (from illicit activities) carried out in part (drug smuggling, gunrunning) or completely (e.g. phishing9) on the Internet. The link between organised crime and terrorist organisations is increasing considerably in the cyber world, and this coalition will be able to produce new offensive technologies. To date, the terrorist groups which make the most substantial use of social media for their own purposes are the Islamic-jihadist ones.10 Facebook and YouTube channels are often used by them for recruiting and increasing the number of sympathisers and jihad-supporters, especially in the West (e.g. spreading photos and videos of successful terrorist attacks, publishing lists and biographies of martyrs, preaching or ideological texts).

Future conflicts will occur in more and more connected environments, which will be characterised by the use of new communication and information technologies, social media included. Social media is now ready to be employed more and more frequently to accompany traditional offensive means. In particular, the use of social media during a conflict adds to the employment of other mass media (newspapers, TV and radio) for propaganda, influence and deception activities.

Since open-source material is sparse, it is not possible to investigate cases of military campaigns conducted with an actual employment of social media in support of military operations. Nevertheless, it is useful to briefly mention the two latest conflicts between Israel and Lebanon. During the second Israeli-Lebanese war in 2006, Hezbollah carried out several Information Warfare (IW) activities thanks to the use of social media. During the conflict, they published several videos and photos on blogs, social networking sites and YouTube to foster their own image and decry Israel and their security services. Further, Hezbollah managed to instil a “perception of failure” in the Israeli political-military establishment which conditioned the course of the conflict.11 Iranian Signal Intelligence (SIGINT) professionals tracked signals coming from personal cell phones of Israeli soldiers to identify assembly points of Israeli troops that may have telegraphed the points of offensive thrusts into Lebanon. This is just one example of low-end cyber warfare that can be as deadly as expensive software worms designed to infiltrate an enemy’s most heavily defended networks. During the following war (2008-2009), Israel showed a much effective management of social media, employing them in information and counter-information campaigns.12

The unprecedented reach of social media is something armies cannot afford to ignore because of the positive and negative effect it can have on operational matters. Its power must, therefore, be recognised and managed. One option is a granular firewall to limit social media activities based on the user’s role in the organisation. The most important part of social media security strategy is awareness of policies designed to ensure regulatory compliance and to prevent sensitive information leaking. There is no way organisations can hold back the flow of social media, so it is better to put policies and technologies in place to manage it.

The use of social media has become a ubiquitous component of the ever more interconnected world in which we now live…

Organisations need to understand social media; they need to accept that it is not going away, and if they allow it, they need to monitor for any immoral, illegal, or offensive content, and be able to stop it immediately if it occurs. Success is achieved through empowering staff to undertake social media on behalf of the organisation in line with a comprehensive policy backed up with continual training. However, organisations should also recognise that analysis of the information in social conversations can produce security intelligence to improve security processes and enhance performance. Organisations also need to exercise caution against attempts to block access to external social media because they have proved to be ineffective at controlling risks and impede the development of enterprising social media initiatives.

A battlefield safety issue that some people have been warning about – and others have been ignoring – merits attention, i.e. an enemy using social media and cell phone geo-tagging to identify the precise location of troops on a battlefield. When a new fleet of helicopters arrived with an aviation unit at a base in Iraq, some soldiers took pictures on the flight-line. From the photos that were uploaded on the internet, the enemy was able to determine the exact location of the helicopters inside the compound and carry out a mortar attack, destroying four AH-64 Apaches.13 Insurgents figured out how to use this to their advantage in Iraq years ago.14

Social media is becoming a key information source for the public when violent terror acts occur. It is changing the speed of how the public learns about terrorist attacks, and the way they react. The first information to the public about incidents is now likely to come through Social media channels such as Twitter rather than through traditional news outlets. The use of social media in India was first highlighted during the 2008 Mumbai attacks, when Twitter and Flickr became the media through which much information about the attacks reached Indians and the outside world. A new way of crisis reporting emerged when Western journalists mined Twitter posts by people in Mumbai for details on attacks.15

Over the past few years the beliefs of young Muslims, that police will treat them fairly, have been declining.

Social media is increasingly important in influencing the public’s understanding of such attacks and what happens in the aftermath. It has implications for the first response by police to such attacks, with witnesses tweeting directly from the scene. There are important lessons for the police and authorities in terms of taking the heat out of a tense situation and reducing the opportunities for ‘secondary crimes’, e.g. hate crimes and public order incidents in different towns and cities across the country. Over the past few years the beliefs of young Muslims, that police will treat them fairly, have been declining. This has important implications for the Government’s Prevent Strategy and how counter-terrorism resources are used following future incidents.

The ubiquity of smartphones means that information can be spread to a wide audience in real-time, providing details about the attack and police response and updates on further developments. This new reality means that policymakers, security services and police forces need to consider the impact of social media in the aftermath of terrorist attacks in terms of response planning for terrorist incidents, rapid dissemination of information and criminal investigation procedures. There is a need to improve strategic communications capacity and capability in the initial response phase to inform the public about what is actually happening, in order to counteract rumours and conspiracy theories.

Social media means that the community impacts of terrorist attacks are more widespread and longer lasting. Long-term community impact management strategies should be developed, encompassing different agencies. Uniform Resource Locator (URL)16 shortening services are now an essential component for social media. This approach is commonly used by malicious parties to spread malware and viruses, as the use of shortened URLs can hide the real destination.17

Organisations need to understand both the positive and negative impact that social media can have on their image…

Conclusion

The use of social media has become a ubiquitous component of the ever more interconnected world in which we now live. The use of social media platforms such as Twitter, Facebook and LinkedIn can provide organisations with new and innovative ways in which to engage with their staff. However this highly dynamic and end-user focused environment also brings with it a number of security concerns. The data held within social media can provide an attacker with a wealth of information about the internal workings of an organisation, including detail on roles and responsibilities, projects, relationships and expose information about internal IT systems, including the ability to identify security vulnerabilities.

This information can provide a valuable insight into an organisation and increase the likelihood of a successful social engineering attack or even a direct attack against systems. Social media offers the ability for organisations to spread messages in real time to a much wider audience and promotes a two-way interactive dialogue between the end-user and the organisation. However, organisations need to understand both the positive and negative impact that social media can have on their image and manage this channel of communication effectively. This will enable them to avoid potentially damaging stories and other issues going unmanaged.

Without doubt, the use of social media provides a new avenue for organisations to exploit, but at the same time introduce fresh and potentially serious threats. Organisations should confirm that they have the appropriate policies and procedures in place, such as an effective acceptable use policy, training and awareness for social media and a social media handling policy. This will ensure that they are able to explore this opportunity without unduly exposing themselves to new threats and associated risks.

Notes
His big idea, encapsulated in the aphorism: “The medium is the message”, was that the important thing about media is not the information they carry but what they are doing to us in terms of shaping our behaviour, the way we think and possibly also the way our brains are structured.

In 2007, Facebook originated in US colleges, and subsequently became available for public use. Its popularity quickly rocketed, as part of Facebook’s success lay in its creators’ decision to ‘open up’ and allow anyone to develop applications and run them on Facebook – without charging them.

Originally ‘web log’ a website where the most recent entries appear first, typically allowing users to subscribe to updates and to leave comments.

Flickr is based around sharing photography and is the most popular service of its kind. Members upload their photos to the site and choose whether to make them public or just share with family and friends in their network. As testament to its enormous success, Flickr was bought by Yahoo! in 2005 for an estimated US $30 million.

YouTube is the world’s largest video sharing service, with over 100 million videos viewed every day. Members of YouTube can upload videos or create their own “channels” of favourite videos. The viral nature of YouTube videos is enhanced by a feature that makes it easy for people to cut and paste videos hosted by YouTube directly into their blogs. As well as thousands of short films from people’s own video cameras, webcams and camera phones, there are many clips from TV shows and movies hosted on the service. Some people also use the service to record video blogs. YouTube started as a small private company, but was bought by Google for $1.65 billion in October 2006.

A micro-blogging service that distributes bite-sized chunks of text across multiple platforms, including mobile, instant messaging and email. Messages are often status updates about what a user is doing.

A hybrid web application combining content from two or more different data sources, for example data added to Google Maps. There are literally hundreds of mash-ups of the Google Earth service, where people have attached information to parts of the maps. A popular type of mash-up cannibalises different pieces of content, typically videos and music. Mash-ups are possible because of the openness of social media – many websites and software developers encourage people to play with their services and reinvent them.

For further elaboration of this point, see the latest Cisco Connected World Technology Report. “More Generation Y workers globally said they feel more comfortable sharing personal information with retail sites than with their own employers’ IT departments,” says Cisco.

Computer fraud carried out sending counterfeit messages via e-mail or Social Media, and it is aimed at acquiring classified information for illegal purposes.

The term “jihadism” is used to refer to the instrumental use terrorist and religious extremism leaders make of jihad (which literally translates as ‘struggle’ and which, from a juridical point of view, consists of war activities aimed at defending Islam, advancing it and repelling evil from Muslims); the term ‘Islamism’, instead, is used to refer to the phenomenon of Islamic radicalization, that is following extremist ideas and being closed to any kind of ideological, cultural and religious contamination.

Mayfield T. D., A Commander’s Strategy for Social Media, Joint Force Quarterly vol. 60/2011, National Defense University, Washington, DC.

Ibid.
From a US Army press release warning of the dangers of geo-tags. When you take a photo with your cellphone, the GPS coordinates of the location you took the picture is embedded into the image.

http://defensetech.org/2012/03/15/insurgents-used-cell-phone-geotags-to-destroy-ah-64s-in-iraq/#ixzz3W467b0JC

My Interview With NPR on the Media on the Role of Citizen Journalism in the Mumbai Terrorist Attack” http://www.gauravonomics.com — blog run by social media expert Gaurav Mishra; 5 December 2008

A URL is a reference to a resource that specifies the location of the resource on a computer network and a mechanism for retrieving it. A URL is a specific type of uniform resource identifier (URI), although many people use the two terms interchangeably. A URL implies the means to access an indicated resource, which is not true of every URI. URLs occur most commonly to reference web pages (http), but are also used for file transfer (ftp), email (mailto), database access (JDBC), and many other applications.

A recently conducted analysis of URL shortened links within Twitter showed that, of the 3,465 links assessed, 520 were linked to malicious content such as malware. Clicking on a shortened link would on average take the user to two different sites (via automatic redirections) for each single URL advertised, which could further increase the likelihood of coming into contact with malicious content.
© Copyright 2015 Indian Defence Review

No comments:

Post a Comment