NIS2, Are you on scope?
Belgium's new cybersecurity law enters into force. Check it out now.
Social media have become an important asset for organisations to use for communication and information. Despite the benefits those publicly available platforms might bring, they can also become a huge attack surface and be used for malicious purposes such as misinformation, identity theft, stealing of confidential information or fraud. Every organisation needs to make sure that all its social media are secured correctly.
Cybercriminals take advantage of social media to launch attacks as it only takes one account to compromise in order to be able to reach a great number of potential targets. Different types of attacks can be launched through social media, such as:
Social media accounts gather a lot of confidential information such as personal information, home addresses, phone numbers, etc., which are an attractive target for cybercriminals. Accounts thus need to be protected by using strong passwords that are different for each account. A strong password is one of at least 12 characters and has a combination of upper
and lower cases, numbers and symbols. In combination with a strong password, Multi-Factor Authentication should also be enabled wherever possible. Multi Factor Authentication requires a user to provide at least two different methods (e.g., passwords and PIN code, PIN code and a code received via text) to verify their identity and grant them access to the resource they are trying to reach.
Usually, default parameters are set to let anyone see personal information and posts on social media. That visibility can be restricted by configuring it within the account and making sure the owner controls what the public can or cannot see. Those configurations should be regularly checked as they can sometimes be changed without alerting the user. In addition, some accounts can also be set to ‘private’ to reduce the visibility of the information and posts shared.
Social media offer an important reach and it is not possible to always fully control the audience that has access to the information and posts shared. Personal or confidential information shouldn’t be shared on those platforms, as they could be used for malicious purposes. In addition, work-related post should be written carefully as they could harm the reputation of the organisation, even when shared by a collaborator and not the organisation’s account itself.
Besides that, all information shared online by others should be read and re-shared carefully. Anyone can post whatever they want online, there is no control in place to verify the veracity of the message shared. Cybercriminals use this to share messages (e.g., fake news, promotions) that can have serious consequences. By sharing those yourself, you could be diffusing harmful messages to your network.
Finally, whatever you are sharing or reposting online, make sure to respect the law. Don’t share anything that might go against our established laws such as content related to cyberbullying, paedophilia, comments inciting racism or violence, infringement of image rights, etc.
Malicious people use social media to carry out scams by creating fake accounts or by using a hacked one to impersonate an organisation or a collaborator. They reach out to people using those accounts in order to steal confidential information and/or money. Money, pictures, videos or any type of sensitive information should never be shared online without first making sure the person behind the account is really who they claim to be.
Some applications can request access to social media accounts to be able to login faster. Those requests should always be analysed carefully and access should be granted only to strictly necessary information. Also, even if using a social media account to login into an application can seem more handy, it should be used carefully as it gives access to a great deal of information available on the account.
Applications should only be installed from official vendors or websites to avoid downloading a virus with it. As soon as the application is not needed or used anymore, it should be uninstalled or the access initially granted should be revoked.
Public Wi-Fi or public computers are a handy solution as people can access professional resources, browse websites, or manage their social media almost everywhere. However, as the name indicates it, it is public and everyone can access it, including scammers and criminals. If it is wrongly configured, a public Wi-Fi or computer can be used to monitor the activities of people connected to it and steal their information. Always prefer your organisation professional WI-FI network and professional devices to access professional resources.
If the social media allows it, all the log-ins made to an account can be viewed along with the devices used to connect to it. This list should be reviewed regularly to ensure only known devices and locations were used to connect to an account. As soon as an unknown device or location appears in the list, it should be immediately removed and the password should also be modified right away.
As soon as an account is not used anymore, it is better to delete it completely to make sure the information it contains cannot be accessed without the owner’s knowledge.
An organisation’s collaborators are its first line of defence. Your collaborators need to be made aware on how to identify scams and fake message in order to adopt the right reflexes. There are several ways cybercriminals try to steal collaborators’ credentials in order to get access to an organisation’s resources. It is thus important to have regular informative sessions to train the collaborators about not sharing too much on social media and not clicking on a link or opening a file without analysing where it comes from first.
If an account is sending messages or sharing posts without the owner’s knowledge, it was probably hacked. In order to regain control of the account, the following steps can be taken:
The aim of this content is to share and raise awareness of good cyber security practice.
Some of this advice may apply differently depending on the context of your organisation.
Always comply with the policy and instructions in force in your organisation.
If in doubt, always ask your IT manager for advice first.