I very rarely dread having to write about any aspect of technology, but this week, I must delve into a topic into which I never thought I would have to go: the breakup of BranGelina.
Gods help me!
Now with regard to the actual marriage of Angelina Jolie and Brad Pitt, let me make myself absolutely crystal clear: I could not be, were I to be encased in concrete and chained to a mountain, less moved by their plight. But, the storm of publicity around their marital troubles has, dare I say, a tech angle that is worth talking about.
“In some extreme cases, they may even buy legitimate ad space that then infects the site, or tries to download to a client machine a malware payload”
In fact, it has been a rich week for such things with fate of the Great British Beak Off (GBBO) and its ‘talent’ also producing a social media flush. When added to this is the news of potentially the largest data breach in history in the form of the loss of 500 million user details by Yahoo, and the basis for the tech angle is well set.
Any media storm is going to attract the attention of the nefarious, the criminal and the hacktivist.
In the midst of such media frenzy, such actors see opportunity, for gain, for influence and for publicity themselves.
Email trick
In its simplest form, such media storms can be hijacked for fairly low level nefarious purpose. By simply sending out emails purporting to contain pictures, salacious details or other such bait for the unwary, blackhats can deploy malware that could potentially compromise machines, gain control or allow harvesting of personal details. This is an age old trick and one that is most common when such ‘world events’ occur.
This is fairly easy to guard against, but there will always be one that falls for it.
Recently, the digital forensics expert Andrew Harbison of Grant Thornton said that when a phishing email arrives, you have according to statistics, on average, 30 minutes in which to clear it out of the system before someone clicks on it.
However, a combination of a good filter, antivirus protection and general staff awareness should easily prevent such gambits worsening your day beyond the emotional angst that is the inevitable fallout of a celebrity breakup.
Scripts and malware
The next wave of exploitation comes from a slightly more sophisticated gambit, site hijacking and cross-site scripting.
When sites legitimately carrying information relating to such incredibly important events as these experience the inevitable rise in traffic, the criminals want a piece of it. They will often try to grab misspelled domains close the top sites, or, with more sophistication, might try to embed code within web pages to serve malware. In some extreme cases, they may even buy legitimate ad space that then infects the site, or tries to download to a client machine a malware payload.
Motivations again are the sheer volume of traffic and the potential to harvest PID, credentials or even build a botnet for later use.
At the recent Cyber Threat Summit, Jason Steer of Menlo Security showed that popular Irish sites accessed by browser employing the Document Object Model (DOM) could result in up to 30 off-site script calls being made, each one a potential threat vector. When such opportunities arise, the devious see opportunities.
These threats can be harder to guard against as even major sites can be made to serve out such threats.
However, updated browsers, scripting turned off and cookies set to first party and sessions only will go a long way towards preventing such issues.
Hashtaggery
The final category is the social media hijack. This is the simplest in terms of mechanisms, but can often be highly effective.
This is where hashtag, Facebook comments page or other such social media centre of focus is hijacked to circulate propaganda to a wider audience than may be otherwise possible. From Lewis Hamilton’s Formula 1 wins to the where Mary berry’s loyalties and Paul Hollywood’s ambitions lie, any hashtag or discussion topic that is seeing a widespread surge in traffic will be targeted.
The Cyber Caliphate, the online presence of ISIS, is a master of this, but so are other groups such as Russian and Chinese groups with ‘sympathies’ for certain regimes.
This is the easiest to protect against in so far as there is no real security threat as such, but difficult in the fact that such groups have no qualms about using violent and deeply upsetting materials in an indiscriminate way.
In such circumstances, what has been seen cannot be unseen, as it were.
Do not feed
Overall, the security issue is the same: don’t feed the fire and you won’t be burned by the sparks.
While some employees might have legitimate reasons to read about the yahoo breach, do they really need to get the low down on a format sale to Channel 4, or the histrionics of some disappeared up their own celebrity couple? Well, no.
So IT pros, be aware of the potential for such media storms to have these security implications even if, like me, they come from a world you’d rather continue to ignore.
Subscribers 0
Fans 0
Followers 0
Followers