Last year, Bromium and Dr. Mike McGuire, Senior Lecturer of Criminology at the University of Surrey in the UK, conducted in-depth academic research into the state and growth of the cybercrime economy, to better expose the impact cybercrime is having on the world – on both our personal and professional lives – today. The resulting report, “Into the Web of Profit,” showed how the cybercrime economy generated $1.5 trillion in revenue each year for malware authors and other cybercriminals, with some of the funds being diverted into traditional crimes, such as human trafficking and terrorism. The situation’s dire and getting worse.
One of the most interesting findings was the clear identification of a new form of cyber-enabled crime – platform criminality. Platform criminality mirrors the disruptive platform-based business models utilized by the likes of Uber and Amazon – where data, often ill-obtained via cyber theft, their primary commodity. These findings are still being discussed within government, law enforcement, and business today and the analysis just scratched the surface. Further investigation was needed.
Read More: Why Tone is Everything in Marketing!
Delving Deeper into the Platform Criminology Model and the Role of Social Media
Over the past year, Dr. McGuire took on the challenge of investigating the role of popular social media platforms in cybercrime and how these other forms of crime are compounded via unprotected and mostly unregulated social media networks. His findings, detailed in our follow-up report entitled “The Web of Profit: Social Media Platforms and the Cybercrime Economy,” show that the problem is more pervasive than previously thought, with these platforms contributing at least $3.25B annually to the global cybercrime economy. The findings should serve as a wake-up call not just for law enforcement, governments, and enterprise organizations. We’re simply not doing enough to protect ourselves.
Social media has long been a thorn in the side of enterprise security. Up to one in five enterprises have been infected with malware originating from social media and one in eight have experienced a security breach as a result of a social media-directed cyberattack. While in the early days, companies tried to ban its use, social media has become a key business tool for the enterprise – particularly for marketing and HR – that preventing its use is simply not practical.
The report highlights how social media has come to represent a nasty blind spot for enterprise defenses and significant business exposure. It enables rapid infection across large user bases and provides easy access to would-be hackers to get the tools and services they need to launch attacks. This backdoor access to enterprise systems puts customer data and business IP at risk on a daily basis. And, at the moment, enterprises are simply not equipped to deal with it.
Taking a Deep Dive into the Findings
The report covers a lot of ground, but to summarize, here are some key takeaways that businesses should be mindful of:
- Social media platforms are being used as a trojan horse by hackers to enter the enterprise. Cybercriminals can use simple hacks to reach millions of users globally, with very little effort on their part: social media is in effect a global distribution center for malware. One in five organizations has now been infected with malware distributed via social media. Research conducted for this report found that up to 40% of malware infections identified were connected to malvertising. A further 30% came from malicious plug-ins and apps. Employees casually clicking on malicious content spread by cybercriminals are unwittingly giving hackers backdoor access to high-value assets.
- Social media is enabling the rapid and undetected spread of crypto-mining malware. Data obtained through this research shows that four of the top five global websites hosting crypto mining code are social media platforms. Something as innocuous as clicking on a YouTube advert can result in crypto mining malware installing onto devices and hijacking them to mine cryptocurrency, increasing power consumption, and potentially using cryptojacking payloads for even more nefarious purposes in the future. The brilliance of this – from a hacker’s perspective – is that a lot of victims won’t even know they have been hit, meaning that hackers can go undetected for a long time. But the increased performance strain on the CPU or GPU will accelerate the deterioration of enterprise equipment and drain IT resources, causing significant costs in relation to computing power.
- Social media is making it even easier for would-be attackers to get the tools and expertise they need to launch their assaults. The report found widespread availability of hacking services, hacking tutorials and the tools needed to aid hacking efforts, like exploits and botnets for hire. The boundary between social platforms and Dark Web equivalents is becoming blurred, with tools and services freely available, or acting as an entry point for more extensive shopping facilities on the Dark Web.
Protecting the Enterprise from Social Media-Enabled Threats
Clearly, social media platforms can pose a serious business risk to any organization, leaving them wide open to attacks. Current approaches to security do not provide the protection needed to prevent social media-enabled attacks from gaining a foothold in the enterprise.
It’s vital that enterprises understand and defend against this growing threat. The knee-jerk reaction of simply blocking social media websites is untenable. Organizations that fail to engage on social channels, whether it’s LinkedIn, Twitter, YouTube, Facebook or Instagram, will lose competitive advantage and fail to engage with a savvy digital-native customer base. So, what can businesses do?
The question every business should be asking itself in light of this research is: How am I defending my organization against social media-enabled attacks? While there is no easy answer to this question, there are a number of steps that organizations can take.
First, organizations must ensure they fully understand the role played by social media in facilitating cybercrime, or risk being invaded by savvy cyber criminals intent on hijacking the enterprise. To do this, they must focus on reducing the business impact of social media-enabled crime by adopting layered cybersecurity defenses and application isolation.
Application isolation provides a unique defense against social media-enabled crime by isolating web pages and attachments within hardware-enforced virtual machines. If a user clicks on a malicious link or advert that contains malware, it is trapped and isolated from other applications and the network. This renders any malware harmless, leaving hackers with nowhere to go and nothing to steal. Once done, users can simply close their browser, document or file, deleting the virtual machine and any malware contained inside. This allows employees to get on with their job without worrying about causing a breach, dramatically reducing harm to organizations and safeguarding high-value assets.
Ultimately, hackers know a company’s weak spot – employees – and they know how to manipulate them through trusted connections. Cybercriminals know that they likely won’t get caught. It’s a numbers game. And social media puts the odds of finding someone who will click on their malware firmly in a cybercriminal’s favor. Only with a thorough understanding of the scope of the problem and deploying advanced capabilities, including containment, to defend ourselves can we start to tip the balance. If we carry on as we are, then we are just sitting ducks.
Read More: Why Tone is Everything in Marketing!