The security of social networks and the people who use them every day has become a serious concern for enterprises and consumers alike. Millions of people rely on networks such as Facebook and Twitter to communicate and connect with friends and colleagues and attacks against the networks themselves and the users on them undermines some of the trust people place in them. Eugene Kaspersky, CEO of Kaspersky Lab, recently answered questions on the security concerns surrounding social media and what people can do to protect themselves on these networks.
Q: Social networks are flooded with spam. Adcertisements as well as posts like “add this link to your wall and you’ll become rich” reduce the quality and importance of information on blogs and other sites. Moreover, social networks have become a serious instrument for businesses, which also critically reduces amount of useful information there. Does this mean that today’s Social Networks are in many cases nothing but a bubble?
Eugene Kaspersky: It’s a universal problem for cyberspace, not only social networks: near 72 percent of all email traffic is SPAM, more than a quarter of all mobile applications are used just once. But I wouldn’t say that social networks are a bubble – this is a perfect place for communications that actually substitutes for traditional channels – like e-mails
, phones and personal meetings. In some cases – even real life itself.
Q: “Way from cure to poison – is a simple matter of amount.” Could you name 5 ways that social networks could be used most effectively for good and evil?
Eugene Kaspersky: Here are top five advantages of social networks:
1) It’s a perfect communications tool – probably the easiest way to connect two people on different continents. With themobile applications boom it became even easier.
2) You can find a club for any hobby or interest – there’s nothing easier to find new friends to make a parachute jump or go snowboarding.
3) It gives you an opportunity to create your own media – absolutely free and uncensored. Anyone can have a blog, podcast or even your own TV channel.
4) Social media are breaking the borders – it’s a bridge that connects nations (with some restrictions). That’s why this channel has to remain free – humanity finally has a chance to become one.
5) 24/7 online – we don’t use mobile or e-mail that often 🙂
And here is how social networks can be dangerous and harmful:
1) Social networks are the u
ltimate tools for gathering private information – and when it is used by cybercriminals, this information could and would be used against people. They are also a place where your child can come into contact with unpleasant or even dangerous people. The fact that the ‘Social networks’ category ranked second globally in terms of Parental Control component (in Kasperksy Lab products) alerts demonstrates that children are desperate to get on to social networking sites.
2) Social networks are unique social engineering platforms. When we use Facebook or Twitter we are like laboratory rats. Every step can be traced and analyzed. Marketing agencies, intelligence services – both private and governmental bodies use this tool as behavioral test faculty.
3) Disinformation. When social media are used by professional media people that is the easiest way to “spread the news”. Even if the news is a hoax – it is very hard to find the truth when the flame is already out.
4) A major problem is that social media could be used by extremists, terrorists and cybercriminals for recruiting new members in their criminal groups.
5) Social m
edia is like a drug – it is much easier to look successful online, than to be successful in real life. And if one day social media become essential, and for any reason collapse, millions of people would feel helpless and miserable.
Q: Nice list. All this information is supposed to be described within disclaimers. But nobody ever reads that – people just press “I agree” and proceed. What’s the point in those disclaimers if nobody uses them?
Eugene Kaspersky: Briefly speaking, every disclaimer is a legal bulletproof vest for the company which provides services or software. This is insurance, similar to “stupid” warnings on the products for customers who decide to spill burning coffee on their knees to see what happens or boil his wrist watch. The same with the Internet – if one decides to share all his personal data, including private pictures and GPS-tracks – no company or social network would prevent him from doing so. Brands use disclaimers to prevent all types of possible legal cases – they have no other options in the current legal system which is, let’s be honest, not really relevant to the ecosystem of the Internet and social media.
Q: When we speak about social media security via security software – what social media security can we hope for when purchasing premium antivirus software? What threats could be flagged and which threats will software probably never be able to protect against?
Eugene Kaspersky: The attack that comes from social networks is usually multi-level. On the first stage, intruders try to get access to your account – by a phishing site or by password stealers. On the second stage attackers use stolen accounts for their own purposes. It may be spam distribution, stealing money from bank accounts or simply access to your personal data. What is also dangerous, is that criminals may send links on malicious sites to all users in a victim’s friends list. People are used to clicking the link from people whom they trust and a malicious link could cause them to install malicious software. Later, infected computers can be used in botnets for different criminal purposes. One of our products, Kaspersky Internet Security 2013, is specifically designed to protect your identity from cyber criminals and the latest malware attacks.
Obviously there is no software which can guarantee 100% protection against sophisticated and personalized attacks thatinclude social engineering elements. When you’re attacked by another human being and he has found a key to your soul in hours of friendly talks – there’s nothing or nobody that can defend you but yourself. My advice is though very simple – never trust people that you know only by chats in social media. Honestly – never do business or reveal private information to someone you haven’t actually met. Second – use your brain wisely – there’s no such thing as free cheese in the mousetrap.
Q: Is there any way Kaspersky would come up with free Kaspersky Antivirus?
Eugene Kaspersky: Actually we have free tool which can be downloaded from our site (http://www.kaspersky.com/virusscanner): Kaspersky Virus Removal Tool, Kaspersky Rescue Disk 10 and Kaspersky Security Scan. It is not proper antivirus, but just a useful tool which can scan your software on demand and helps to find vulnerabilities.
The fact is that free antivirus can never be as effective as paid one. Nowadays sophisticated software security is not a product, but a service, provided on a daily basis – with insane and complex infrastructure (servers, automatic scanners, artificial intelligence that is determining new malware, huge databases updated daily, top-notch specialists, etc). And quality service cannot ever be provided for free.
Q: There are millions of internet-connected devices and the forecast is even more promising – lots of new cheep smartphones are coming, Internet will be integrated in cars, fridges, microwaves, TVs. Google and their pals from Silicon Valley are pushing new technologies such as augmented reality, Google glasses etc. And all those are potentially new entry points and tools for social media. Do they think about its security?
Eugene Kaspersky: In most cases manufacturers don’t think about security at all. Homo sapiens are created in this way – the first thing we care about is our comfort, convenient pricing and then… everything else. Security issues are usually the last thing that pumps in your head. And most of the times it is too late.