Adapting to Social Media Threats: What Security Teams Need to Know
By the time you finish reading this sentence, well over 10 new users have entered the social media ‘verse. While most of these users are probably harmless, some could circulate disinformation. Others may use public channels to spread malicious links. Some might even work for your organization, unintentionally exposing private information to the world.
When this kind of social media use impacts your organization’s security, would you know how or where to find it?
Social media is now a valuable public data source for security efforts. Alongside notorious online threat sources like the dark web, social networking sites can alert organizations to a variety of risks spanning cybersecurity, physical security, and an intersection of the two.
But the social threat landscape is rapidly changing. New networks emerge and disappear daily, each hosting different audiences, topics, and content policies. As security professionals, it’s challenging to separate relevant risks from noise and stay ahead of new, obscure networks where security threats often surface.
Progressive security teams understand the importance of social media content, but many are lagging behind in its digital and physical security applications.
Why is social media data crucial for security in 2021, and how are security teams adapting to mitigate social media security threats?
Real-World Social Media Threats
What does a social media threat look like in 2021?
Some risks come directly from an organization’s own social media use. For example, staff often re-use professional credentials on their social media accounts. In the event that a social network is breached, attackers may test leaked login data across the user’s other accounts (a tactic called credential stuffing). If successful, the attacker can gain access to an organization’s data, especially if the victim has generous permissions.
People share a lot on social media. Attackers know this and exploit it. For example, active social media users often divulge patterns of life—daily routines, whereabouts, and even their pets’ names. This information is used to improve social engineering and guess passwords. Images or videos posted from staff within the workplace can also share private information like access control IDs, building layouts, meeting notes, or phone conversations. In the wrong hands, this data could enable physical or digital compromise.
Social media threats also originate from external actors. Data breaches are usually associated with more hidden websites like paste sites and the dark web. However, less-regulated social media like Telegram are now used to leak credentials and advertise data for sale. These sources are even valuable for assessing physical security gaps as users discuss how to bypass access control systems or shoplift like a pro.
Social media sources are also relevant for detecting brand impersonation and disinformation—which can target an organization’s reputation or threaten public safety. Fake media accounts are also used to host scams and phishing/malware links, which can trick users into providing their personal information.
In some cases, social media offers visibility into on-the-ground risks. In the event of a natural disaster, public shooting, or another physical threat, social media posts can deliver real-time alerts faster than other sources. This is crucial when security teams only have seconds to assess the situation and respond.
The Risk of Social Media Oversight
Social media visibility is clearly a no-brainer for security initiatives spanning digital and physical spaces.
But with the volume and variety of available data, adapting to this risk landscape isn’t easy. Cyber and physical security teams are already playing catch-up with a variety of new post-COVID risk factors, from remote workforce risks to disinformation. When it comes to tracking social media threats, finding the right information at the right time—and knowing where to look—is a persistent challenge.
We all know about common social media sites like Facebook—but even security teams may overlook fringe networks, like chan sites and decentralized social media platforms. These sites are hard to access and search manually, and they’re not always available through commercial data providers catering to the security sector.
Without access to relevant social media data, organizations increase their risk of compromising private information. The average data breach costs upwards of $3.86M, including detection efforts, business loss, response, and victim communications. There’s also the hidden but long-term cost of reputation damage. In situations where social media data can make or break physical crisis response, lack of access can cause damage to infrastructure and put personnel, customers, and the public in danger.
Adapting to Social Media Security Threats
Forward-thinking security functions are adapting to social media threats by improving their access to relevant, public social media data. Alongside other emerging strategies, like org-wide security education and security convergence, improved social media data access ensures that risks are found, addressed, and mitigated before they escalate.
Commercial data providers fill this need by delivering third-party tools or direct API access to public social media content. These solutions enable security teams to search across a range of social networks for threats relevant to their organization and stay alerted in real-time when red flags arise.
Every organization has different security requirements, and not all software solutions have the same features or feeds. To adapt to social media security threats, organizations should prioritize tools that provide:
- Comprehensive data coverage. Many commercial data providers focus on access to big-name networks, causing security teams to overlook threats on obscure sources. Choose a solution that integrates niche, decentralized, or alt-tech social networks, and a provider that works with your organization to improve data fidelity and add in-demand risk feeds.
- Advanced filtering and AI. A simple keyword search usually isn’t enough to sift through the noise. Commercial data discovery solutions should allow users to apply advanced filters to reduce false positives. AI can also automatically decipher a post’s context or extract location-based data for physical security threats.
- Usability. Data discovery software is meant to speed up your security efforts—but complex tools will only frustrate and slow down security analysts. User-friendly software is crucial for efficient security response, especially for converged teams where non-technical staff need data access.
- Compliance. Commercial data providers vary in their acceptable use policies and privacy standards. Work with a vendor that prioritizes compliance to avoid service disruptions and public scandal.
These features help security professionals save time and resources finding relevant threats, and provide the data fidelity required to avoid information gaps. Regardless of the use case, security teams can then make faster, more informed responses to threats originating on social media—and ultimately avoid or minimize harm to vulnerable people, infrastructure, and data.
While social media has numerous benefits, it’s also a vehicle for threats to your organization—and it’s changing faster than many security teams can keep up. Improving social media data coverage and accessibility is one of the most immediate ways for your security function to adapt to social media threats. It’s just a matter of finding the right tool for your needs.
Does your organization scan niche social media sites like imageboards and chat applications for threats?
Book a demo to see if you’re missing out on relevant data.