SOCIAL MEDIA PROBLEMS CONCERNED WITH BUSINESS

CYBER ESPIONAGE OR CYBER SPYING

Cyber espionage or cyber spying is the act of obtaining personal, sensitive or
proprietary information from individuals without their knowledge or consent. In an
increasingly transparent and technological society, the ability to control the private
information an individual reveals on the Internet and the ability of others to access
that information are a growing concern.

An article published by a renowed News channel PRESS TV said that:

“CIA Director John Brennan is planning on updating the agency's approaches, amid an
exploding use of smartphones, social media and other technologies. His plans call for an
increased use of cyber capabilities in operations ranging from identifying foreign officials to
recruit as informants, to confirming the identities of drone strike targets. Several officials
have said that Brennan has even considered creating a new cyber-directorate. The
expanded emphasis on cyber is part of a broader restructuring envisioned by Brennan.
The plans are expected to further raise worries among privacy and human rights
advocates.”

REFRENCES: https://www.youtube.com/watch?v=IxUHuYMlLzs

Another example of cyber spying is Blackgear espionage campaign, who used ELIRKS
and Ymair (malwares) as command and control (C&C) servers allowing the attackers
to keep the actual C&C server hidden and easily change the server that is in use.

REFERENCES

1.BLOG PUBLISHED BY TRENDMICRO

According to the blog published: “BLACKGEAR is an espionage campaign which has

targeted users in Taiwan for many years. Multiple papers and talks have been released
covering this campaign, which used the ELIRKS backdoor when it was first discovered in
2012. It is known for taking using blogs and microblogging services to hide the location of
its actual command-and-control (C&C) servers. This allows an attacker to change the C&C
server used quickly by changing the information in these posts.”(JOEY CHEN, “Blackgear
cyberespionage campaign resurfaces,Abuses social media for c&c communication” JULY
2018.[ONLINE].AVAILABLE:https://blog.trendmicro.com/trendlabs-security-intelligence/bl
ackgear-cyberespionage-campaign-resurfaces-abuses-social-media-for-cc-communication/
?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Anti-MalwareBl
og+%28Trendlabs+Security+Intelligence+Blog%29)
According to the blog published: “A notable characteristic of Blackgear is the degree to
which its attacks are taken to evade detection, abusing blogging, microblogging, and social
media services to hide its command-and-control (C&C) configuration. Compared to when
C&C information is embedded within the malware, where it’s preset and can thus be easily
blocked, this tactic lets Blackgear’s operators to quickly change C&C servers as needed.”

IDENTITY THEFT

Recent research reveals that identity theft affects millions of people a year, costing
victims countless hours and money in identity recovery and repair.(Kent.lewis.”how
social media networks facilitate identity theft and fraud”,[ONLINE]. AVAILABLE:
https://www.eonetwork.org/octane-magazine/special-features/social-media-networ
ks-facilitate-identity-theft-fraud)

1.HACKING AND IDENTITY THEFT: The statistics of a US research depicting how

victims of Identity Theft increased from 2013 to 2015 to a whopping total of about
five hundred thousand victims in 2015.(C. Chipurici, June 2016. [Online]. Available:
https://heimdalsecurity.com/blog/how-to-prevent-identitytheft-20-steps/.)

2.BUSINESS SPYING: The fraudster can easily pose as an employee of a company by

creating a Facebook page and may invite other employees to join. This may lead to
leaking of company’s confidential information and sabotaging its image(R. Siciliano,
November 2010. [Online]. Available:
http://robertsiciliano.com/blog/2010/11/05/15-facebookfiascos-to-watch-out-for/.)

3.TRADE OF ILLEGAL PRODUCTS: This particular crime involves buying and selling
products and services that are either illegal or banned in a certain locality. It usually
consists of buying drugs, alcohol, etc. For example, according to(R. Byrne Reilly,
"Buying a gun on Facebook takes 15 minutes," February 2014. [Online]. Available:
https://venturebeat.com/2014/02/26/exclusive-buying-agun-on-facebook-takes-15-
minutes/) a 15-year old student was arrested in Kentucky on accounts of carrying
an unlicensed and loaded gun on school premises. Upon interrogation, he confessed
that he had bought the gun on Facebook.

4.PHISHING: Phishing refers to a kind of fraud in which the criminal tries to gain
access to personal information,such as account information or login credentials by
impersonating as a trusted entity. This usually performed by two methods. First
sending links of fake Websites that capture your login and password credentials and
second by becoming friends with the person by sending false acquaintance messages,
which the person unknowingly accepts (P. Hoelscher, 2017. [Online]. Available:
http://resources.infosecinstitute.com/category/enterprise/phi
shing/the-phishing-landscape/phishing-attacks-bydemographic/social-networks/#gr
ef). On social networking sites, this is accomplished by sending requests to play a
Quiz, complete a survey or share something for a free giveaway(Experian, "Facebook
Fraud: Identity Theft through Social Networking," 2010. [Online]. Available:
https://www.protectmyid.com/images/education_center/pdf/
050TypesofFraud/7_types%20of%20fraud_social%20netw orking.pdf.)

5.HACKING: A very common and easy method for criminals is to steal identities
nowadays through social media accounts. This is mostly due to everyone’s habit of
using the same password for almost all accounts. Once the hacker gets access to
your social accounts, they can easily get hold of your bank account data, online
shopping details, and credit card details or even use your social accounts to perform
criminal activities (N. Farhoud, August 2016. [Online]. Available:
http://www.mirror.co.uk/news/uk-news/how-hackers-cansteal-your-857665)