SlideShare a Scribd company logo

SOCIAL MEDIA AS A CYBER WEAPON

S
Sylvain Martinez

This document discusses how social media is used to gather personal data and how that data can enable cyber attacks. It notes that over 5 million records are lost or stolen daily and outlines the types of sensitive information that can be obtained from LinkedIn, Facebook, Twitter, and other online sources. The document warns that this data exposure enables personal, corporate, and marketing attacks but does not specify the nature of these threats or provide recommendations for mitigating risks.

1 of 17
Download to read offline
{elysiumsecurity} SOCIAL MEDIA AS A CYBER WEAPON Version: 1.1a Date: 25/04/2018 Author: Sylvain Martinez Reference: ESC5-MUSCL Classification: Public cyber protection & response
{elysiumsecurity} cyber protection & response 2 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT • Your Data; • Data Gathering Tools; • LinkedIn Data; • Facebook Data; • Twitter Data; • Other Data Source; • What Can you do about it? CONTENTS Public • Data Growth; • Data Leakage; • Data Control; • Cyber Attacks; • Personal Attacks; • Corporate Attacks; • Marketing Attacks;
{elysiumsecurity} cyber protection & response 3 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA GROWTH Public Statistics from Microfocus, 2017 Yesterday Tomorrow 100% 0% TIME GROWTH 3.8 Billion Internet Users 840 new Social Media users / day 455,00 Tweets / minutes 46,740 Instagram posts / minutes Facebook data per minutes: 3.5 Million Google searches / minutes 3 Million posts; 510,000 comments; 293 Statuses updates; 136,000 photos uploaded 4 Million likes;
{elysiumsecurity} cyber protection & response 4 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA LEAKAGE Public 9 7 2 7 9 6 7 9 8 8, ,, EVERY DAY 5,014,416 RECORDS EVERY HOUR 208,934 RECORDS EVERY MINUTE 3,482 RECORDS EVERY SECONDS 58 RECORDS DATA RECORDS ARE LOST OR STOLEN AT THE FOLLOWING FREQUENCY DATA RECORDS LOST OR STOLEN SINCE 2013 Source: Breach Level Index - April 2018
{elysiumsecurity} cyber protection & response 5 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA CONTROL Public Icons from the noun project otherwise specified YOUR CONTROL YOUR INFLUENCE NO CONTROL
{elysiumsecurity} cyber protection & response 6 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT YOUR DATA Public WORK FAMILY FRIENDSPERSONAL
{elysiumsecurity} cyber protection & response 7 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA GATHERING TOOLS Public
{elysiumsecurity} cyber protection & response 8 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT LINKEDIN DATA Public - What you do; - Where do you work; - Who do you know; - What you like; - What interests you; - Birthday; - Work Colleague; - Potential Friends; - Potential Family; - Work History: - Former Colleague; - Where you lived; - School History: - Where you are from; - Where you lived; - Your age; - Where to find your birth certificate - Conferences: - Where you were; - Where you will be!
{elysiumsecurity} cyber protection & response 9 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT FACEBOOK DATA Public - Friends; - Family members; - Kids name and age; - Where you live; - Date of Birth; - Place of Birth; - Romantic status; - Photos: - What you look like; - What others look like; - Other information - Names of your pets; - Favorite Colors; - What you know you like: - Music; - Films; - Books; - What you don’t know you like: - Profiling - Where you were; - Where you will be; - What you have done; - What you will be doing.
{elysiumsecurity} cyber protection & response 10 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT TWITTER DATA Public - What you do; - What you like; - What you don’t like; - What are your interests; - Who do you follow; - Who are your friends; - Who is your family; - Photos: - What you look like; - What others look like; - Other information - What are your political views; - Where you are; - Where you will be; - What you have done; - What you will be doing.
{elysiumsecurity} cyber protection & response 11 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT OTHER DATA SOURCE Public - What you bought; - What you want to buy; - What you like; - What you dislike; - Photos; - What you are listening to right now; - Where you are; - Your future DIY projects; - If you are going to have a kid: - A boy - Or a Girl!
{elysiumsecurity} cyber protection & response 12 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT CYBER ATTACKS Public
{elysiumsecurity} cyber protection & response 13 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT PERSONAL ATTACKS Public
{elysiumsecurity} cyber protection & response 14 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT CORPORATE ATTACKS Public
{elysiumsecurity} cyber protection & response 15 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT MARKETING ATTACKS Public
{elysiumsecurity} cyber protection & response 16 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT WHAT CAN YOU DO ABOUT IT? Public
{elysiumsecurity} cyber protection & response © 2018 ElysiumSecurity Ltd. All Rights Reserved www.elysiumsecurity.com ElysiumSecurity provides practical expertise to identify vulnerabilities, assess their risks and impact, remediate those risks, prepare and respond to incidents as well as raise security awareness through an organization. ElysiumSecurity provides high level expertise gathered through years of best practices experience in large international companies allowing us to provide advice best suited to your business operational model and priorities. ABOUT ELYSIUMSECURITY LTD. ElysiumSecurity provides a portfolio of Strategic and Tactical Services to help companies protect and respond against Cyber Security Threats. We differentiate ourselves by offering discreet, tailored and specialized engagements. Operating in Mauritius and in the United Kingdom, our boutique style approach means we can easily adapt to your business operational model and requirements to provide a personalized service that fits your working environment.

More Related Content

SOCIAL MEDIA AS A CYBER WEAPON

  • 1. {elysiumsecurity} SOCIAL MEDIA AS A CYBER WEAPON Version: 1.1a Date: 25/04/2018 Author: Sylvain Martinez Reference: ESC5-MUSCL Classification: Public cyber protection & response
  • 2. {elysiumsecurity} cyber protection & response 2 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT • Your Data; • Data Gathering Tools; • LinkedIn Data; • Facebook Data; • Twitter Data; • Other Data Source; • What Can you do about it? CONTENTS Public • Data Growth; • Data Leakage; • Data Control; • Cyber Attacks; • Personal Attacks; • Corporate Attacks; • Marketing Attacks;
  • 3. {elysiumsecurity} cyber protection & response 3 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA GROWTH Public Statistics from Microfocus, 2017 Yesterday Tomorrow 100% 0% TIME GROWTH 3.8 Billion Internet Users 840 new Social Media users / day 455,00 Tweets / minutes 46,740 Instagram posts / minutes Facebook data per minutes: 3.5 Million Google searches / minutes 3 Million posts; 510,000 comments; 293 Statuses updates; 136,000 photos uploaded 4 Million likes;
  • 4. {elysiumsecurity} cyber protection & response 4 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA LEAKAGE Public 9 7 2 7 9 6 7 9 8 8, ,, EVERY DAY 5,014,416 RECORDS EVERY HOUR 208,934 RECORDS EVERY MINUTE 3,482 RECORDS EVERY SECONDS 58 RECORDS DATA RECORDS ARE LOST OR STOLEN AT THE FOLLOWING FREQUENCY DATA RECORDS LOST OR STOLEN SINCE 2013 Source: Breach Level Index - April 2018
  • 5. {elysiumsecurity} cyber protection & response 5 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA CONTROL Public Icons from the noun project otherwise specified YOUR CONTROL YOUR INFLUENCE NO CONTROL
  • 6. {elysiumsecurity} cyber protection & response 6 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT YOUR DATA Public WORK FAMILY FRIENDSPERSONAL
  • 7. {elysiumsecurity} cyber protection & response 7 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA GATHERING TOOLS Public
  • 8. {elysiumsecurity} cyber protection & response 8 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT LINKEDIN DATA Public - What you do; - Where do you work; - Who do you know; - What you like; - What interests you; - Birthday; - Work Colleague; - Potential Friends; - Potential Family; - Work History: - Former Colleague; - Where you lived; - School History: - Where you are from; - Where you lived; - Your age; - Where to find your birth certificate - Conferences: - Where you were; - Where you will be!
  • 9. {elysiumsecurity} cyber protection & response 9 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT FACEBOOK DATA Public - Friends; - Family members; - Kids name and age; - Where you live; - Date of Birth; - Place of Birth; - Romantic status; - Photos: - What you look like; - What others look like; - Other information - Names of your pets; - Favorite Colors; - What you know you like: - Music; - Films; - Books; - What you don’t know you like: - Profiling - Where you were; - Where you will be; - What you have done; - What you will be doing.
  • 10. {elysiumsecurity} cyber protection & response 10 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT TWITTER DATA Public - What you do; - What you like; - What you don’t like; - What are your interests; - Who do you follow; - Who are your friends; - Who is your family; - Photos: - What you look like; - What others look like; - Other information - What are your political views; - Where you are; - Where you will be; - What you have done; - What you will be doing.
  • 11. {elysiumsecurity} cyber protection & response 11 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT OTHER DATA SOURCE Public - What you bought; - What you want to buy; - What you like; - What you dislike; - Photos; - What you are listening to right now; - Where you are; - Your future DIY projects; - If you are going to have a kid: - A boy - Or a Girl!
  • 12. {elysiumsecurity} cyber protection & response 12 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT CYBER ATTACKS Public
  • 13. {elysiumsecurity} cyber protection & response 13 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT PERSONAL ATTACKS Public
  • 14. {elysiumsecurity} cyber protection & response 14 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT CORPORATE ATTACKS Public
  • 15. {elysiumsecurity} cyber protection & response 15 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT MARKETING ATTACKS Public
  • 16. {elysiumsecurity} cyber protection & response 16 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT WHAT CAN YOU DO ABOUT IT? Public
  • 17. {elysiumsecurity} cyber protection & response © 2018 ElysiumSecurity Ltd. All Rights Reserved www.elysiumsecurity.com ElysiumSecurity provides practical expertise to identify vulnerabilities, assess their risks and impact, remediate those risks, prepare and respond to incidents as well as raise security awareness through an organization. ElysiumSecurity provides high level expertise gathered through years of best practices experience in large international companies allowing us to provide advice best suited to your business operational model and priorities. ABOUT ELYSIUMSECURITY LTD. ElysiumSecurity provides a portfolio of Strategic and Tactical Services to help companies protect and respond against Cyber Security Threats. We differentiate ourselves by offering discreet, tailored and specialized engagements. Operating in Mauritius and in the United Kingdom, our boutique style approach means we can easily adapt to your business operational model and requirements to provide a personalized service that fits your working environment.