Samker's Computer Forum - SCforum.info
World TOP Headlines: => Latest Security News & Alerts => Topic started by: Samker on 05. August 2009., 07:00:04
-
(http://www.ameagleflags.com/images/US%20Marine%20Corps.jpg)
Citing security concerns, the United States Marine Corps has issued an order banning access to social networking sites like Facebook, MySpace and Twitter on its network for the next year: http://www.marines.mil/news/messages/Pages/MARADMIN0458-09.aspx (http://www.marines.mil/news/messages/Pages/MARADMIN0458-09.aspx)
The Pentagon is now reviewing its social networking policy for the entire Department of Defense, which should be completed by the end of September, according to a report from CNN. The policy for the entire military is somewhat fragmented, as the Army ordered military bases to allow access to social media sites in May, according to Wired.
It would stand to reason that if it isn’t safe for Marines to access social networking sites that it might not be a great idea for other branches of the military, either. So, just how much of a security threat are social networking sites? Experts at security vendor Sophos have noted that Facebook, MySpace, LinkedIn and Twitter have all experienced attacks during 2009 designed to compromise PCs or steal sensitive information. About 63% of 709 system administrators polled by Sophos in February 2009 worried that employees were sharing too much personal information on their social networking profiles and as a result putting sensitive corporate data at risk.
Criminals are also getting more sophisticated in using social media sites to spread malicious code, or malware. They use Twitter, for instance, to try to get people to click on bad links. “If a user clicks on a link in Twitter and installs malware on an enterprise PC, that’s bad,” says Patrik Runald, chief security advisor at F-Secure, a provider of online security services. The fear is that the malicious code will then give hackers a back door to enter a corporate or military network. In fact, the Sophos survey revealed that 21 percent of respondents had been the victim of targeted malware or phishing attacks, designed to get victims to reveal sensitive information. Security experts say that once malicious code is installed on a corporate network, it can be difficult to spot. In some cases, it can run undetected for months.
The Marine Corps order noted that social networking sites “in general are a proven haven for malicious actors and content and are particularly high risk due to information exposure, user generated content and targeting by adversaries.” The order also noted that social networking sites expose unnecessary information to adversaries and gives them an easy conduit for information that puts operations security and communications security at an elevated risk for compromise.
If that’s the case, it would seem prudent for the Pentagon to quickly figure out just how much a hazard social networking is to military security. The U.S. is, after all, a nation at war.
(BusinessWeek)