026
Source: Check Point Software Technologies
TWO MAJOR DROPBOX SECURITY
INCIDENTS IN TWO YEARS
13
%
Twitter
12
%
LinkedIn
59
%
Facebook
Top Social Network Bandwidth Utilization
Average Utilization Calculated within
Social Network Applications
Chart 3-H
Legitimate Facebook Post or Virus?
With the constant rise of social networking popularity,
new security challenges are constantly introduced to
organizations. Inadvertently posting sensitive project
information on social networking applications could
harm the reputation of an organization, cause loss of
competitive advantage or lead to financial loss. Hackers are
also leveraging new socially-engineered hacking techniques
to drive botnet activity. Embedded videos and links in
social networking pages are becoming popular vehicles
for concealing malware. In addition to the security risks
involved, social networking applications create a severe
problem of burdening the corporate network bandwidth,
slowing Internet access for network users. Facebook is
the most accessed social network. Other social networks
visited during work hours (but at a significantly lower rates
than Facebook) include Twitter and LinkedIn. Below is an
example of a Facebook link leading to a malicious site:
Social Engineering Attacks - Case Study
Recent attacks indicate that hackers are shifting from
regular emails to social networks as their preferred malware
distribution channel. The following case is based on an actual
attack that took place in August 2012. Hackers used Twitter
and Facebook social engineering techniques to distribute
malicious content. Using a compromised Twitter account,
In July 2012, an attack on Dropbox users occurred.
Dropbox user names and passwords exposed in breaches
from another website were tested on Dropbox accounts.
The hackers used a stolen password to log into a Dropbox
employee’s account that contained a document with
users’ email addresses. Spammers spammed the contacts
on this list
22
.
This incident illustrates a frequent tactic used by
hackers. Hackers often steal user names and passwords
from sites which, at first glance, may not contain any
significant financial or personal information. Then,
they will test the stolen credentials against websites of
financial organizations, brokerage firms and apparently,
Dropbox accounts, where potentially more lucrative
information may be found.
In 2011, a bug in Dropbox’s software update made it
possible for anyone to log into any Dropbox account
as long as that person had the user’s email address.
This bug exposed shared documents and other user
information. The problem was fixed within several
hours, but it served as a warning for both users and
for corporations whose employees use file storage and
sharing applications such as Dropbox and Google
Docs, to store sensitive information appropriately
23
.
