Social Networking Attacks: Be Afraid, Be Very Afraid? - Technologist
Technologist - The FindLaw Legal Technology Blog

Social Networking Attacks: Be Afraid, Be Very Afraid?

FindLaw columnist Eric Sinrod writes regularly in this section on legal developments surrounding technology and the internet.

Social networking, via sites like Facebook and Twitter, is the current big thing.  Indeed, the popularity of such sites has caused nouns like the word "friend" to become verbs in the new social networking vocabulary. But is all well and good in the social networking universe?  Not necessarily, according to the latest Security Labs Report by M86 Security, a provider of Web and messaging products. Social networking attacks have become more common. 

The report reveals a recent increase in attacks through social networking sites due to a use of abbreviated URLs.  These shortened URLs apparently have emerged as a deployment choice of attackers because they facilitate the obscuring of malicious links and they take advantage of the trust of end users as a result of social engineering.

The overall results of the recent Security Labs Report are sobering.  Spam in 2009 increased to in excess of 200 billion messages daily, translating to between 80-90% of inbound email sent to organizations, with malware spiking in the second half of the year to 3 billion per day, in comparison to 600 million daily in the first half of 2009.

The greatest majority of spam currently is deployed via botnets hidden on infected computers.  The report indicates that 78% of spam in the second half of 2009 was spawned by the five leading botnets, like Rustock and Pushdo.

Not to worry, social networking, and Internet communications in general are not going to go the way of the dinosaurs because of these recent attacks.  However, there will be some disruptions along the way, and for some, real harm will be caused. 

Technical measures should be taken to protect against attacks where feasible, and when harm is caused, there is potential legal recourse.

Eric Sinrod is a partner in the San Francisco office of Duane Morris LLP (http://www.duanemorris.com) where he focuses on litigation matters of various types, including information technology and intellectual property disputes.  His Web site is http://www.sinrodlaw.com and he can be reached at ejsinrod@duanemorris.com.  To receive a weekly email link to Mr. Sinrod's columns, please send an email to him with Subscribe in the Subject line.
This column is prepared and published for informational purposes only and should not be construed as legal advice.  The views expressed in this column are those of the author and do not necessarily reflect the views of the author's law firm or its individual partners.

Related Resources: