Social media plays a vital role in an enterprise’s marketing strategy, helping to build brand awareness, provide real-time customer support and launch new products faster than ever before. Social media has also emerged as a critical tool for governments – from individual politicians and elected officials to official accounts of government agencies and organizations – to communicate with citizens. Yet, while social media allows for the rapid dissemination of information, it has a dark side — which makes strong social media security a neccessity.
Examples and consequences of social media security breaches
Using methods such as dictionary attacks, social engineering and phishing, motivated cyber attackers target and steal social media account credentials, using them to hijack corporate and government accounts. Such account takeovers can lead to the unauthorized publishing of malicious content, confidential information and personal data. Social media attacks can lead to reputational damage, compliance violations, identity theft, loss of customer trust and significant financial implications.
For example, in 2018, residents of Hawaii and Japan received a frightening alert indicating that a ballistic missile was heading to the islands and warning people to take shelter. It look 38 minutes for the false alarm to be retracted, during which time residents took to social networks – particularly Twitter – in a panic about their personal safety. A year prior, amidst diplomatic controversy between Turkey, Germany and the Netherlands, a common Twitter tool enabled cyber attackers to hijack many high-profile organization and individual user accounts and tweet offensive propaganda from them. Previously, a group of hackers hijacked the Twitter and YouTube accounts of the US military’s Central Command and posted a series of threatening messages, propaganda videos and military documents. Around the same time, a single unauthorized tweet on the Associated Press’ Twitter account (which has more than 13 million followers) caused the stock market to plummet by $136.5 billion within minutes.
These examples provide a glimpse of how, without effective social media security, external cyber attackers can use social media accounts to spread chaos. But, significant damage can also come from insider threats –people who have, or once had, authorized access to an organization’s social media accounts. This happened to a UK-based music and film retailer. After a large layoff, an ex-employee (and former corporate social media manager) commandeered the company’s Twitter account and posted a defamatory tweet before her social media credentials were revoked.
The overlooked threat: Shared privileged accounts for social media platforms
A typical enterprise organization has multiple (sometimes hundreds of) corporate social media accounts –Twitter, Facebook, Instagram, YouTube, LinkedIn and other outlets, each with their own unique accounts for different product lines, languages, countries and stakeholders. Typically, multiple people manage and access each of these accounts on a regular basis.
To simplify workflows across channels, users, office locations and time zones, these social media accounts are typically set up as shared privileged accounts. Passwords are often shared across teams and even third-party contractors, and are rarely (if ever) changed, making them easy targets for external attackers and malicious insiders.
Since social media credentials are typically deemed “low risk” because they don’t enable access to sensitive financial or customer data, security is typically lax, with no record or accountability for who is responsible for each post. Worse still, many companies have no idea who actually has access to their social media accounts and passwords at any given moment.
Six ways to mitigate the risk of social media cyber attacks with privileged access management
To properly secure and protect social media accounts from security threats and cyber attacks, they should be viewed as privileged accounts and best practices for privileged access management must be implemented to mitigate the risk of compromise. These include:
- Securely store credentials. Improve social media security by protecting social media account credentials from account takeovers by storing passwords in a centralized, secure digital vault. This reduces the ability of an attacker or malicious insider to take control over the social media accounts.
- Enable transparent access. Allow authorized users to connect directly to various social media platforms, enabling them to authenticate to accounts without knowing the actual passwords. This makes it difficult for attackers to discover and steal privileged credentials while balancing security and operational requirements.
- Eliminate shared credentials. Storing passwords in a digital vault requires users to login individually for access, eliminating the accountability challenges of shared credentials. Additionally, creating policy around which users can access which social media accounts mitigates the risk of credential-based cyber attacks.
- Automate and enforce password changes. Ensure that each password is changed on a regular basis (as frequently as every use). This reduces the chance of an outsider stealing and using a valid credential to wreak havoc.
- Trace account activity. Create a record of activity on social media accounts to trace all posts directly back to individual authorized users. This helps identify weak areas of security as well as rogue employees who may be posting damaging content. Furthermore, recording social media account sessions provides further proof for an audit trail of exactly who did what within each individual account.
- Assign risk scoring to sessions. Pre-defining high-risk activities within social media sessions enables automated alerting of security operations teams so that they can quickly assess the situation and take necessary action. This also helps prioritize the audit and review of social media sessions based on risk.
The threat to social media is very real and the risks are increasing. It’s time to protect your social media accounts from takeovers. The CyberArk Privileged Access Security Solution can play a critical role in protecting access to social media networks, preventing embarrassing incidents and stopping cyber attacks before irreversible damage can be done to your business. Learn more by downloading our solution brief.