11 August 2008

Worms, Trojans and Malwares: A Bad Case of Indigestion

Sophos has recently reported that Facebook is under attack by a new malware which targets the all famous Facebook 'Wall.' The post by the hacker (who impersonates a friend of a friend) on the 'Wall' invites Facebook users to click on a link. This leads the user to a webpage which appears to be hosted by Google. In reality, the user is directed to a downloaded trojan.

The head of security at Facebook, Max Kelly, has re-assured users that the company is currently working on a fix for this worm. He goes, as far as saying that the company has 'identified and blocked the ability to link to the malicious websites from anywhere on Facebook.' However, he does not explain how this has been achieved.

Without further explanation, it is difficult to understand how the malware will be effectively blocked. In particular, given that the malware can navigate Facebook in the same way as the user can, detection is very much a tricky business, even for security experts. Currently, Facebook does a number of things to protect its users. Most of its measures are reactive (educating users by posting security notices) and part of the solution could be a more pro-active stance.

Jennifer Legio has made a number of sensible suggestions on how users can be educated to prevent such situations from arising. Some of her suggestions include using instances of compromise of the network as an opportunity to educate users effectively and developing “Secure Social Network Consortium” to increase user awareness.

Increasing user awareness is no doubt a good move but it will not completely answer the issue of hacking on social networks. The response to this should be an organic one: educational, technological and also, perhaps more importantly, regulatory (identification of the hackers, sanctions against the hackers). Effective sanctions include withdrawal of access to internet, withdrawal of access to social networking sites and a strike system (e.g. one strike you are included on a list available to similar websites, two strikes you are out). It will be interesting to see whether the response in this case will be solely technological or a more organic one.

No comments: