SlideShare una empresa de Scribd logo

SOCIAL MEDIA AS A CYBER WEAPON

S
Sylvain Martinez

This document discusses how social media is used to gather personal data and how that data can enable cyber attacks. It notes that over 5 million records are lost or stolen daily and outlines the types of sensitive information that can be obtained from LinkedIn, Facebook, Twitter, and other online sources. The document warns that this data exposure enables personal, corporate, and marketing attacks but does not specify the nature of these threats or provide recommendations for mitigating risks.

Tecnología
1 de 17
Descargar para leer sin conexión
{elysiumsecurity} SOCIAL MEDIA AS A CYBER WEAPON Version: 1.1a Date: 25/04/2018 Author: Sylvain Martinez Reference: ESC5-MUSCL Classification: Public cyber protection & response
{elysiumsecurity} cyber protection & response 2 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT • Your Data; • Data Gathering Tools; • LinkedIn Data; • Facebook Data; • Twitter Data; • Other Data Source; • What Can you do about it? CONTENTS Public • Data Growth; • Data Leakage; • Data Control; • Cyber Attacks; • Personal Attacks; • Corporate Attacks; • Marketing Attacks;
{elysiumsecurity} cyber protection & response 3 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA GROWTH Public Statistics from Microfocus, 2017 Yesterday Tomorrow 100% 0% TIME GROWTH 3.8 Billion Internet Users 840 new Social Media users / day 455,00 Tweets / minutes 46,740 Instagram posts / minutes Facebook data per minutes: 3.5 Million Google searches / minutes 3 Million posts; 510,000 comments; 293 Statuses updates; 136,000 photos uploaded 4 Million likes;
{elysiumsecurity} cyber protection & response 4 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA LEAKAGE Public 9 7 2 7 9 6 7 9 8 8, ,, EVERY DAY 5,014,416 RECORDS EVERY HOUR 208,934 RECORDS EVERY MINUTE 3,482 RECORDS EVERY SECONDS 58 RECORDS DATA RECORDS ARE LOST OR STOLEN AT THE FOLLOWING FREQUENCY DATA RECORDS LOST OR STOLEN SINCE 2013 Source: Breach Level Index - April 2018
{elysiumsecurity} cyber protection & response 5 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA CONTROL Public Icons from the noun project otherwise specified YOUR CONTROL YOUR INFLUENCE NO CONTROL
{elysiumsecurity} cyber protection & response 6 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT YOUR DATA Public WORK FAMILY FRIENDSPERSONAL
{elysiumsecurity} cyber protection & response 7 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA GATHERING TOOLS Public
{elysiumsecurity} cyber protection & response 8 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT LINKEDIN DATA Public - What you do; - Where do you work; - Who do you know; - What you like; - What interests you; - Birthday; - Work Colleague; - Potential Friends; - Potential Family; - Work History: - Former Colleague; - Where you lived; - School History: - Where you are from; - Where you lived; - Your age; - Where to find your birth certificate - Conferences: - Where you were; - Where you will be!
{elysiumsecurity} cyber protection & response 9 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT FACEBOOK DATA Public - Friends; - Family members; - Kids name and age; - Where you live; - Date of Birth; - Place of Birth; - Romantic status; - Photos: - What you look like; - What others look like; - Other information - Names of your pets; - Favorite Colors; - What you know you like: - Music; - Films; - Books; - What you don’t know you like: - Profiling - Where you were; - Where you will be; - What you have done; - What you will be doing.
{elysiumsecurity} cyber protection & response 10 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT TWITTER DATA Public - What you do; - What you like; - What you don’t like; - What are your interests; - Who do you follow; - Who are your friends; - Who is your family; - Photos: - What you look like; - What others look like; - Other information - What are your political views; - Where you are; - Where you will be; - What you have done; - What you will be doing.
{elysiumsecurity} cyber protection & response 11 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT OTHER DATA SOURCE Public - What you bought; - What you want to buy; - What you like; - What you dislike; - Photos; - What you are listening to right now; - Where you are; - Your future DIY projects; - If you are going to have a kid: - A boy - Or a Girl!
{elysiumsecurity} cyber protection & response 12 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT CYBER ATTACKS Public
{elysiumsecurity} cyber protection & response 13 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT PERSONAL ATTACKS Public
{elysiumsecurity} cyber protection & response 14 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT CORPORATE ATTACKS Public
{elysiumsecurity} cyber protection & response 15 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT MARKETING ATTACKS Public
{elysiumsecurity} cyber protection & response 16 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT WHAT CAN YOU DO ABOUT IT? Public
{elysiumsecurity} cyber protection & response © 2018 ElysiumSecurity Ltd. All Rights Reserved www.elysiumsecurity.com ElysiumSecurity provides practical expertise to identify vulnerabilities, assess their risks and impact, remediate those risks, prepare and respond to incidents as well as raise security awareness through an organization. ElysiumSecurity provides high level expertise gathered through years of best practices experience in large international companies allowing us to provide advice best suited to your business operational model and priorities. ABOUT ELYSIUMSECURITY LTD. ElysiumSecurity provides a portfolio of Strategic and Tactical Services to help companies protect and respond against Cyber Security Threats. We differentiate ourselves by offering discreet, tailored and specialized engagements. Operating in Mauritius and in the United Kingdom, our boutique style approach means we can easily adapt to your business operational model and requirements to provide a personalized service that fits your working environment.

Recomendados

Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2
Sylvain Martinez
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
Sylvain Martinez
 
OFFENSIVE IDS
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDS
Sylvain Martinez
 
The Art of CTF
The Art of CTFThe Art of CTF
The Art of CTF
Sylvain Martinez
 
Mobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 PredictionsMobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 Predictions
Skycure
 
Netskope Overview
Netskope OverviewNetskope Overview
Netskope Overview
Netskope
 
Mobile Security Assessment
Mobile Security AssessmentMobile Security Assessment
Mobile Security Assessment
Sylvain Martinez
 
OFFICE 365 SECURITY
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITY
Sylvain Martinez
 

Recomendados

Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2
Sylvain Martinez
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
Sylvain Martinez
 
OFFENSIVE IDS
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDS
Sylvain Martinez
 
The Art of CTF
The Art of CTFThe Art of CTF
The Art of CTF
Sylvain Martinez
 
Mobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 PredictionsMobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 Predictions
Skycure
 
Netskope Overview
Netskope OverviewNetskope Overview
Netskope Overview
Netskope
 
Mobile Security Assessment
Mobile Security AssessmentMobile Security Assessment
Mobile Security Assessment
Sylvain Martinez
 
OFFICE 365 SECURITY
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITY
Sylvain Martinez
 
Intelligent Cybersecurity for the Real World
Intelligent Cybersecurity for the Real WorldIntelligent Cybersecurity for the Real World
Intelligent Cybersecurity for the Real World
NetCraftsmen
 
INCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTS
Sylvain Martinez
 
The Art and Science of Alert Triage
The Art and Science of Alert TriageThe Art and Science of Alert Triage
The Art and Science of Alert Triage
Sqrrl
 
Segurity Empower Business
Segurity Empower BusinessSegurity Empower Business
Segurity Empower Business
Nextel S.A.
 
Splunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security SessionSplunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security Session
Splunk
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
CrowdStrike
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky
 
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Cross Border Cyber Attacks: Impact on Digital SovereigntyCross Border Cyber Attacks: Impact on Digital Sovereignty
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Saumil Shah
 
Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...
Berezha Security Group
 
Preparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbookPreparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbook
NowSecure
 
VIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLESVIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLES
Sylvain Martinez
 
2015 ISA Calgary Show: IACS Cyber Incident Preparation
2015 ISA Calgary Show: IACS Cyber Incident Preparation2015 ISA Calgary Show: IACS Cyber Incident Preparation
2015 ISA Calgary Show: IACS Cyber Incident Preparation
Cimation
 
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMDEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
CrowdStrike
 
A Day in the Life of a GDPR Breach
A Day in the Life of a GDPR BreachA Day in the Life of a GDPR Breach
A Day in the Life of a GDPR Breach
Splunk
 
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - WebinarUsing Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
Splunk
 
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallGDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your Downfall
Splunk
 
The Seven Axioms of Security - ITWeb 2017
The Seven Axioms of Security - ITWeb 2017The Seven Axioms of Security - ITWeb 2017
The Seven Axioms of Security - ITWeb 2017
Saumil Shah
 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrike
CrowdStrike
 
Evolving Cybersecurity Threats
Evolving Cybersecurity Threats Evolving Cybersecurity Threats
Evolving Cybersecurity Threats
Nevada County Tech Connection
 
A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France
Splunk
 
LinkedIn to Your Network - The Social Engineering Threat
LinkedIn to Your Network - The Social Engineering ThreatLinkedIn to Your Network - The Social Engineering Threat
LinkedIn to Your Network - The Social Engineering Threat
Lancope, Inc.
 
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyPrivacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Tom Eston
 

Más contenido relacionado

La actualidad más candente

The Art and Science of Alert Triage
The Art and Science of Alert TriageThe Art and Science of Alert Triage
The Art and Science of Alert Triage
Sqrrl
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
CrowdStrike
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky
 
Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...
Berezha Security Group
 
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMDEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
CrowdStrike
 
A Day in the Life of a GDPR Breach
A Day in the Life of a GDPR BreachA Day in the Life of a GDPR Breach
A Day in the Life of a GDPR Breach
Splunk
 
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallGDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your Downfall
Splunk
 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrike
CrowdStrike
 
Evolving Cybersecurity Threats
Evolving Cybersecurity Threats Evolving Cybersecurity Threats
Evolving Cybersecurity Threats
Nevada County Tech Connection
 

La actualidad más candente (20)

Intelligent Cybersecurity for the Real World
Intelligent Cybersecurity for the Real WorldIntelligent Cybersecurity for the Real World
Intelligent Cybersecurity for the Real World
 
INCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTS
 
The Art and Science of Alert Triage
The Art and Science of Alert TriageThe Art and Science of Alert Triage
The Art and Science of Alert Triage
 
Segurity Empower Business
Segurity Empower BusinessSegurity Empower Business
Segurity Empower Business
 
Splunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security SessionSplunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security Session
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
 
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Cross Border Cyber Attacks: Impact on Digital SovereigntyCross Border Cyber Attacks: Impact on Digital Sovereignty
Cross Border Cyber Attacks: Impact on Digital Sovereignty
 
Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...
 
Preparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbookPreparing for the inevitable: The mobile incident response playbook
Preparing for the inevitable: The mobile incident response playbook
 
VIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLESVIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLES
 
2015 ISA Calgary Show: IACS Cyber Incident Preparation
2015 ISA Calgary Show: IACS Cyber Incident Preparation2015 ISA Calgary Show: IACS Cyber Incident Preparation
2015 ISA Calgary Show: IACS Cyber Incident Preparation
 
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMDEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
 
A Day in the Life of a GDPR Breach
A Day in the Life of a GDPR BreachA Day in the Life of a GDPR Breach
A Day in the Life of a GDPR Breach
 
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - WebinarUsing Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
 
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallGDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your Downfall
 
The Seven Axioms of Security - ITWeb 2017
The Seven Axioms of Security - ITWeb 2017The Seven Axioms of Security - ITWeb 2017
The Seven Axioms of Security - ITWeb 2017
 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrike
 
Evolving Cybersecurity Threats
Evolving Cybersecurity Threats Evolving Cybersecurity Threats
Evolving Cybersecurity Threats
 
A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France
 

Similar a SOCIAL MEDIA AS A CYBER WEAPON

LinkedIn to Your Network - The Social Engineering Threat
LinkedIn to Your Network - The Social Engineering ThreatLinkedIn to Your Network - The Social Engineering Threat
LinkedIn to Your Network - The Social Engineering Threat
Lancope, Inc.
 
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyPrivacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Tom Eston
 
Insight Presentation: "What Wearables Mean For Marketers"
Insight Presentation: "What Wearables Mean For Marketers"Insight Presentation: "What Wearables Mean For Marketers"
Insight Presentation: "What Wearables Mean For Marketers"
iMedia Connection
 
Your e image presentation
Your e image presentationYour e image presentation
Your e image presentation
lahill16
 
I-Spy: How Social networking is impacting claims investigations
I-Spy: How Social networking is impacting claims investigationsI-Spy: How Social networking is impacting claims investigations
I-Spy: How Social networking is impacting claims investigations
Sedgwick
 
Pod camp boston 2011 locking up yourself online
Pod camp boston 2011 locking up yourself onlinePod camp boston 2011 locking up yourself online
Pod camp boston 2011 locking up yourself online
Lane Sutton
 
Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns
CrowdStrike
 

Similar a SOCIAL MEDIA AS A CYBER WEAPON (20)

LinkedIn to Your Network - The Social Engineering Threat
LinkedIn to Your Network - The Social Engineering ThreatLinkedIn to Your Network - The Social Engineering Threat
LinkedIn to Your Network - The Social Engineering Threat
 
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyPrivacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile Technology
 
CSUN - Youth Driven Information Privacy Education Campaign
CSUN - Youth Driven Information Privacy Education CampaignCSUN - Youth Driven Information Privacy Education Campaign
CSUN - Youth Driven Information Privacy Education Campaign
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technical
 
5 BS Facts About Data Privacy Everyone Thinks Are True
5 BS Facts About Data Privacy Everyone Thinks Are True5 BS Facts About Data Privacy Everyone Thinks Are True
5 BS Facts About Data Privacy Everyone Thinks Are True
 
Protecting Yourself and Your Brand On Social Media | SPOKE Communications, LLC
Protecting Yourself and Your Brand On Social Media | SPOKE Communications, LLCProtecting Yourself and Your Brand On Social Media | SPOKE Communications, LLC
Protecting Yourself and Your Brand On Social Media | SPOKE Communications, LLC
 
Insight Presentation: "What Wearables Mean For Marketers"
Insight Presentation: "What Wearables Mean For Marketers"Insight Presentation: "What Wearables Mean For Marketers"
Insight Presentation: "What Wearables Mean For Marketers"
 
Your e image presentation
Your e image presentationYour e image presentation
Your e image presentation
 
Cyber Security for 5th and 6th Graders
Cyber Security for 5th and 6th GradersCyber Security for 5th and 6th Graders
Cyber Security for 5th and 6th Graders
 
Cyber Security for 5th and 6th Graders
Cyber Security for 5th and 6th GradersCyber Security for 5th and 6th Graders
Cyber Security for 5th and 6th Graders
 
Technology to Improve Your (Business) Life
Technology to Improve Your (Business) LifeTechnology to Improve Your (Business) Life
Technology to Improve Your (Business) Life
 
Progscon cybercrime and the developer
Progscon cybercrime and the developerProgscon cybercrime and the developer
Progscon cybercrime and the developer
 
The #BigData Dilemna
The #BigData Dilemna The #BigData Dilemna
The #BigData Dilemna
 
Big Data Analytics - The New Cold War
Big Data Analytics - The New Cold WarBig Data Analytics - The New Cold War
Big Data Analytics - The New Cold War
 
I-Spy: How Social networking is impacting claims investigations
I-Spy: How Social networking is impacting claims investigationsI-Spy: How Social networking is impacting claims investigations
I-Spy: How Social networking is impacting claims investigations
 
Pod camp boston 2011 locking up yourself online
Pod camp boston 2011 locking up yourself onlinePod camp boston 2011 locking up yourself online
Pod camp boston 2011 locking up yourself online
 
2600 v21 n3 (autumn 2004)
2600 v21 n3 (autumn 2004)2600 v21 n3 (autumn 2004)
2600 v21 n3 (autumn 2004)
 
Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns
 
Parent workshop - Social Networks
Parent workshop - Social NetworksParent workshop - Social Networks
Parent workshop - Social Networks
 
Digital Footprints Presentation
Digital Footprints PresentationDigital Footprints Presentation
Digital Footprints Presentation
 

Más de Sylvain Martinez

Más de Sylvain Martinez (19)

PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITY
 
INTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHYINTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHY
 
INCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONINCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATION
 
DATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEWDATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEW
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW
 
PHISHING PROTECTION
PHISHING PROTECTIONPHISHING PROTECTION
PHISHING PROTECTION
 
INCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEWINCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEW
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
ARE YOU RED TEAM READY?
ARE YOU RED TEAM READY?ARE YOU RED TEAM READY?
ARE YOU RED TEAM READY?
 
GDPR SECURITY ISSUES
GDPR SECURITY ISSUESGDPR SECURITY ISSUES
GDPR SECURITY ISSUES
 
Risk on Crypto Currencies
Risk on Crypto CurrenciesRisk on Crypto Currencies
Risk on Crypto Currencies
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
 
Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
INCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONSINCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONS
 
Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2
 
Talk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2b
 
Talk1 muscl club_v1_2
Talk1 muscl club_v1_2Talk1 muscl club_v1_2
Talk1 muscl club_v1_2
 
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolOpen Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
 

Último

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Último (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

SOCIAL MEDIA AS A CYBER WEAPON

  • 1. {elysiumsecurity} SOCIAL MEDIA AS A CYBER WEAPON Version: 1.1a Date: 25/04/2018 Author: Sylvain Martinez Reference: ESC5-MUSCL Classification: Public cyber protection & response
  • 2. {elysiumsecurity} cyber protection & response 2 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT • Your Data; • Data Gathering Tools; • LinkedIn Data; • Facebook Data; • Twitter Data; • Other Data Source; • What Can you do about it? CONTENTS Public • Data Growth; • Data Leakage; • Data Control; • Cyber Attacks; • Personal Attacks; • Corporate Attacks; • Marketing Attacks;
  • 3. {elysiumsecurity} cyber protection & response 3 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA GROWTH Public Statistics from Microfocus, 2017 Yesterday Tomorrow 100% 0% TIME GROWTH 3.8 Billion Internet Users 840 new Social Media users / day 455,00 Tweets / minutes 46,740 Instagram posts / minutes Facebook data per minutes: 3.5 Million Google searches / minutes 3 Million posts; 510,000 comments; 293 Statuses updates; 136,000 photos uploaded 4 Million likes;
  • 4. {elysiumsecurity} cyber protection & response 4 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA LEAKAGE Public 9 7 2 7 9 6 7 9 8 8, ,, EVERY DAY 5,014,416 RECORDS EVERY HOUR 208,934 RECORDS EVERY MINUTE 3,482 RECORDS EVERY SECONDS 58 RECORDS DATA RECORDS ARE LOST OR STOLEN AT THE FOLLOWING FREQUENCY DATA RECORDS LOST OR STOLEN SINCE 2013 Source: Breach Level Index - April 2018
  • 5. {elysiumsecurity} cyber protection & response 5 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA CONTROL Public Icons from the noun project otherwise specified YOUR CONTROL YOUR INFLUENCE NO CONTROL
  • 6. {elysiumsecurity} cyber protection & response 6 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT YOUR DATA Public WORK FAMILY FRIENDSPERSONAL
  • 7. {elysiumsecurity} cyber protection & response 7 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT DATA GATHERING TOOLS Public
  • 8. {elysiumsecurity} cyber protection & response 8 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT LINKEDIN DATA Public - What you do; - Where do you work; - Who do you know; - What you like; - What interests you; - Birthday; - Work Colleague; - Potential Friends; - Potential Family; - Work History: - Former Colleague; - Where you lived; - School History: - Where you are from; - Where you lived; - Your age; - Where to find your birth certificate - Conferences: - Where you were; - Where you will be!
  • 9. {elysiumsecurity} cyber protection & response 9 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT FACEBOOK DATA Public - Friends; - Family members; - Kids name and age; - Where you live; - Date of Birth; - Place of Birth; - Romantic status; - Photos: - What you look like; - What others look like; - Other information - Names of your pets; - Favorite Colors; - What you know you like: - Music; - Films; - Books; - What you don’t know you like: - Profiling - Where you were; - Where you will be; - What you have done; - What you will be doing.
  • 10. {elysiumsecurity} cyber protection & response 10 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT TWITTER DATA Public - What you do; - What you like; - What you don’t like; - What are your interests; - Who do you follow; - Who are your friends; - Who is your family; - Photos: - What you look like; - What others look like; - Other information - What are your political views; - Where you are; - Where you will be; - What you have done; - What you will be doing.
  • 11. {elysiumsecurity} cyber protection & response 11 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT OTHER DATA SOURCE Public - What you bought; - What you want to buy; - What you like; - What you dislike; - Photos; - What you are listening to right now; - Where you are; - Your future DIY projects; - If you are going to have a kid: - A boy - Or a Girl!
  • 12. {elysiumsecurity} cyber protection & response 12 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT CYBER ATTACKS Public
  • 13. {elysiumsecurity} cyber protection & response 13 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT PERSONAL ATTACKS Public
  • 14. {elysiumsecurity} cyber protection & response 14 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT CORPORATE ATTACKS Public
  • 15. {elysiumsecurity} cyber protection & response 15 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT MARKETING ATTACKS Public
  • 16. {elysiumsecurity} cyber protection & response 16 REMEDIATIONDATA EXPLOITDATA GATHERINGCONTEXT WHAT CAN YOU DO ABOUT IT? Public
  • 17. {elysiumsecurity} cyber protection & response © 2018 ElysiumSecurity Ltd. All Rights Reserved www.elysiumsecurity.com ElysiumSecurity provides practical expertise to identify vulnerabilities, assess their risks and impact, remediate those risks, prepare and respond to incidents as well as raise security awareness through an organization. ElysiumSecurity provides high level expertise gathered through years of best practices experience in large international companies allowing us to provide advice best suited to your business operational model and priorities. ABOUT ELYSIUMSECURITY LTD. ElysiumSecurity provides a portfolio of Strategic and Tactical Services to help companies protect and respond against Cyber Security Threats. We differentiate ourselves by offering discreet, tailored and specialized engagements. Operating in Mauritius and in the United Kingdom, our boutique style approach means we can easily adapt to your business operational model and requirements to provide a personalized service that fits your working environment.