It has been reported that a loophole in Facebook’s privacy system could allow hackers access to personal data using an algorithm. A hacker could access names, telephone numbers, images and location data in bulk from the social network using only a mobile phone number. Philip Lieberman, CEO of Lieberman Software, analyses the extent of the problem and how users can protect themselves.
Philip Lieberman, CEO of Lieberman Software :
“Given that Facebook is a public facing social network, the ability to farm their public users’ information has always been the case. In fact, many sophisticated spear phishing attacks are based on public information found on Facebook and other social networks.
There is data throttling in the Facebook API that limits the rate and amount of data that can be brought back. Large or bulk exports are flagged at Facebook for human review. As a developer, we are familiar with these limits.
The best protection from these types of attacks is to not publish anything that you don’t want used to attack you. Don’t depend on the feature to limit access to your data to only your “friends” since your friends will probably get compromised and your private information will be available to the attacker. Assume that everything you post online will be available to the worst possible entities to cause you maximum grief. Discretion and an awareness of Too Much Information (TMI), especially that data which might lead to a compromise of your credit or lead to identity theft, should never be posted online.
Do not assume that any supplier or social network can protect what you post. Assume it will always be compromised and act accordingly.”[su_box title=”About Lieberman Software” style=”noise” box_color=”#336588″]Lieberman Software proactively stops cyber attacks that bypass conventional enterprise defenses and penetrate the network perimeter. The company provides award-winning privilege management and security management products to more than 1,400 customers worldwide, including nearly half of the US Fortune 50. By automatically securing privileged access – both on-premises and in the cloud – Lieberman Software controls access to systems with sensitive data, and defends against malicious insiders, zero day attacks and other advanced cyber threats. Lieberman Software is headquartered in Los Angeles, CA, with offices and channel partners located around the world.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.