Insights from RSA: Social Networking Security

by Johnny on April 1st, 2010 in .

As Lavasoft’s senior technologies director, I recently had the opportunity to attend the RSA conference, one of the year’s most anticipated security conferences. Among all the security talks from other experts in the field, what struck me most in terms of computer users’ security is the risks we each face due to sharing information on social networks  – whether it’s on LinkedIn, Twitter, Facebook, or the many more that are available today. We open ourselves up on these sites, leaving bits and bites of personal information accessible, not thinking of the ease of which ill-intentioned people may be able to connect the dots.

For example, researchers at RSA showed that, by cross-referencing LinkedIn connections, you can see when new partnerships are about to form by monitoring new connections, and, for people posting that they were on business trips, you can guess what company they were visiting (Check this podcast from RSA for more details.). Very handy if you are watching the stock market or need business intelligence.


By parsing Twitter accounts, you can see when people are out of town, creating awareness sites like http://pleaserobme.com/ (which has now stopped publishing information). Black market price lists are also available, showing what cyber criminals get paid for selling different kinds of credentials, often acquired from botnets, but possibly also harvested from popular networks like Facebook. Ask yourself, why do people post questionnaires like “Know yourself” on the Internet or create Facebook applications/tests for free? Are they just being nice? It’s more than likely that a lot of these people are making money from it, selling information gladly given away without a second thought.


What’s all this mean for you? The bottom line: you need to be extremely cautious about the information you share on networking sites. You may be familiar with some of the WWII propaganda, that “Loose lips sink ships.” 

Here in Sweden, we have a related saying: “En svensk tiger”, meaning “A Swede keeps silent” (“Tiger” in Sweden means both ‘tiger’ in English and ‘keeps silent’, hence where the graphic below comes from).

These types of sayings take on a new relevance in our interconnected online world – you need to keep your privacy and security in mind when you post any information about yourself online, and when in doubt, don’t make it available publically. It might not only be yourself that is compromised, you might also damage your company.