Skip to main content

FBI Warns: Humans Are a Weak Link in Cyber Security

For those who are bored of the same old Facebook and Twitter chatter and need something briefly interesting to read, the FBI has posted a warning about the risks of social networking. Also available in PDF format, the briefing seems a little late in the game but well-intentioned nonetheless, alerting internet users to the ways of con artists, criminals, and other dishonest actors that are exploiting our favorite social hotspots.

"Humans are a weak link in cyber security, and hackers and social manipulators know this," the report states. "They try to trick people into getting past security walls. They design their actions to appear harmless and legitimate. Falling for an online scam or computer hack could be damaging for an individual victim as well as the organization the victim works for."

According to the FBI, evildoers use two tactics to exploit online social networks that are often times combined: (1) hackers writing and manipulating computer code to gain access or install unwanted software on a computer or phone; (2) social hackers (aka social engineers) manipulating people through social interactions in person, over the phone, or in writing.

"Once information is posted to a social networking site, it is no longer private," the FBI states. "The more information you post, the more vulnerable you may become. Even when using high security settings, friends or websites may inadvertently leak your information."

Predators, hackers, business competitors, and foreign state actors troll social networking sites looking for information or people to target for exploitation, the agency says. This information may be used to design a specific attack that does not come by way of the social networking site.

The FBI also defines a few terms for those unfamiliar with hacking-related tactics including baiting, click-jacking, cross-site scripting, doxing, elicitation, pharming and a few others. The term "phreaking" is described as "gaining unauthorized access to telecommunication systems." To combat this, Web surfers should not provide secure phone numbers that provide direct access to a Private Branch Exchange or through the Public Branch Exchange to the public phone network, the agency warns.

Additional education resources are also provided within the report, linking to seven websites. The agency also coughs up a long list of preventative measures that should be used at work, and another list that can be used both in and out of the work environment.

"Do not store any information you want to protect on any device that connects to the Internet," the FBI states. "Change your passwords periodically, and do not reuse old passwords.  Do not use the same password for more than one system or service.  For example, if someone obtains the password for your email, can they access your online banking information with the same password?"

To read the entire report, head here.