Cyber attacks that use social media sites

Tuesday - 8/9/2011, 8:03pm EDT

FED_TECH_TALK_08-09-2011.mp3

Download mp3

August 9, 2011 -- Making certain your agency is secure is like a never-ending game of Wack-A-Mole.

Just when you think you have your system locked down with firewalls and endpoint security, you realize that your staff may be vulnerable to attacks using social media.

Today's interview is with two security experts from Cyveillance.

Dr. Terry Gudaitis has a PhD. in Behavioral Psychology and has spent a decade working with a federal security organization.

As Director of Cyber Security for Cyveillance, she shares many of her experiences with social networking attacks.

During the interview, she recounts how many federal employees put their security clearances on Facebook.

Many listeners may not realize that a determined attacker can profile a high level federal executive by combining social networking sites like LinkedIN, Facebook, Twitter, and FourSquare.

Dr. Guiditas details how spear phishing attacks use this personal information.

Manoj Srivastava, is the CTO at Cyveillance. In addition to his technical prowess, he contributes to a popular blog and has authored a white paper on security that is available on the Cyveillance web site.

Srivastava gives specific best practices that federal IT professionals can use to reduce the risk of colleagues becoming targets to spear phishing attacks.