Social media has become an integral part of our lives, allowing us to connect with friends, family, and colleagues. It also, however, plays a role in cyber attacks on schools, with cyber attackers using social media platforms to lure people into revealing sensitive information, such as login credentials, credit card information, and other personal data.
Social media platforms such as Facebook, Instagram, and Twitter are popular resources for attackers to use before commencing a phishing attack. One of the primary reasons for this is that users often have their profile settings configured in a way that makes it easy for attackers to gather personal information. For example, on Facebook, users can set their profiles so that anyone can search for them, see their profile, and even tag them in photos, videos, and links. This makes it easier for attackers to gather information that they can use to target individuals with phishing attacks.
Another way that social media settings can be an enabler to cyber security threats is through the tagging of external links and websites. Attackers can post links to malicious websites or resources, and then tag individuals in these posts. When the tagged individual clicks on the link, they may unknowingly download malware or other types of viruses onto their device, which can then compromise their personal data or even take control of their device. Staff in your school should be aware of these threats, making appropriate changes to the privacy settings of each of their social media accounts.
Where a device, such as a staff laptop has had a malware installed on it through a social media attack, and when that laptop is connected to the school network, the only defence your tech team will have to stop it is either the configuration of the network that limits visibility to other staff / student devices, having every computer / laptop / tablet up to date with security updates or having antivirus software that can defend against the malware. This is why it is so important for schools to invest in training, so A) School staff understand the impact of social media settings and B) that your tech team has the skills, expertise and time to configure your systems to limit the extent of an attack.
Social media settings can be an enabler to cyber security threats such as phishing and malware. It is important for social media users to review and adjust their privacy settings and to be cautious when clicking on links or downloading attachments. Schools should also invest in practical professional development (Such as 9ine's Tech Academy) for their IT teams to stay ahead of evolving cyber threats. Going further, undertaking a comprehensive systems and security audit of your IT infrastructure will reduce your cyber attack risk and streamline the implementation of cyber defences. By taking these precautions, individuals and organisations can protect themselves from the risks associated with social media and enjoy the benefits of these platforms safely.