CONTACT US: Contact info
|
Citation |
Johnson CW. Ergonomics 2014; 57(3): 419-433. |
|
Affiliation |
School of Computing Science, University of Glasgow , Glasgow , G12 8RZ , UK. |
|
Copyright |
(Copyright © 2014, Informa - Taylor and Francis Group) |
|
DOI |
|
PMID |
23826703 |
|
Abstract |
We identify four roles that social networking plays in the 'attribution problem', which obscures whether or not cyber-attacks were state-sponsored. First, social networks motivate individuals to participate in Distributed Denial of Service attacks by providing malware and identifying potential targets. Second, attackers use an individual's social network to focus attacks, through spear phishing. Recipients are more likely to open infected attachments when they come from a trusted source. Third, social networking infrastructures create disposable architectures to coordinate attacks through command and control servers. The ubiquitous nature of these architectures makes it difficult to determine who owns and operates the servers. Finally, governments recruit anti-social criminal networks to launch attacks on third-party infrastructures using botnets. The closing sections identify a roadmap to increase resilience against the 'dark side' of social networking. Practitioner Summary: This paper provides readers with an overview of state-sponsored cyber-attacks. I show how many of these threats have exploited social networks and social media. The aim was to alert practitioners to the dark side of computing, where attackers learn to exploit new interaction techniques and new forms of working. Language: en |