Tuesday, January 17, 2012

Internet Worm Exploits Social Networks

Due to the efforts of the Facebook security team, the identity of the group that released the Koobface worm has been revealed. Unlike more “traditional” worms, which are commonly spread via email or reside in suspect websites, Koobface exploited the structure of social networks by being initiated through links on Facebook. According to The New York Times, “[t]he group cleverly harnessed the infrastructures of powerful online services – from Facebook and Twitter to Google’s search engine and Blogger – to do the heavy lifting, and may have run its enterprise with just a few computers.” Due to the high degree of traffic on these sites, Koobface was able to attract a large a number of victims. Because the web graph is known to have a giant connected component, the malicious services were made readily available, especially since these popular websites tend to be hotbeds of clustering, with high degrees that greatly facilitate the speedy and efficient traversal of the web graph.

However, Facebook hopes to similarly harness the power of the web graph against the gang of cybercriminals by releasing their personal information, who until recently have been active on vkontakte.ru (Russia’s Facebook), Twitter, and Foursquare. Perhaps, this modern attempt at ostracizing would prompt the vast online community to take action. And perhaps, enough community backlash and outrage would be able to provoke some sort of retribution, whether through legal measures or otherwise. Indeed, there have been many instances where the collective action of the online community have had an enormous impact (the voting of moot as TIME magazine’s the world’s most influential person comes readily to mind). Thus, despite Russian law enforcement’s apparent apathy of apprehending cybercriminals, justice may still be served just by simply unmasking the perpetrators and making the information readily available on the web.

Symantec estimates that cybercrime revenues are about $114 billion annually worldwide. Koobface’s earnings are much more moderate, totaling an estimated $2 million a year for the past three and a half years. However, the group has refused to exploit credit card or banking information, and their means of deploying the worm have been less “ruthless” than other groups, relying on user action to install the malicious programs rather than having it install automatically. In this sense, the worm has not been at all revolutionary; however, the exploitation of social networks as a vector for facilitating the worm’s propagation is indeed something new. Given the popularity of such sites and the ease at which information is spread through them, cyber security is something that online social networks should keep in mind.


1 comment:

  1. I think the subject of this post, and also that of SOPA/PIPA raises a much larger question - is it possible to have a global/international cyber-justice system and cyber-police to enforce it? If yes, should time and money go into creating one? The need for such an agency to be global is obvious. The possibility for international cooperation on such an issue may sound laughable at present, but high-impact cyber-crimes have been few and infrequent so far. Given the potential of the Internet, it doesn't seem too unrealistic to expect a "Big One" in the near future!