Yosef Lehrman received his Masters of Science in Internet Technology/ Information Security from Pace University. He is also Microsoft-Certified (MCSA) and the holder of vendor neutral security certifications. Yosef currently works for the NYPD in the identity and access management areas. In addition to these technologies, he also supports Active Directory, Active Directory Certificate Services (ADCS) and related technologies. He can be reached at firstname.lastname@example.org for questions or comments.
Corporate security, Counterintelligence, Security management, Security policy, Sociocultural dynamics in security, Threat assessment
The relatively rapid rise in popularity of social networking services is now well known. MySpace, Twitter, and Facebook have become well known sites and terms. According to the Web traffic tracking site Alexa.com, as of December 2009, Facebook had 350 million registered users, MySpace just under 475 million, and Twitter 44.5 million. Many people think very little of posting prodigious amounts of personal information on social networking sites, not realizing that this information puts them at risk. Specifically, those in the law enforcement and military communities may not realize that information posted on these sites can compromise operational security and potentially endanger lives. In July 2009, the Associated Press ran a story which was picked up by most major news outlets in the USA, in which it was reported that the wife of the incoming head of Britain’s MI6 intelligence agency had posted pictures and family details on her Facebook page. Astonishingly, there were those that argued that this was not a security breach! Although it is true that, in general, photos of a vacationing family would not be considered sensitive, when you consider that the family taking the vacation includes the head of the British foreign intelligence service, it is easy to see how this kind of exposure could open the door to potential blackmail.We are all too aware of the possibility of terrorist “sleeper cells” living among typical American families under false identities. It is vital to understand how these individuals melt into the crowd, hiding their true identities while they hatch their nefarious plots. Recent events in Denver and New York City only serve to underscore the urgency of this need. This article will examine social networking in the context of social engineering. There are no easy or fast solutions to this problem, and this paper does not pretend to propose any. Rather, it is the purpose of this paper to enhance understanding of this very critical issue, and perhaps assist organizations and security professionals in developing policies and training which will mitigate this risk.
Lehrman, Yosef. “The Weakest Link: The Risks Associated with Social Networking Websites.” Journal of Strategic Security 3, no. 2 (2010): 63-72.