Social media creates greater risk for security breaches

With the recent Facebook security issues, there has been discussion of how safe social media actually is. Academic researchers have suggested that one factor in the spread of misinformation is social media bots. Photo courtesy of the Associated Press.

By Raegan Turner | Staff Writer

Despite all the positive features of social media, online storage comes with risks. For example, the millions of users of sites such as Facebook, Instagram and Twitter have experienced security breaches and stolen identities.

This September, Facebook’s security was violated when access tokens were stolen. These tokens store user’s login information. The tokens were taken through a flaw in Facebook’s coding which affected a feature of the website called “View as”. The feature allows users to view their profile the way their friends, family and strangers do.

In a security update issued by Facebook three days after the site was compromised, the vice president of product management, Guy Rosen, explained the details of the cyberattack on Facebook’s site for the media.

“When the access token was generated, it was not for you but the person being looked up,” the update stated. “That access token was then available in the HTML of the page, which the attackers were able to extract and exploit to log in as another user. The attackers were then able to pivot from that access token to other accounts, performing the same actions and obtaining further access tokens.”

This breach led to the accessibility to and acquisition of almost 50 million people’s personal information. Freelance cyber security journalist Kate O’Flaherty expands on the significance of this in an article for Forbes.

“We don’t know exactly what information has been impacted — fines are applicable for sensitive and personal data such as credit card details, which Facebook initially said has not been affected. However, if attackers have accessed personal messages, all kinds of sensitive information could have been breached.” the article said.

Large-scale breaches, conducted by people, like Facebook’s aren’t the only outside sources obtaining data on those who enjoy social media. A 2017 study by the Pew Research Institute about social media introduces the concept of ‘bots’ and how they misreport everything from news to scientific data.

“Recent congressional hearings and investigations by social media sites and academic researchers have suggested that one factor in the spread of misinformation is social media bots — accounts that operate on their own, without human involvement, to post and interact with others on social media sites,” the study said.

The study also said people are unable to determine which posts were created by bots or made by actual people. More significantly, there are many Americans that are dissatisfied with this misinformation and the activity of bots is very high. Results of the study found that over 80 percent of people familiar with the existence of bots believe that some news consumed by social media users are from these entities, and almost two in10 of those people believe the news is not only mildly, but greatly, affected. On the contrary, only 11 percent of informed Americans think the bots have a primarily positive effect.

Security problems are not all like the widespread Facebook breach or misinformation spread by ‘bots’. Sometimes they are the direct consequence of social media users’ actions. The breadth of information people supply about themselves online can be dangerous, according to Matt Pirko, clinical assistant professor in Baylor’s management information systems department. He said posting everything about one’s location, activities, location, etc. may cause negative ramifications.

“What you’re doing is you’re giving someone who might want to use it (personal information) for a less than honorable purpose; you’re giving them free access to all this information about you,” Pirko said. Even if you don’t think you’re worthwhile to be targeted, they’re still able to collect, analyze and use all this information they’ve received about you.”

Pirko offers a solution to this problem: be careful what you post online.

“That’s the scary part. They can find this information and see this information without you ever knowing it. Raising self-awareness of what’s going on around you: what you’re sharing, why you’re sharing and who you’re sharing it with because once it gets into the system, it is essentially out of your control.” Pirko said.