Information leakage through online social networking: Opening the doorway for advanced persistence threats
The explosion of online social networking (OSN) in recent years has caused damages to organisations due to leakage of information by their employees. Employees’ social networking behaviour, whether accidental or intentional, provides an opportunity for advanced persistent threats (APT) attackers to...
| Main Authors: | , , |
|---|---|
| Format: | Proceeding Paper |
| Language: | English |
| Published: |
2010
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/32462/ http://irep.iium.edu.my/32462/1/secau_2010_proceeding_-_my_paper_p70-80.pdf |
| _version_ | 1848780565507997696 |
|---|---|
| author | Abdul Molok , Nurul Nuha Chang, Shanton Ahmad, Atif |
| author_facet | Abdul Molok , Nurul Nuha Chang, Shanton Ahmad, Atif |
| author_sort | Abdul Molok , Nurul Nuha |
| building | IIUM Repository |
| collection | Online Access |
| description | The explosion of online social networking (OSN) in recent years has caused damages to organisations due to leakage of information by their employees. Employees’ social networking behaviour, whether accidental or intentional, provides an opportunity for advanced persistent threats (APT) attackers to realise their social engineering techniques and undetectable zero-day exploits. APT attackers use a spear-phishing method that targeted on key employees of victim organisations through social media in order to conduct reconnaissance and theft of confidential proprietary information. This conceptual paper posits OSN as the most challenging channel of information leakage and provides an explanation about the underlying factors of
employees leaking information via this channel through a theoretical lens from information systems. It also describes how OSN becomes an attack vector of APT owing to employees’ social networking behaviour, and finally, recommends security education, training and awareness (SETA) for organisations to combat these threats. |
| first_indexed | 2025-11-14T15:35:41Z |
| format | Proceeding Paper |
| id | iium-32462 |
| institution | International Islamic University Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-14T15:35:41Z |
| publishDate | 2010 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | iium-324622013-10-29T07:13:00Z http://irep.iium.edu.my/32462/ Information leakage through online social networking: Opening the doorway for advanced persistence threats Abdul Molok , Nurul Nuha Chang, Shanton Ahmad, Atif H61.8 Communication of information T58.6 Management information systems The explosion of online social networking (OSN) in recent years has caused damages to organisations due to leakage of information by their employees. Employees’ social networking behaviour, whether accidental or intentional, provides an opportunity for advanced persistent threats (APT) attackers to realise their social engineering techniques and undetectable zero-day exploits. APT attackers use a spear-phishing method that targeted on key employees of victim organisations through social media in order to conduct reconnaissance and theft of confidential proprietary information. This conceptual paper posits OSN as the most challenging channel of information leakage and provides an explanation about the underlying factors of employees leaking information via this channel through a theoretical lens from information systems. It also describes how OSN becomes an attack vector of APT owing to employees’ social networking behaviour, and finally, recommends security education, training and awareness (SETA) for organisations to combat these threats. 2010-11-30 Proceeding Paper PeerReviewed application/pdf en http://irep.iium.edu.my/32462/1/secau_2010_proceeding_-_my_paper_p70-80.pdf Abdul Molok , Nurul Nuha and Chang, Shanton and Ahmad, Atif (2010) Information leakage through online social networking: Opening the doorway for advanced persistence threats. In: Australian Information Security Management Conference, 30 Nov - 2 Dec 2010, Perth, Western Australia. http://ro.ecu.edu.au/ism/93/ |
| spellingShingle | H61.8 Communication of information T58.6 Management information systems Abdul Molok , Nurul Nuha Chang, Shanton Ahmad, Atif Information leakage through online social networking: Opening the doorway for advanced persistence threats |
| title | Information leakage through online social networking: Opening the doorway for advanced persistence threats |
| title_full | Information leakage through online social networking: Opening the doorway for advanced persistence threats |
| title_fullStr | Information leakage through online social networking: Opening the doorway for advanced persistence threats |
| title_full_unstemmed | Information leakage through online social networking: Opening the doorway for advanced persistence threats |
| title_short | Information leakage through online social networking: Opening the doorway for advanced persistence threats |
| title_sort | information leakage through online social networking: opening the doorway for advanced persistence threats |
| topic | H61.8 Communication of information T58.6 Management information systems |
| url | http://irep.iium.edu.my/32462/ http://irep.iium.edu.my/32462/ http://irep.iium.edu.my/32462/1/secau_2010_proceeding_-_my_paper_p70-80.pdf |