Social networking attacks need social solutions

Hackers are increasingly concentrating on attacks using social networking sites and techniques, and the industry needs to respond in kind, according to Cisco.

Tom Gillis, vice president and general manager of Cisco's security division, said at the DEMO 2011 conference that a recent attack on his company showed how social techniques are being used to get around security systems.

Gillis explained that Cisco tried using an image captcha to defeat automated Koobface attacks. This worked for 48 hours until the attackers set up a network of contractors who inputted the captcha data in exchange for electronic currency.

The attackers then set up a script to run on infected machines requiring the user to input captcha details or face a system reboot.

Cisco is also seeing a much higher number of targeted attacks against its employees and customers, using high-quality faked LinkedIn pages to gather data on key staff. These targeted attacks have much higher success rates than general malware spam.

"2010 was the first year that spam volumes went down. Spam went from spray and pray, with up to two billion emails being sent out on a campaign, to something much more targeted. You can get very high response rates to a legitimate-seeming profile," said Gillis.

Cisco is responding with similar tactics by crowdsourcing threat research. As more Cisco devices report suspicious activity the company can analyse patterns of traffic and use them to shut down malware command-and-control servers.

"You have to fight social with social," Gillis said.