Cybersecurity in Social Media: Emerging Threats and Protective Measures
by Ts. Mohd Roydean bin Osman, Vice President of Innovation & Commercialisation at Taylor’s University’s Centre for Research & Enterprise: Knowledge Transfer & Commercialisation
Social media has become an integral part of modern life, influencing how we communicate, share information, and interact with the world. Platforms like Facebook, TikTok, LinkedIn and Instagram have transformed from mere social networking sites into powerful tools for marketing, entertainment, and even political activism.
Social Media Cybersecurity Implications
However, as social media trends evolve, they bring a host of cybersecurity threats and implications:
- Data breaches occur when unauthorised individuals gain access to sensitive information. The Facebook–Cambridge Analytica data scandal, where data from millions of Facebook users was harvested without consent. Victims of identity theft may spend years recovering from the financial and emotional impact.
- Phishing attacks deceive users into providing sensitive information by posing as trusted entities. Cybercriminals often create fake LinkedIn profiles to connect with professionals and trick them into disclosing confidential data.
- Malware and ransomware can spread through social media links, attachments, or advertisements. Clicking on a malicious link in a Facebook message can install malware, potentially compromising personal data. Ransomware locks users out of their systems until a ransom is paid which can result in significant financial losses. Small businesses may be unable to recover from the financial impact of a ransomware attack.
- Account hijacking occurs when cybercriminals gain unauthorised access to user accounts. Twitter accounts of high-profile individuals have been hijacked to spread misinformation or solicit cryptocurrency donations fraudulently.
- Deepfakes use AI to create realistic but fake videos or images. These can spread misinformation, manipulate public opinion, and damage reputations. Deepfake videos of political leaders making false statements can influence public opinion and election outcomes. Additionally, a company that suffers a data breach may lose customer trust and face boycotts.
- Integration with third-party applications can expose vulnerabilities in social media platforms’ Application Programming Interface (API), leading to unauthorised access to user data and risks such as cyber espionage. An API vulnerability in Facebook exposed millions of users’ information. Non-compliance with General Data Protection Regulations can result in legal consequences and substantial fines.
Social Media Cybersecurity Strategies
To mitigate the threats mentioned, social media platforms, businesses, and users must adopt comprehensive cybersecurity strategies:
- Social media platforms require robust security measures, including encryption, regular security audits, and software updates. For example, Facebook’s end-to-end encryption for Messenger and Twitter’s strict security guidelines prevent unauthorised data access.
- In addition, AI helps detect and address cyber threats by analysing behaviour patterns to identify suspicious activities.
- Securing API integrations with third-party applications is crucial, necessitating strict security protocols. Collaboration with law enforcement and cybersecurity firms can enhance threat detection and response.
- User education is crucial in preventing phishing and social engineering attacks. Social media platforms should provide users with information on recognising and avoiding these threats. Regular security awareness campaigns can keep users informed about the latest cybersecurity risks.
As such, for students, schools and universities should incorporate cybersecurity education into their curricula. For parents who are not computer literate need accessible resources to understand the basics of cybersecurity, while for small and midsize enterprises, provided with affordable cybersecurity solutions and training can help them protect their business data. - Enhanced security for influencers and high-profile accounts, like Twitter’s verification process, is essential. Platforms should adopt privacy-first designs, emphasising data minimisation and transparency, akin to Apple’s privacy labels in the App Store.
- Strong authentication methods, such as multi-factor authentication, can prevent unauthorised access. Google’s Advanced Protection Programme offers additional security for high-risk accounts.
In overcoming these cybersecurity threats, continuous research, development, and innovation at universities are essential. Universities like MIT Computer Science & Artificial Intelligence Laboratory and Stanford’s Cyber Policy Centre lead in developing advanced security technologies, training cybersecurity experts and students through specialised programmes for careers in cybersecurity, and collaborating with industry to apply research findings practically. Interdisciplinary research at institutions like the University of Oxford further enhances cybersecurity solutions.
The future of social media, with trends such as short-form video content, AR/VR integration, social commerce, and influencer marketing, presents significant cybersecurity challenges. Addressing these threats is vital for user trust and platform integrity. Robust security measures, user authentication, education, and advanced technologies like AI can help mitigate risks. Collaboration with law enforcement, securing API integrations, and providing enhanced security for high-profile accounts are also crucial strategies.
Educating end users, including students, parents, and SMEs, about cybersecurity basics empowers them to protect their information. Continuous university-led innovation is vital for developing new security technologies, training experts, and conducting collaborative research, ensuring a safe and secure online community. Social media platforms, businesses, universities, and users must work together to navigate the evolving cybersecurity landscape to ensure a safe and secure digital environment.