In 2012 a massive cyber attack by a hacker named “Peace” exploited over 117 million LinkedIn users’ passwords. After the dust settled from the initial attack, new protocols were put in place and the breach was all but forgotten in the public eye, the same hacker reared their head again. Nearly five years later, “Peace” began releasing the stolen password information of the same LinkedIn users from the earlier hack.
With millions of users’ data (or billions, in the case of Facebook) floating around the web, the need for tight security from social media platforms is obvious. Facebook alone has reported receiving more than 600,000 security hack attempts each day. (Although that is nothing compared to the NSA’s 300 million attempted hacks each day!)
The wide age range and technology experience level of social media users makes security management even more complex. A social platform needs to not only combat hackers, but also has to protect users whose personal security practices might be elementary. Only 18 percent of Americans report changing their social media password regularly.
So with the constant threats of hacks coming in — from both foreign and domestic hackers — what exactly are these platforms doing to keep our information safe?
Each of the major social platforms has their own security blog that keeps users and industry infosec bloggers in the loop about new security advancements, tactics for combating fraud and the occasional public statement about hacks.
We’ve broken down the security initiatives and features to compare what LinkedIn, Twitter and Facebook security teams are doing to protect the social platforms that people use each day.
While each platform has its unique set of challenges, one of the main initiatives from each is the bug bounty program. You can read more about each platform’s policy below:
Each policy been very successful for its respective site. However, even though these safety precautions exist, there are always hackers trying to get one step ahead of the curve.
For instance, Twitter is attempting protect the safety and integrity of of their platform by reducing the number of automated bots. They publicly announced their battle in a blog post, stating “While bots can be a positive and vital tool, from customer support to public safety, we strictly prohibit the use of bots and other networks of manipulation to undermine the core functionality of our service.” However, bots are clearly still an issue, with their hands in everything from the Oscars to local elections.
It is clear the fight to protect the safety and privacy of social media is far from over, but as data security teams in companies continue to grow, learn and share knowledge, there is hope that they will remain ahead of the game.
We've been keeping the world's most valuable data out of enemy hands since 2005 with our market-leading data security platform.How it works
Rob Sobers is a software engineer specializing in web security and is the co-author of the book Learn Ruby the Hard Way.