Social networking sites concern cyber-security experts

San Jose Mercury News (MCT) - Social-networking sites such as Facebook and MySpace are being targeted so often by cyber-crooks and other mischief-makers that half of the information-technology specialists surveyed recently by Intel expressed concern about workers under 30, who disproportionately use such sites.

Light your Free Virtual Prayer Candle: We will pray with you

Of the 200 corporate and government IT professionals in the United States and Canada who were surveyed, 13 percent said they regard so-called Generation Y employees as "a major security concern," and 37 percent tagged them as "somewhat of a security concern." The biggest worry they mentioned was the tendency of many Gen Yers to frequent social-networking sites like Facebook and MySpace.

Among other problems, the IT executives said employees using such sites may download viruses that wind up on their employer's computers or reveal information about themselves on the networking sites that compromises their employer's business secrets. To prevent such problems, some companies, including Intel, ban their workers' access to social networking sites.

"Their wide-ranging use of the Internet can expose the company to malicious software attacks," said Mike Ferron-Jones, who directs an Intel program that monitors new computing trends. "This is a big deal now, and it's going to get bigger as more Gen Yers come into the work force."

On the positive side, the IT executives noted that Gen Yers tend to be computer savvy and are brimming with new ideas, which are highly desirable corporate qualities.

MySpace executives didn't respond to a San Jose Mercury News request for comment on the report. But Facebook spokesman Barry Schnitt acknowledged that his site has seen increasing cyber-assaults.

"The more a site grows, the more it becomes a target of bad guys," he said. Nonetheless, he stressed that Facebook "acts aggressively and proactively to protect our users."

Among other things, Facebook does statistical analysis of how often people send messages to identify scammers targeting large numbers of its users. And while he declined to provide data on how many scams are launched against the site each year, he said "only a very small percentage of users have been impacted by security issues."

Even so, the threat posed by identity thieves, con artists and malevolent hackers is considerable and growing, other experts have concluded.

Last week, cyber-crime specialists at the security software company McAfee in Santa Clara, Calif., said they had discovered a link for a movie posted on Facebook. After the link is clicked, a so-called worm detours the user's Internet searches to certain Web-based ads, according to McAfee threat researcher Craig Shmugar.

McAfee's list of top 12 Christmas scams also warns that people on some social-networking sites have been receiving messages that say "You've got a new friend." When clicked, the message downloads software that steals their financial information.

Light Your Virtual Prayer Candle For a Loved One

Increasing numbers of employees access social-networking sites at their job or while using a personal computer linked to work. And the problems they encounter on those sites can turn into big headaches for their employers, according to experts.

In a study earlier this year, security firm Sophos said, "Organizations are facing the dual concerns of social networking Web sites causing productivity issues by distracting employees from their work" as well as viruses or other malicious computer code "being introduced to the workplace."

Sophos warned employers to be particularly wary of the common tendency of people to use the same password for every site they access. If a crook successfully guesses the person's social network password, the study said, "They may well be guessing it for the company network, too."

Users of social-networking sites tend to be unusually trusting and willing to share information, said Scott Mitic, chief executive of TrustedID in Redwood City, Calif., which offers identity-theft protection services. While they would never dream of leaving their trash cans out when going on vacation, they often seem unconcerned about revealing details of planned trips on social-networking sites.

"I can tell you right now of my friends on Facebook whose house I should be breaking into," he said. "I know who's in Russia now. I know who's on a business trip to L.A."

Because some of Intel's computer chips can block viruses and other security threats, the company may be able to use the research to promote its technology, said Ferron-Jones. But he added that Intel _ like other companies _ also benefits from its employees using sites like Facebook to confer with customers or business associates.

That poses a big dilemma for businesses grappling with the social-networking phenomenon, he said, adding: "How do you harness all of the good, but avoid the bad?"

___

© 2008, San Jose Mercury News (San Jose, Calif.).