By Senior Security Research Analyst Kenneth Geers
“She loves me, she loves me not…”
Normally, it takes many petals – and sometimes many flowers – to answer this question. Children play truth or dare. Cops use a polygraph. Spies undergo “source validation”. Long ago, however, Aristotle warned that a good speaker can manipulate the emotions – and convictions – of any audience.
The age-old challenge of deciding whom to trust is even harder in the Internet era, where there is a paradox: humans are physically more distant from one another – as we retreat to a quiet place with our laptop, tablet or smart phone – but we are pouring our hearts, minds and souls into cyberspace.
The latest Pew Research Social Networking Fact Sheet (Jan 2014) says that 74% of online adults use social media, 40% of cell phone owners use social media on their phones, and 46% of all social media users post original content in the form of photos or videos. These numbers will only increase in the future, as Internet devices shrink in size and grow in mobility. Eventually, they will be invisible to the naked eye, and we will always be connected to the Net.
What has this virtual revolution done to integrity, credibility and interpersonal trust? Facebook users in particular describe their online relationships as “close” and “trusting”. The interactive – and often intimate – nature of social media, however, carries an element of risk, on a personal and a professional level. The unfortunate fact is that cyber criminals use the relative anonymity of Internet communications to facilitate every kind of vice, from fraud to murder.
In cyberspace, it is hard to separate the sheep from the goats. If I want to know more about Vladimir Putin, should I follow @VladimirPutin or just @Putin? In fact, neither account belongs to the President of Russia. The real #Putin is @PutinRF, who currently has 887K followers. @BarackObama has 52.5M followers, but he cheats – Obama follows 646K accounts, most of whose posts he will never read. Hilariously, the real Putin only follows one other person: himself. That is even fewer than the official Twitter account of North Korea (@uriminzok), which only follows three, one of which is a 27-year old Coldplay fan from Texas.
The increasing physical distance between humans makes it easier for us to deceive one another. It is much easier to tell a lie when you do not have to look someone in the eye. Human intelligence is more art than science. In the Bond film For Your Eyes Only, Countess Lisl von Schlaf says, over a glass of champagne, “Oops! Me nightie’s slipping,” to which James replies, “So’s your accent, Countess. Manchester?” She confesses: “Close. Liverpool.”
But this kind of cross-examination is harder to do with an ISP in Houston standing in the way. And as the recent cyber attack on Sony demonstrates, it is even possible for serious criminals – with the world’s top intelligence agencies looking for them – to remain anonymous, perhaps forever.
These technical difficulties are compounded by time and resource limitations. All of us are swimming in a sea of dynamic, digital data, and the pressure is always on. Could this online match be my one, true love? Does Cyber Monday end at midnight? Did my favorite politician just become my least favorite, or was that just Photoshop playing tricks on me?
To answer life’s greatest questions, boffins have their scientific method: hypotheses, predictions, experiments, observations, evidence, measurement, publication and citation impact. But in the real world – including the day-to-day affairs of government, business and love – it is often subjectivity over objectivity, animal instinct over cold calculation.
ZeroFOX social media risk management cannot see into the human heart, but it can help you and your organization to evaluate the authenticity and reliability of information in the social media space, including suspicious profiles, images, links and more. No social media security strategy is perfect, but you owe it to yourself – and to Aristotle – to be wary.