TTT Security Expert Wali Usmani on social insider attacks

fb twitter linkedin

Ever have your facebook account accessed by someone else? There’s a good chance it’s someone you know.

Our in-house systems engineer and security expert, Wali Usmani, has been featured on multiple media outlets this past week (including CBC Radio, The Vancouver Sun, The Province) to talk about his study on Social Insider Attacks. His thesis, “Characterising Social Insider Attacks on Facebook”, explores the circumstances surrounding facebook hijackings colloquially known as “fraping” and “face-jacking”. Some of the parameters explored include who the perpetrators are, how often it occurs, what the motivations for the attack are, what the targets are, how long the attacks last, and what allows these attacks to occur.

A Social insider attack is when someone accesses the account of someone they know without permission. The perpetrators are normally the people closest to you like partners, friends, and even family members.
Out of 1308 surveyed participants, 24% have gone through users’ facebook profiles on the user’s own account without them knowing. The 5 motivations cited for these attacks were: fun, curiosity, jealousy, animosity, and utility.

The methods can be as seemingly harmless as a sneaking a quick glance at someone’s phone while they’re in the shower, or as significant as purposely intoxicating a partner to look through their personal messages. Normally, the more personal the motivation for snooping, the longer the duration of the attack and the more it happens.

The victim can be anyone, and the perpetrator, those around them.
Wali clearly understands computer security and we are extremely lucky to have him taking an active role in securing our clients’ services.
If you’re interested in reading the actual study, the link can be found here: