Employees often want to visit social media sites such as Facebook on their breaks or lunch hours, or even during working hours, although many company policies prohibit such access. It can be difficult for companies to lock down such sites, however, because all too often, firms are making valuable business use of social media. These factors complicate life when malware programs such as the Ramnit worm begin to target those who log onto Facebook.
The Ramnit worm formerly concentrated on attacks against online banking institutions and the networks of corporate entities. There, it managed to defeat authentication measures that used the “two factor” approach. Now, the spread of the worm to Facebook means it has already broken the credentials of almost 50,000 users. Most were located in France and the UK, but U.S. users are not immune.
"We suspect that the attackers behind Ramnit are using the stolen credentials to log in to victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further," announced the Seculert blog earlier this month. "In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services… to gain remote access to corporate networks."
These scenarios point to a greater need for businesses to incorporate a managed program model into the various IT solutions they employ. In a managed program model, staff from an IT company visit regularly to provide services. Such staff keep abreast of malware news such as the Ramnit worm and can keep their clients well-advised about emerging threats.