Social media users’ concerns about their privacy have spiked in recent years. Incidents of data breaches have alarmed many users and forced them to rethink their relationships to social media and the security of their personal information. The dramatic story of the consulting agency Cambridge Analytica is a case in point. The firm exploited the private information of over 50 million Facebook users to influence the 2016 American presidential election. This example and others have steadily deteriorated public trust and resulted in many users wondering if they have lost control over their own data. According to a study conducted by the Pew Trust, 80 percent of social media users report being concerned about businesses and advertisers accessing and using their social media posts. These growing privacy concerns have prompted advocacy for tighter regulations. In addition, they have placed companies responsible for safeguarding personal data under greater scrutiny.
Given today’s social media privacy issues and concerns, skilled cybersecurity professionals will play a vital role in protecting social media users’ data and personal information. Those interested in gaining the expertise needed to launch a career in cybersecurity would do well to consider earning an advanced degree in cybersecurity management.
Understanding Social Media Privacy Issues
What are social media users worried about? Are their concerns justified? Typically, these concerns stem from the ubiquitous presence of social media in people’s lives. Forty-five percent of the world’s population uses social networks. That means a staggering 3.48 billion people connect to some form of social media, according to data collected by Hootesuite. These connections can leave users vulnerable in several ways. When personal information falls into the wrong hands, the consequences can be damaging. According to the Pew Trust, 13 percent of Americans have had their social media accounts taken over by an unauthorized user. Such hacks can result in stolen information and forced shares that redirect followers to malware, among other things. In general, social media platforms, which collect and store huge amounts of personal information with limited governmental oversight, serve as attractive targets for bad actors seeking to use that data to perpetrate fraud and theft.
Another rising concern, exacerbated by Cambridge Analytica’s breach of Facebook data, centers on how bad actors access private data from social media platforms and elsewhere and use it to manipulate opinions for the benefit of a few. For example, the Russian operation Internet Research Agency is accused of interfering in the U.S. presidential election of 2016 by using social media to spread disinformation that stirred up conflict and distrust.
Threats to Privacy on Social Media
Criminals are adept at tricking social media users into handing over sensitive information, stealing personal data, and gaining access to accounts users consider private. Following are typical social media threats.
Everyone leaves a data trail behind on the internet. Every time someone creates a new social media account, they provide personal information that can include their name, birthdate, geographic location, and personal interests. In addition, companies collect data on user behaviors: when, where, and how users interact with their platform. All of this data is stored and leveraged by companies to better target advertising to their users. Sometimes, companies share users’ data with third-party entities, often without users’ knowledge or consent.
Phishing is one of the most common ways criminals attempt to gain access to sensitive personal information. Often in the form of an email, a text message, or a phone call, a phishing attack presents itself as a message from a legitimate organization. These messages trick people into sharing sensitive data, including passwords, banking information, or credit card details. Phishing attacks often pose as social media platforms. In August 2019, a massive phishing campaign targeted Instagram users by posing as a two-factor authentication system, prompting users to log in to a false Instagram page.
Malware (malicious software) is designed to gain access to computers and the data they contain. Once malware has infiltrated a user’s computer, it can be used to steal sensitive information (spyware), extort money (ransomware), or profit from forced advertising (adware). Social media platforms are an ideal delivery system for malware distributors. Once an account has been compromised (often by obtaining passwords through a phishing attack), cybercriminals can take over that account to distribute malware to all of the user’s friends or contacts.
Social media bots are automated accounts that create posts or automatically follow new people whenever a certain term is mentioned. A large group of bots can form a network known as a botnet. Bots and botnets are prevalent on social media and are used to steal data, send spam, and launch distributed denial-of-service (DDoS) attacks that help cybercriminals gain access to people’s devices and networks.
Social Media Privacy Issues in 2020
The attacks outlined above will continue to pose privacy threats in 2020. In fact, as the 2020 presidential election draws near, these attacks will likely increase. Earlier this year, Politico reported that wide-ranging disinformation campaigns aimed at Democratic candidates had already begun. Attackers employing the same tactics as the trolls from Internet Research Agency are now using social media data to wage a disinformation “war” designed to confuse and polarize Americans. The cyber-propaganda is often disseminated via bot accounts, which use mined data to target preferred audiences. The full impact of social media attacks on the 2020 state, federal, and presidential elections is hard to predict.