Gartner recently released its hype report about social media. It is interesting to see that some of the tools we are advocating for Learning actvities are slipping into the “trough of disillusionment“. This is the time in a technology lifecycle when a product fails to meet the hype, and people stop talking about it as the “next big thing”.
Some friends and I have been discussing this lately – what will be social media’s downfall in the Enterprise? Some people think it will be the lack of measurements, some people think it will be a company disaster because of a slip-up attributed to a social networking site.
I don’t think it will be either of those things. I think it will be viruses planted by hackers and phishers that turn corporate laptops and desktops into zombies. Just this week came report that hackers are using twitter as a way to control botnets, so I don’t think my theory is too far-fetched.
Here’s my attempt at a relatively non-technical description of how I think the zombie infestation could play out:
You get fooled into clicking on a link that installs a virus onto your machine.
Most of the time, this is the result of a phishing scheme. The most recongnized example is you get an email from your bank saying they need you confirm some personal details. The email has all of the images and wording an email from your bank would normally have. But when you click on the link, it does not take you to the bank website. Instead, you have clicked a link that will download a little program to your machine. The program may do something really nasty like gather passwords to all the sites you use (banking, credit card, etc). Or, it may turn your machine into one of the virus creator’s zombie minions.
Your computer is now a node in a botnet
A botnet is simply a collection of processes running on lots of computers. The compromised computers (or zombies) can be controlled by one master computer. Many times the zombies are used to send spam and cheat the pay for click sites. Maybe the worst use of zombie botnets is executing distributed denial of service (DDoS) attacks. DDoS attacks flood web servers with so much traffic that they are not able to operate. Twitter was brought down a couple of weeks ago by a DDoS attack. If you are able to trick enough people into downloading the virus that will turn their computer into a zombie, you can control your minions to do all sorts of very nasty things.
This is actually how Twitter is being used by the zombie overlords. They set up twitter accounts for the sole purpose of sending updates that are used to direct the zombies.
The zombie-making viruses can be very tricky
Lots of times, you won’t even notice you have turned into a zombie. The virus hides itself. It may prevent you from getting to anti-virus sites or the Microsoft Updates site. So even if there is a fix, you won’t be able to apply it. You may notice that your computer is running very, very slowly. This could be a sign that you have been turned into a zombie.
Or maybe your Instant Message, email, Twitter or Facebook starts posting lots of messages to everyone in your friends list. A message with a link that says “hey I wanted to share this with you!!” (or something like that). Your friend thinks, oh cool wonder what this link is all about? They click the link and BAM now they are a zombie too!
You need more than a boomstick to clean up a zombie infestation
Cleaning up zombie machines is very labor intensive. If the IT folks can’t clean the machine completely, they may need to just reinstall the Operating System, which could mean a loss of data. And it takes a good bit of time. The entire time the IT person is working on your machine, you can’t work. And the IT person isn’t working on anything else either. If there is a zombie outbreak, and you have a project that has dependecies on IT, forget about making your dates.
And we’re not just talking about the desktop IT support folks. If multiple machines on a corporate network have become zombies, they could also clog up the internal network with spam or DDoS traffic. Your network team goes into overdrive to shut this traffic down. Depending on how the virus that created the zombies is written, servers can also become infected.
So zombies cost time and money, two things that are scarce right now in most Enterprises. If a company gets infested with zombies caused or controlled by a social media site, you can be sure they will shut down access to these sites.
What you can do to ward off the zombie infiltration
First of all, make sure your anti-virus software is up to date. You may also want to run something like SpyBot Search and Destroy. I like this program because it will immunize your browsers against evil zombie-making programs.
Secondly, stop trusting everything you see in social media sites! Yes, I know this is contrary to the “everything is open” mantra of social media. But come on, even in real life you aren’t supposed to trust everyone the first time you see them. Stop clicking on links without checking them out first! Hover over an embedded hyperlink and look in the bottom of your browser for where the link will send you. Use a Twitter client like Mixero that will preview the real URL behind a tiny URL. Consider blocking spammers who try to follow your stream (this is a controversial subject, so use your own judgement).
Remember, sometimes you can’t tell someone else has been turned into a zombie until its too late. So always protect yourself!
To wrap this up, if we don’t want IT blocking access to these tools, people have to start thinking more about how we are using these tools. We can’t blame IT, the only way to prevent a zombie outbreak is to quarantine those who aren’t infected. If we don’t want it to get to that point, we have to be a little smarter as we use the tools. Because zombies are out there – waiting to turn you too.