- Information
- AI Chat
Hacked A Case Study U-M Social Media
Computer and Network Security (ECC4703)
Universiti Putra Malaysia
Preview text
HACKED: A CASE STUDY
search
There’s no denying it: we got hacked. Here’s what we learned and what you can learn, too.
contacts we could find. As the owners of the sixth-largest higher-ed Facebook audience in the nation and the largest pages in collegiate athletics for football and basketball, one might think we have Facebook on speed-dial; however, that was not the case. Further complicating the situation was the fact that many of the contacts we did have were in a variety of time zones, and many were still sleeping. In the end, it was actually Facebook’s London (UK) team that came to our rescue, thanks to a connection made through a former agency peer who then reached out to a Facebook client partner at one of Michigan’s robust auto industry social teams.
Simultaneously, the University of Michigan social leadership team was alerted by UMSocial to implement password changes on all official accounts and immediately assess any and all third-party applications that had been granted access to publish on the pages behalf. This team comprises one representative from each primary unit across the U-M’s three campuses. Each individual is tasked with regular communication with UMSocial, as well as with communicating best practices, strategy, and other pertinent information to all
administrators of subsidiary social media accounts within their areas. Michigan Athletics’ associate athletic director for external communications and public relations also initiated a group distribution text message with key stakeholders and leadership throughout the university to keep them apprised of the developing situation. At 7:42am, in collaboration with Public Affairs and Michigan Athletics, UMSocial issued the first acknowledgment of the hacking situation on the overarching University of Michigan social properties. Ensuring that our vast social communities were aware we were working diligently to rectify the situation in a timely manner was of utmost importance to us, and clear, transparent communications proved to be a valuable tool as the events of the day unfolded. The multi-phased communications approach included internal and external audiences and media relations while utilizing broad-based education about the day’s events and how it impacted various groups.
Facebook determined that the hack was part of a sophisticated phishing scheme found within Facebook Messenger that has affected many other brands.
Once the hackers gained access to the personal account, they were then able to access any page to which the individual had administrative privileges. Internally, ITS focused their efforts on assessing potential risk to our data and systems. Their thorough evaluation revealed that the hack was contained to the social platforms, and did not affect confidential data or servers. According to Facebook, the following two scripted messages reflect what the individual may have received: Dear Nikki Sunstrum,
Data that you have filled do not match your fanpage, precisely the Security Question, and Answer do not match in your records. Please fill the application again. [Malicious link was here] Sincerely, Facebook Support Center or Dear Nikki Sunstrum, Data that you have filled do not match your fanpage please fill the application again [Malicious link was here] Sincerely, Facebook Support Center Upon clicking the links, users are directed to a form that looks like a page to validate Facebook credentials, but in fact is not an authorized Facebook site. Facebook provided the following tips for further future protection, which we have implemented as a standard of best practice and instructed all University of Michigan social properties to adopt as part of our use guidelines. Facebook will never send official communication via Messenger. Never enter your password anywhere but facebook. Scammers often set up fake pages to look like a FB login page so it’s important to always check that you’re really logging into facebook. Watch out for fake pages/apps as well as “official” links using URL shorteners such as the gl links from the phishing messages.
For us, the moral of the story was clear. Password security isn’t enough – even the most well-trained social media professionals are still subject to human error. The best we can do is take every necessary precaution to incorporate additional levels of security. Collectively, we have initiated the implementation of two-step authentication procedures, and are continuing to evaluate third-party security applications. Lastly, at Facebook’s recommendation, we are also researching Facebook Business Manager. It is our hope that, by highlighting the steps taken and lessons learned, we might prevent future attacks and educate our peer institutions on how to safeguard themselves as well. If you have experienced a similar event and are interested in sharing your case study, please feel free to contact us at umsocial@umich. Additionally if you have questions please reach out to me on Twitter @NikkiSunstrum.
Hacked A Case Study U-M Social Media
Course: Computer and Network Security (ECC4703)
University: Universiti Putra Malaysia
- Discover more from:
