Caution “Chameleon Attack”

Online social networks are fertile ground for cyberattacks and an opportunity for privacy abuse. With the celebration of Data Privacy Day, Aviad Elyashar from the Computer Science Department explains how an innocent post on Facebook, Twitter or LinkedIn may open a Pandora’s box

The data security field deals in the protection, access, use, exposure or destruction of data and information systems by interested malicious entities. The overarching goal of this field is to enable entities, organizations and private individuals to operate securely while maintaining the privacy, integrity and availability of their information. At the same time, the field has attracted many young people who would like to join this interesting and challenging world.      

Thus, for example, the Council for Higher Education in Israel (CHE) recently approved the opening of the new Computer Science Department at the SCE Shamoon College of Engineering. This welcome decision can provide a response to the high market demand for cyber professionals. As part of the program a special and unique Cyber Studies study track was opened, aimed at training students to identify and assess cyber risks and to specialize in data security and communication networks. The increased demand for cyber professionals will enable the track graduates to find employment as cyber and data security professionals in industry and academia as well as in the public and private sectors.  

In this article I would like to shed light on an area which the general public supposedly perceives as safer than other areas in terms of the risk of classic cyberattacks. I am referring to social networks. The number of active users on the various social networks such as Facebook, Twitter, TikTok and Instagram continued to grow in recent decades, with billions of users using these networks daily. The reasons for their growing popularity are related to the characteristics of these platforms, which basically encourage users to meet new friends, maintain existing friendships, remain updated about what is happening in their country and around the world, respond to the posts of other users and share their opinions, ideas, etc.

However, alongside the numerous advantages of these networks, there are also quite a few threats: online social networks have become a tool for spreading fake news, and are often fertile ground for malicious users such as bots, trolls and cyborgs to carry out cybercrimes.  

Over the past two years, a team which, in addition to myself included researchers from Ben-Gurion University, was able to identify a weakness in the posting mechanism of several online social networks which can cause reputation damage to online social network users. We call this attack: “the Chameleon attack” – a situation in which the content changes over time so as not to attract attention before carrying out the attack.

Imagine an innocent Facebook post that shows a cute baby with a giggling laugh. You laugh along with it and share the adorable post with all your friends. You then continue to scroll down while checking other posts and return to your daily business. The next day you receive a strange call from a friend who asks why yesterday you shared a video clip that asks you to support ISIS and shows a public execution of a hostage. You don’t understand what that friend is talking about and hurry to open Facebook. You check your timeline and discover that you shared a video clip that supports ISIS. This embarrassing situation can damage your reputation.

As part of the service they offer their users, some social networks enable editing or deletion of content which has already been published. In addition, the known social networks such as Facebook, Twitter and LinkedIn support rerouting of existing links, as well updating of the link previews. A link preview is a common and important feature of every social platform, which enables users to review the post before clicking on it. By enabling link editing after the link was published the social networks create the opportunity to change the way a given post is displayed without indicating to the user that the link content was changed.

In our study we surveyed whether the seven social networks can withstand a “Chameleon attack”. To prove the veracity of the attack we demonstrated the attack through the infiltration of users into a closed Facebook group.

The necessary conclusion is that online social networks must bear significant responsibility. Therefore, in order to prevent such attacks, and along with cautious behavior required on the part of the network users, the online social networks must strengthen their existing security mechanisms and develop additional security mechanisms that will prevent user privacy abuse and bolster public trust.