Anti-Social Media Hacks

Burger King and Jeep have nothing to do with financial services. But both banking professionals and the customers they serve would be wise to keep a close eye on the fast-food retailer and the automaker as they seek to recover from high-profile hacks this week. It could just be a sign of things to come.

As has been widely reported, both companies this week had their Twitter accounts hacked and, in different ways, defaced. There’s already been wide speculation regarding the perpetrators, but at this point that’s almost less important than the fact that the hacks occurred at all. The primary motive seems to have been to cause mischief, but most such intrusions have a more malevolent intent.

The news of these high-profile Twitter hacks comes shortly after the granddaddy of social media, Facebook, revealed that it was the victim of a “a sophisticated attack. . .that occurred when a handful of employees visited a mobile developer website that was compromised.” Facebook didn’t identify the developer site in question, though it has been identified named elsewhere.

So what does all this have to do with banking?

The reality is that this where many aspects of the financial services industry are headed. And unlike fast food or even cars, this is a practice fundamentally built around private information that needs to be kept secure. The most recent data breaches make it clear that we’re far from that level of security.

Most institutions are already active in the social media sphere, but the current initiatives mainly revolve around marketing and messaging. It seems only a matter of time before at least a few brave organizations make the leap into trying to develop Facebook into a transaction platform and transmit private information via channels such as Twitter.

In some ways, it’s a throwback to the early days of the Internet. The Credit Union National Association reports that a third of all credit unions now offer mobile banking, and all of the rest will have joined the fray within the next two years. That’s nearly twice the adoption rate for online banking when it arrived, which means that we’re already entering the second generation of mobile banking capabilities.

When social media is thrown into the mix, as seems almost inevitable, the growth rate will likely be even more accelerated—there’s an entire generation primed to enter the workforce that has a problem remembering a time before these technologies were fully integrated into every aspect of daily life.

The question is not whether social media channels need to become more secure; the focus should be on how to make them more secure, and who should lead the effort. We already have best practices in place for consumers, but it’s fair to think few will heed the advice. It’s up to us.

There’s no single constituency that can do everything related to security. The banks, the social media providers, the government, commercial and technology vendors—everyone must be involved. We need expert working groups, industry standards and new technologies. And we need them now.

Written by Staff