If you are having trouble viewing this email, click here to view this online



   ISSUE 14

18 September 2012

Article of the Month   Around the World

Spring is yet to come: Rise of Social Media

Abstract - Social networking web sites have been rapidly adopted by many across the globe, mostly teenagers taking the lead. It is estimated that at the end of 2012, number of Facebook accounts will exceed 1 billion.

Corporate organizations and consultants are trying to identify ways in which they can increase revenues by use of social media platforms such as Facebook, Twitter, YouTube, etc.

Today, the increasing popularity of Social Media is a serious concern for many Governments. With the recent events occurred in Tunisia, Egypt, and certain Arab countries, social media is casting a mammoth shadow in the political arena.

On the other hand, there are also concerns that social media increases the likelihood of new risks to the self, centring on loss of security, privacy, harassment, harmful contacts and much more. This paper intends present a different perspective on social media, its use and the challenges, and offer a set of guidelines for its effective use.  

Keywords - social media, social networking sites, virtual worlds, web 2.0

I. Introduction

According to the latest Infographic, as at May 2012, the online social networking giant Facebook had more than 901 million active users. To put that number in perspective, this is more than double the population of United States (313 million)  thus making Facebook users as the world�s third largest country by population. At the same time Facebook has over 425 million mobiles users and 250 million photos are uploaded daily.

According to research, usage of social media has increased by few folds during recent years. Facebook has shown the biggest user growth rate (approximately 200 million users by year end 2008, which was increased to 400 million by end of 2009) in comparison to other popular social media platforms such as Wikipedia, LinkedIn, Flickr, YouTube, and Twitter.

Traditionally, organizations and governments were able to control the information available about them. Organizations were able to restrict the information flow by getting a good public relations consultant or having a dedicated department strategically carrying out marketing. During 80s government�s only had to fear about printed media (such as newspapers/ magazines, tabloids, etc) and broadcasting media (such as television, radio).  

II.   What is Social Media

Gartner describes Social Media as set of technologies and channels targeted at forming and enabling a potentially massive community of participants to productively collaborate. Going further Gartner describes following 6 principles surrounding social media.

1)   Participatory: Power of social media lies in mass collaboration by encouraging more users to participate.

2)  Collective: Idea here is that users collect facts, information to contribute in comparison to individually creating and disseminating.

3)  Transparent: Unlike traditional media, participants in social media get a chance to comment, edit, validate, rate and critique each other's contributions.

4)  Independent: Independence has multiple facets, but mainly this implies that participants can contribute anytime and anywhere. Further, one participant�s contribution may not depend on another; hence collaboration among participants may not be necessary.

5)  Persistent: Unlike conventional media, all the contributions from users are stored. Hence, it is visible to all others, making it possible for the other people to further comment.

6)  Emerging: It's not possible to predict, restrict, and model human interactions as in a conventional business process. 

Social media is not a technology. It is only an environment built on top of technology.


- Facebook is built on the social networking technologies

- �Second Life� is an online virtual world built on the web technologies using a three dimensional modelling tool and a procedural scripting language

- Wikipedia is built on top of Wiki Technology 

What defines social media is the ability to communicate to masses and many to many interactions. It has revolutionized not only how we deliver news, but also who delivers it. Wikipedia defines Social media as web-based and mobile based technologies which are used to turn communication into interactive dialogue between organizations, communities, and individuals. However, certain vital elements of Social Media, such as the ability to mass collaborate is not properly encompassed in the Wikipedia�s definition, in which even a two way phone call could be treated as social media. Andreas M. Kaplan and Michael Haenlein define social media as a group of Internet-based applications that build on the ideological and technological foundations of Web 2.0 and that allow the creation and exchange of User Generated Content (UGC). Web 2.0 is the platform which enables users to collaborate with each other in social media network with the content generated by users. Web 2.0 encompasses technologies such as Adobe Flash, Really Simple Syndication (RSS), Asynchronous JavaScript and XML (AJAX), etc. 


III. Types of Social Media

One of the most widely used classification systems for the Social Media is listed below.


Special presence / Media richness




Self Presentation / Self Disclosure



Social Networking Sites

Virtual social Worlds


Collaborative Projects

Content Communities

Virtual game worlds

Classification of Social Media by social presence/ media richness and self-presentation/ self-disclosure

Above classification is based on set of theories in the field of media research (social presence and media richness) and social processes (self-presentation and self-disclosure). However, there are few notable shortcomings of this classification. Even though blogs are classified as �low� in terms of social presence/ media richness, even micro blogging sites such as twitter now allows users to post rich media such as photos and video clips.  

Listed below are the generic social media types without restricting to the above classification.




Main characteristics


Social networking sites

Facebook, Goolge+, LinkedIn, Twitter

Allows users to add friends and to network, different groups are available for like-minded people


Photo sharing sites

Flickr, Picasa, Photobucket, Smugmug

Users can upload photos and share


Video sharing sites

Youtube, Dailymotion

Users can upload videos and share


Presentation sharing sites

Slideshare, Scribd

Presentations can be uploaded and shared among others


Event sharing sites

Meetup.com, LinkedIn events, whereevent.com

Allows users to plan and organize events


Dating sites

Tawkify, match.com

Allow users to communicate with others with the objective of developing a relationship


Bookmarking sites

Delicious, Digg, StumbleUpon

Allows users to share their bookmarks online




Allows users to add, modify, delete its content via a web browser using a simplified mark-up language 8



Wordpress, Blogger

Online journals which allows users to write on any topic


Location sharing sites

Foursquare, Facebook places

Allows users to check-in to places typically via smart mobile phones and share the location


Curation sites

Paper.li, Pinterest

Allows users to act as the curator for the content created by other users

Different Social Media Types

The match making site tawkify has taken the online dating to the next level with the integration of social networking and the human touch 9. The majority of conventional dating sites publish inaccurate information about people�s height, weight, earnings, etc. However, tawkify has incorporated Klout scores (Klout score examines the influence users have on social networks such as Facebook, Google+, LinkedIn and Twitter, and coming up with a score between 1 and 100) into their match-making process.

Curation sites are also one of the fastest growing areas of the social media. Pinterest.com currently ranks at number 5, based on Experian Hitwise data for week ending 2012 June 2nd for Social Media Websites 10, Facebook is leading at number 1, followed by YouTube, Twitter and Yahoo at second, third and fourth positions respectively.

The match making site tawkify has taken the online dating to the next level with the integration of social networking and the human touch 9. The majority of conventional dating sites publish inaccurate information about people�s height, weight, earnings, etc. However, tawkify has incorporated Klout scores (Klout score examines the influence users have on social networks such as Facebook, Google+, LinkedIn and Twitter, and coming up with a score between 1 and 100) into their match-making process.

Curation sites are also one of the fastest growing areas of the social media. Pinterest.com currently ranks at number 5, based on Experian Hitwise data for week ending 2012 June 2nd for Social Media Websites, Facebook is leading at number 1, followed by YouTube, Twitter and Yahoo at second, third and fourth positions respectively. 

IV. Challenges in Social Media

Social media exhibits unique characteristics when compared with traditional media such as newspapers, magazines, etc. Its hyper speed and unrestricted scope means that once the content is published, it is available instantaneously, to a potentially global audience. Further, social media tools tend to be free or available at a very low cost relative to other forms of media and do not require users to have much technical knowledge to make use of it. This allows larger numbers of users to access and publish material in comparison with traditional media forms.

These unique characteristics of social media pose different challenges to individuals, organizations, and governments.

A.    Challenges to the individuals

It�s understandable that the benefit of any material or non-material instrument depends on how someone would use it for what kind of purpose. A knife might be a very helpful and essential instrument in a kitchen in the hand of a cook, but it could be a very hazardous instrument in the hand of a hostile criminal.

Similarly, social media can be used for academic purposes, arranging dates and places for face-to-face meetings, communication between friends who live in different cities or countries, etc. However, the other side is not so useful and innocent, which is covered by concepts similar to Internet addiction, individualization, social alienation, etc. Internet addiction has become a common issue in many countries. In China and South Korea more than 30% of the population is affected by Internet addiction. The study further shows that, these people have difficulty in making friends, and they see the Internet and social media as a method for socialization. Infected with this addiction, people become more and more individualized and alienated as they tend to have lots of on-line and virtual friends. Further, identity theft and hacking into social media profiles could also challenge an individual�s privacy.

The UK�s Home Office has identified a series of risks to children�s safety associated with social media - bullying, harassment, contact with harmful content, theft of personal information, sexual grooming, violent behaviour, encouragement to self-harm and racist attacks.  

In Sri Lanka, there has been 1800 reported Facebook related complaints during 2011. Majority of these cases were either creation of fake profiles or hacking into profiles.

B.    Challenges to the organizations

With the social media tide, organizations have realized that they need to be at where their customers, future employees and other stakeholders are. The potential of social media is multi faceted for organizations: increasing customer reach, faster and easier means of disseminating information, and increased corporation between different departments within the organization. Despite these benefits, many organizations face issues and challenges while shifting to social media. With the social media adaptation, organizations tend to lose the absolute control they previously had on the World Wide Web. Thus, creating a cultural shift from a closed to an open organization.

As a result, companies adopting social media have to relinquish some of the absolute control they previously had over their web presence. In some companies, this type of change from a closed to an open organization marks a big change in the organizational culture. Internally, organization may need to focus on who is assigned to work with social media, who has to take the ownership, who can authorize social media releases, cost of social media implementation and use. From an external perspective, organizations are concerned about reputational loses due to misuse or inappropriate use of social media, concerns about the regulator requirements or legal requirements, Internet penetration, etc.

C.    Challenges to the governments

Hosni Mubarak ruled Egypt for nearly 30 years until he was overthrown by dozen of activists who used social media, including Facebook, Twitter, Twitpic and YouTube to stir discontent with Egypt's police forces . They mobilized support in Egypt's slums and working-class neighbourhoods and plotted a mass demonstration for Jan. 25. Omar Suleiman, the Chief of the Egyptian General Intelligence Service (EGIS) managed to keep Hosni Mubarak in power amidst tough times over the years, but social media was an impossible medium to monitor and restrict the information inflow.

Academics and social-media advocates say Twitter played a pivotal role in the Arab Spring uprisings in 2011, helping activists to unite, win and gather followers and spread the news of their grievances and demonstrations.

With the Arab spring and other pro-democracy movements similar to �#occupy� , Governments are seriously looking at means of restricting, controlling and monitoring social media. Recently reported cases involved - Saudi Prince Alwaleed buying a stake in Twitter, Pakistan�s 8-hour Twitter censorship , and Sri Lanka�s opposition challenging that the government is blocking/ hacking web sites which are unfavourable to them.

Further it is reported that the FBI already has the ability to intercept messages on social-networking sites and Web-based e-mail services. 

V. Guidelines for Social Media Usage

A.    Guidelines for Individuals

Despite the availability of different nature of social media (as per the Table II � Different Social Media Types), individuals need to consider following points when engaged in Social Media.

- Be aware of what is posted online

Once something is posted on social media, it will leave a digital foot print where anyone can see.

- Be safe online

New attacks/ scams surface every day. Be wary of sites/ people asking for personal information such as phone numbers, address, account numbers, etc.

- Be aware of what is been shared/ posted

Some of the pictures/ videos could be copy right protected.

- Enable Social media specific settings to safeguard privacy and security

Majority of social media provides built-in controls (e.g. two factor authentication, reviewing last login attempts) to safeguard users. Users should be aware of these specific controls and the associated risk.

- Be aware of specific Social media policies

Social media sites keep changing/ updating their privacy policies, usage policies and other applicable policies in order bring them current with the environment threats/ business objectives, etc. Some of these policy changes could have an impact on data retention, data ownership, etc, thus affecting the users.

B.    Guidelines for Organizations

Organizations that do not adopt social media fail to reap benefits and are at a disadvantage to their competitors that do. Organizations that simply allow social media use without any proper policies or guidelines open themselves to various threats. Hence, it is vital that the organizations social media policy encompasses following objectives.

- Define a framework for both approved and responsible social media usage for employees of the organization

- Clarify expectations on employee behaviour on the social media

- User awareness is also vital. Training on best practices, online safety, etc, will encourage employees to make the best use of social media while meeting the organizations risk appetite.

While adopting social media policies, it makes sense to analyse existing policies practised by different organizations.

However, it�s important to understand that there is no one size fits all approach here. Hence, policies need to be tinkered to suit the risk appetite of the individual organization.

C.    Guidelines for Governments

Certain governments have established guidelines for the social media usage. One such example is Civil Service Code established in the UK. This is applicable when participating online as a civil servant or when discussing government business.

   �Disclose your position as a representative of your department or agency unless there are exceptional circumstances, such as a potential threat to personal security. Never give out personal details like home address and phone numbers.

   Always remember that participation online results in your comments being permanently available and open to being republished in other media. Stay within the legal framework and be aware that libel, defamation, copyright and data protection laws apply. This means that you should not disclose information, make commitments or engage in activities on behalf of Government unless you are authorised to do so. This authority may already be delegated or may be explicitly granted depending on your organisation.

   Also be aware that this may attract media interest in you as an individual, so proceed with care whether you are participating in an official or a personal capacity. If you have any doubts, take advice from your line manager.

1)  Be credible

     Be accurate, fair, thorough and transparent.

2)  Be consistent

     Encourage constructive criticism and deliberation. Be cordial, honest and professional at all times.

3)  Be responsive

     When you gain insight, share it where appropriate.

4)  Be integrated

     Wherever possible, align online participation with other offline communications.

5)  Be a civil servant

     Remember that you are an ambassador for your organisation. Wherever possible, disclose your position as a representative of your department or agency.�

On May 23rd 2012, the White House released their Digital Government strategy titled �Digital Government: Building a 21st century platform to serve the American people�. The strategy highlights four key principles to drive the transformation forward and it has also identified the power of social media to transform the services offered by the government and making different government agencies more customer-centric.

It is apparent that social media is transforming the way the governments operate, mainly in following avenues.  

     Increased transparency

UK government already uses podcasts addressing foreign policy issues and some of the UK ambassador�s blog regularly . Israel defence forces also has a official YouTube channel featuring operational footage and informational videos.

     Engaging citizens

The South African President runs an active Facebook page, where citizens participate in constructive debates on topic which matters for nation building.

     Making government departments more people centric

The US government uses challenge. gov as a crowd-source solution where government agencies post challenges (to identify a solution to a particular issue) and the citizens can propose solutions, discuss the challenge or show support. Incentives are also provided if a challenge is successfully solved.

     Crisis management

When the 5.9 earthquake hit near Richmond, Virginia on August 23rd 2011, residents in New York City read about the earthquake on Twitter 30 seconds before they experienced the quake themselves. Most of the Emergency management agencies in US such as the Federal Emergency Management Agency (#FEMA) are active on Twitter, sharing information during crises in real time.

VI. Conclusions

Social media, similar to much else on the Internet, represents an evolving subject for researchers and policy-makers. With the proliferation of technologies such as domestic broadband, location based services; it is now reaching to the mass market across the globe. The open nature of social media could pave the way to solve many issues existing in developing nations if properly harnessed.

From a government�s perspective, if well considered and prudently implemented social media policy could give better transparency and more involved citizens (e.g. in policy formulation), thus creating greater public trust in the government.  Governments should not regulate the social media in a way that would discourage its use, undermining its potential. 

Parakum Pathirana

CISM Coordinator - ISACA Sri Lanka Chapter



The Threat Landscape in Asia and Oceania : Part 1 Vietnam and India

  By Tim Rains - Microsoft | 4 Sep 2012 2:00 AM

Recently I wrote about the threat landscape in the European Union (part 1, 2, 3) and Africa.  This series of articles is focused on threats in select locations in Asia (Vietnam, India, Korea, Malaysia, Singapore, and Japan) and Oceania (Australia and New Zealand).  I am focusing on these locations as they were the most active locations in the region during the second half of 2011 (2H11). 

How to secure your Facebook account

By Neil J. Rubenking, 10 September, 2012

Many millions of people worldwide enjoy connecting with friends and family via Facebook. We get a kick out of sharing baby pictures, funny websites, and our latest adventures.

Sri Lanka Team moves ahead in the Global CyberLympics
Tuesday, 28 August 2012 16:22

Global CyberLympics is an international cybersecurity competition. There are teams from various countries participating in the competition.  The competition is carried out in different parts of the world including North America, Europe, Africa, South America and Middle-east and the Asia P acific.  

Month in Brief

Facebook Incidents Reported to Sri Lanka CERT|CC in August 2012


  Fake + Harassment



Statistics - Sri Lanka CERT|CC



Java zero-day leads to Internet Explorer zero-day
By Michael Lee, 17 September, 2012

'....While looking around a compromised server that was being used to exploit Java vulnerabilities, a security researcher stumbled upon another exploit that he claims affects fully patched versions of Microsoft Internet Explorer 7 and 8.

Eric Romang found four files on the server: an executable, a Flash Player movie and two HTML files called exploit.html and protect.html

When users visit the exploit.html page, it loads the Flash movie, which in turn loads the other HTML page, protect.html. Together, they help drop the executable on to the victim's computer. At this point, attackers have everything they need to drop whatever applications they like on the victim's machine, whether it is to join a botnet or conduct attacks. In this case, the dropper executable installs another program when the victim next logs in......'

Manipulated data causes BIND DNS server to crash
By Heise Media | 14 September, 2012
'....An advisoryGerman language link from the Austrian national CERT warns that the free DNS server BIND, which is maintained by the Internet Systems Consortium (ISC), contains a security vulnerability that allows attackers to crash it using specially crafted data records.

The ISC says that resource records with RDATA fields that exceed

65535 bytes cause the domain name server to crash the next time this record is queried.

The ISC recommends that users upgrade to one of the current versions ? 9.7.7, 9.7.6-P3, 9.6-ESV-R8, 9.6-ESV-R7-P3, 9.8.4, 9.8.3-P3, 9.9.2 or 9.9.1-P3 ? as soon as possible......'
CVE-2009-0927 : PDF Exploit targets Aviation Defense Industry
By EHN Reporter | 15 September, 2012

'....Security Researcher have come across a Spam email that leads to a malware page which delivers the PDF exploit(CVE-2009-0927).The campaign seems to be targeting the aviation defense Industry.

If the recipient open the malicious PDF file, it opens a fake document and displays an invitation to an actual defense industry event. In the background, it exploits the PDF vulnerability......'

Crack in Intemet's foundation of trust allows HTTP session hijacking
  By Dan Goodin | 13 September, 2012

'....Researchers have identified a security weakness that allows them to hijack web browser sessions even when they're protected by the HTTPS encryption that banks and e-commerce sites use to prevent snooping on sensitive transactions......'

  Notice Board
  Training and Awareness Programmes - September 2012  
Date Event Venue
- 3-4 Annual Hardware repair workshop Zonal Educational Office, Nuwareliya
- 5-6 Annual Hardware repair workshop Zonal Education Office, Matale
11-12 Annual Hardware repair workshop Meegahakiwula National School, Kandegedara National School
13 Annual Hardware repair workshop Giradurukotte M.V.,
14 Annual Hardware repair workshop Nakkala Rajyananda Vidyalaya , Bibile
18-19 Annual Hardware repair workshop Thopawewa M.M.V , Pollonnaruwa
20-21 Annual Hardware repair workshop Resource Center, Anuradhapura
16-21 Orientation Programme for  newly recruited ICT  Graduate  Teachers (Tamil Medium) Vavunia  National College of Education

Brought to you by:                           

In Partnership with: