The tangible act of improving security (though assuring it seems a vain hope)pales by comparison to the intangible impact of these intrusions on both public perceptions of the companies involved. To say nothing of the business perception of Facebook as a site from which companies may derive positive benefits as opposed to endless hassles. In fact, they feel trapped; younger employees and their agencies are telling them they 'have' to engage on social channels or risk marketing ostracism. The reality may be grimmer: engage, and for their investment, be mocked or exposed as a villainous exploiter. As this space has pointed out before, we are still new to the implications of these media for both individuals and businesses. We are kidding ourselves if we believe that the answers are apparent yet. JL
Sheila Shayon reports in Brand Channel:
Pfizer was compelled to take down its Facebook page after being hacked July 19th by U.K. hackers, The Script Kiddies, who claimed responsibility for the social misdeed on Twitter. The group's grievance, apparently, is that (in their words) the pharma giant is “A Corrupt Corporate American Company guilty of cutting corners and killing people.” Such are the charming times we live in. A screenshot of the hacked posts shows the Pfizer logo smeared in red and information about Pfizer's $2.3 billion settlement of a U.S. investigation of its drug-marketing practices in 2009.
Hackers have been targeting government agencies and major corporations in the past several months — if you haven't read about Operation Shady RAT, Vanity Fair has a good backgrounder — so the fear is this attack is just the tip of the online iceberg for Big Pharma, an industry that was already tiptoeing (read: reticent) to embrace social media. Just wait until August 15th, when a new Facebook rule will require pharma brand pages to enable user comments.
Pfizer's VP Corporate Communications Raymond Kerins Jr. called last month's hack as a "learning experience" (to put it mildly) — but at least the brand isn't shying away from Facebook.
"This environment is one that is dynamic and we're watching very closely," he commented to ClickZ about the post-hacking return of Pfizer to Facebook. "It's really an important channel that patients and doctors have decided this is how they want to communicate."
Meanwhile, fingers are pointing both ways as to the nature of the breach; security issue or Pfizer/pharma issue? “When we do find out what happened, we will share the learnings with other [pharma] companies,” said Kerins. “I don’t want this to happen to any other companies.”
Whoever commandeered Pfizer’s page would need a Facebook password which might have been retrieved from a data dump site, Paste Bin, with lists of compromised passwords posted by hacktivist’s like LulzSec and Anonymous, according to Graham Cluley, senior technology consultant at global computer security firm Sophos, and blogger.
Hacker traces and Facebook forensics “make it unlikely the social network was responsible for the illicit entry,” Cluley commented to Medical Marketing & Media.
There was speculation that a WCG employee, the PR firm handling some corporate communications and interactive marketing duties for Pfizer, “was sloppy with his security. If I were investigating this hack, the very first thing to do would be to look at the security of the page's administrators and in particular their passwords. That's where my money would be,” said Cluley.
He further noted that “30% of people use the same password for every single site they access,” so, “in this case the chap was responsible not only for his own online ID but for the brand of a very well-known company, so it's done damage to [the brand].”
The Script Kiddies, who also hacked the Fox News Twitter feed last month, not only took credit for the Pfizer Pfacebook incident but responded on Twitter: “So apparently, the articles are all claiming the security breach on Pfizer's page was Facebook's fault? No... thank Pfizer and Pfizer only,” and posted the picture of an agency employee they declared was the weak link that let them slip in. “Hint for next time: protect this company with a little better security.”
Beyond Pfizer beefing up its IT and digital (online, social, internal and agency) security, it also begs the question: what is Facebook doing to better protect their users' pages from being hacked?
Pfizer has been more active than many in their industry in creating an online brand presence: "We are committed to clear and transparent communication and, for that reason, Pfizer has maintained an industry-leading position in area of social and digital media for the last year or so," said Kerins to Marketwatch.
The good news: Pzifer’s page was restored by the brand on July 20th with the message "We have been working with Facebook to understand what happened," as one more chapter unfolds in the annals of yet untapped powers of social media in the hands of digitally savvy protesters.
The bad news: the Script Kiddies, which moved on to Verizon, Blackwater/Xe, Walmart and other brands, are taking suggestions today for other targets.
More about: Pfizer, Pharma, Facebook, Security, Social Marketing, Social Media, LulzSec, Anonymous, Twitter, Privacy, Verizon, Walmart, Xe, Blackwater
0 comments:
Post a Comment