The Latest in IT Security

Syrians targeted in cyber attaks and tortured for Facebook passwords


data_securityFacebook has played a huge part in the uprisings that occurred and are occurring in the Middle East. As such, the remaining dictatorships in the area are trying to control their problem by cracking down on Facebook operations. One prime example of this is the current online attack being targetted towards Syrian users on social networking sites. The attacks were presumed to be launched by the government and the end result is the monitoring and intercepting of communications made on Facebook despite HTTPS encryption.

How did it happen?

There is still no way to prove that the Syrian government really is behind this attack, but Facebook users from Syria are pointing towards the Syrian Telecom Ministry. They’re calling it a ‘man in the middle’ attack, saying that there is a fake security certificate being used that tricks users into logging into their pages, thinking all the while that they’re entering a secure, https-encrypted Facebook page. A pop up appears, but since people are pretty much used to such things, they click through reflexively, allowing the attack to take place. Once they do log in, all their activities will be monitored and their communications censored.

This is not the first time that governments have used this trick. Such techniques were also used in Egypt, Bahrain, and Libya in order to keep rebellions in tight control. This is something that many countries around the world can also do, as they themselves have control of the companies that handle the authentication of security certificates. As such, no red flags are raised whenever these methods are used, and users remain vulnerable to such attacks as long as they are under the government’s power.

What can they do about the matter?

There is, however, a way to prevent this from happening. The EFF, or the Electronic Frontier Foundation, which issued the warning in the first place, also issued some tips on how to avoid monitoring and censorship. They advised users to use a proxy server or to log in through Tor; Tor is a software that allows complete online anonymity and works by hiding users’ locations and generally makes it more difficult to trace traffic back to the user.

Then again, with news from Syria saying that protesters are actually being tortured to reveal their Facebook passwords, then it’s hard to tell what people can actually do in order to save themselves from extreme censorship and control. 

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments