It could have been a script from a B movie. Top military officials from the North Atlantic Treaty Organization fell victim to a cyber attack because they simply accepted a fake friend request on Facebook.
In a tried and true attack, cyber criminals once again exploited users’ implicit an unquestioning trust on social networks by spoofing a Facebook page impersonating the Supreme Allied Commander Europe (SACEUR) Admiral James Stavridis.
The social engineering attack was likely an attempt to glean email addresses, login credentials and other bits of personal information from friends and family members that might gain them entry into NATO’s computer systems. The miscreants could then use their new found keys to the kingdom to infiltrate and steal military and national secrets from NATO.
And the ploy seemed to work. Over the weekend senior military and government officials were tricked into ‘friending” a phony Facebook profile for the U.S. Admiral Stavridis.
NATO was quick to finger China as the culprit. Granted, simple social engineering and phishing attacks have been consistently been used to bait victims as part of more sophisticated Advanced Persistent Threats, or the first stage of a “second stage attack,” many of which have been sourced to the world’s most populous nation.
Needless to say, the Chinese threat has been a source of strong concern for U.S. policy makers, many of whom accuse the country of devising state sponsored espionage activities and infiltrating government networks in cyber attacks. The National Counterintelligence Executive said Chinese hackers were “the world’s most active and persistent perpetrators of economic espionage,” according to the Observer.
But then again, Stavridis, an avid social media enthusiast, and other top military officials could also have walked in the line of fire by maintaining a prolific presence on a forum shared by more than 845 million other users.
A NATO official confirmed to the Observer that Stavridis had been the target of similar assaults and trickery over Facebook in the past two years. “There have been several fake SACEUR pages. Facebook has cooperated in taking them down…the most important thing is for Facebook to get rid of them,” the official said.
Not entirely surprising, however, considering that both Stavridis and NATO have “made significant policy announcements on either the Twitter or Facebook feed, which reflects NATO keeping pace with social media,” the NATO official added. (Last year Stavridis used Facebook to announce that the military campaign in Libya had ended.)
A few minutes of research, and the “hackers”–if you can call them that– might have determined that a Facebook spoof would be a shoe in, with easy access to thousands of contacts and credentials. As simple as that. Done.
Facebook, with a policy stipulating that all accounts have to be genuine, has been quick to respond to such incidents, generally taking down the bogus profiles between 24 and 48 hours after being reported.
Meanwhile, hundreds of millions of users weigh the security risks (or not) of posting personal information to the world’s largest social network every day. And while anyone who exposes personal information on Facebook potentially puts themselves at risk of attack, the odds are slightly less in your favor when you are a high profile official overseeing U.S. military forces and strategy in Europe.
To mitigate some of the risk, the social networking giant announced last month that it was implementing a program that would select the accounts of celebrities, business leaders and other high-profile users who could choose to verify their identity.
Even still, for the senior-most military leader of the 28-member country Alliance to reveal NATO policy over Facebook and expect not to become a cybercrime target, from China or anywhere else, might be a little like having your cake and hoping you can still eat it too. It could happen. But don’t count on it.
Leave a reply