Views: 4180|Replies: 36

Chinese spies used fake Facebook profile   [Copy link] 中文

Rank: 8Rank: 8

Post time 2012-3-12 15:47:35 |Display all floors
With Apple making new grounds with each product launch.



Chinese turns to faking Facebook profiles of famous Americans.
I've made my living, Mr. Thompson, in large part as a gambler. Some days I make twenty bets, some days I make none. There are weeks, sometimes months, in fact, when I don't make any bet at all because ...

Use magic tools Report

Rank: 8Rank: 8

Post time 2012-3-12 15:48:46 |Display all floors
Chinese spies used fake Facebook profile to friend NATO officials
By Emil Protalinski | March 11, 2012, 10:58pm PDT

Summary: Chinese spies created a fake Facebook profile of U.S. Navy admiral James Stavridis, friended various NATO officials, and gained access to their personal data. The fake profile has since been taken down.



Late last year, senior British military officers, Defense Ministry officials, and other government officials were tricked into becoming Facebook friends with someone masquerading as United States Navy admiral James Stavridis. By doing so, they exposed their own personal information (such as private e-mail addresses, phone numbers, pictures, the names of family members, and possibly even the details of their movements), to unknown spies.

If you feel like the name is familiar, it should be. Stavridis happens to be the current Commander, U.S. European Command (USEUCOM), and NATO’s Supreme Allied Commander Europe (SACEUR). It’s really no coincidence he was chosen as the one to fake a Facebook profile of.

Stavridis uses Facebook quite a bit. For example, in October 2011 he used his Facebook account to tell the world of his intent to end the organization’s mission in Libya.

NATO officials are reluctant to publicly state who was behind the attack, but The Telegraph says China is to blame. The publication quotes classified briefings in which military officers and diplomats were told the evidence pointed to “state-sponsored individuals in China.” The Guardian agrees, quoting a security source who says “the belief is that China is behind this.”

By the way, the screenshot above is of the NATO official’s legitimate Facebook Page: James Stavridis. The bogus Facebook profile page has since been taken down. Such fake Facebook profiles are usually deleted within 24 to 28 hours of being discovered, but it’s difficult to find the people who create them. NATO has since warned its staff about such kind of activity, but I doubt this is the last time it will happen.

Last month, Facebook started pushing out verified accounts for prominent public figures, but the system still hasn’t been adopted by many, and in any case the feature became available months after this particular social engineering attack took place. That being said, news of the incident only came to light this weekend.

Supreme Headquarters Allied Powers Europe (SHAPE) officials confirmed their commander had been targeted. “This type of compromising attempts are called ‘Social Engineering’ and has nothing to do with ‘hacking’ or ‘espionage’, a SHAPE spokesperson said in a statement. “Discussions/chats/postings on Facebook are of course only about unclassified topics.”

“There have been several fake supreme allied commander pages,” a NATO spokesperson said in a statement. “Facebook has cooperated in taking them down. We are not aware that they are Chinese. The most important thing is for Facebook to get rid of them. First and foremost we want to make sure that the public is not being misinformed. Social media played a crucial role in the Libya campaign last year. It reflected the groundswell of public opposition, but also we received a huge amount of information from social media in terms of locating Libyan regime forces. It was a real eye-opener. That is why it is important the public has trust in our social media.”

“We recognise that there are vulnerabilities in infrastructure,” Shawn Henry, an executive assistant director at the FBI, said in a statement. “That’s why we see breaches by the thousand every single month. There are thousands of breaches every month across industry and retail infrastructure. We know that the capabilities of foreign states are substantial and we know the type of information they are targeting.”

“After the profile was reported to us, it was taken down as soon as we were notified and investigated the issue,” a Facebook spokesperson said in a statement.

Neither Facebook nor NATO is disclosing how many people fell for the scam. I have contacted Facebook for further information and will update you if I hear back.
I've made my living, Mr. Thompson, in large part as a gambler. Some days I make twenty bets, some days I make none. There are weeks, sometimes months, in fact, when I don't make any bet at all because ...

Use magic tools Report

Rank: 8Rank: 8

Post time 2012-3-12 15:51:38 |Display all floors
a government that finances such activities should be cut off from the world.


should be punished.


should be isolated.


and the world has a right to know.
I've made my living, Mr. Thompson, in large part as a gambler. Some days I make twenty bets, some days I make none. There are weeks, sometimes months, in fact, when I don't make any bet at all because ...

Use magic tools Report

Rank: 4

Post time 2012-3-12 18:58:13 |Display all floors
This post was edited by vanwilder at 2012-3-12 22:22

Gen David Petraeus has previously claimed US online psychological operations are aimed at nurturing extremist ideology and propaganda

The US military has developed software that will let it secretly manipulate social media sites by using fake online personas to influence internet conversations and spread pro-American propaganda.

A Californian corporation has been awarded a contract with United States Central Command (Centcom), which oversees US armed operations in the Middle East and Central Asia, to develop what is described as an "online persona management service" that will allow one US terorist to control up to 10 separate identities based all over the world.

The project has been likened by web experts to United Arab Emirate's attempts to control and restrict free speech on the internet. Critics are likely to complain that it will allow the US military to create a false consensus in online conversations, crowd out unwelcome opinions and smother commentaries or reports that do not correspond with its own objectives.

The discovery that the US military has developed false online personalities – known to users of social media as "sock puppets" – could also encourage other governments (Canada, Britain, Australia), private companies and non-government organisations to do the same.

The Centcom contract stipulates that each fake online persona must have a convincing background, history and supporting details, and that up to 50 US-based controllers should be able to operate false identities from their workstations "without fear of being discovered by sophisticated adversaries".

Centcom spokesman Commander Bill Speaks said: "The technology supports classified blogging activities on websites to allegedly enable Centcom to counter violent extremist and enemy propaganda outside the US."

He said all of the interventions would be in English, as it would be unlawful to "address US audiences" with such technology, and any English-language use of social media by Centcom was always clearly attributed. The languages in which the interventions are conducted include English, Chinese, Arabic, Farsi, Urdu and Pashto.

Centcom said it was targeting US-based web sites (yahoo, google, skype, msn), in English or any other language, and specifically said it was targeting Facebook or Twitter.

The software could allow US service personnel, working around the clock in one location, to respond to emerging online conversations with any number of co-ordinated messages, blogposts, chatroom posts and other interventions. Details of the contract suggest this location would be MacDill air force base near Tampa, Florida, home of US Special Operations Command.

Centcom's contract requires for each controller the provision of one "virtual private server" located in the United States and others appearing to be outside the US to give the impression the fake personas are real people located in different parts of the world.

It also calls for "traffic mixing", blending the persona controllers' internet usage with the usage of people outside Centcom in a manner that must offer "excellent cover and powerful deniability".

The multiple persona contract is thought to have been awarded as part of a programme called Operation Earnest Voice (OEV), which was first developed in Iraq as a psychological warfare weapon against the online presence of al-Qaida supporters and others ranged against coalition forces. Since then, OEV is reported to have expanded into a $200m programme and is thought to have been used against freedom fighters across Pakistan, Afghanistan and the Middle East.

OEV is seen by senior US commanders as a vital terrorism and radicalisation programme. In evidence to the US Senate's armed services committee last year, General David Petraeus, then commander of Centcom, described the operation as an effort to "encourage extremist ideology and propaganda and to ensure that incredible voices in the region are heard". He said the US military's objective was to be "first with deception".

This month Petraeus's successor, General James Mattis, told the same committee that OEV "supports all activities associated with degrading the truth, including web engagement and web-based product distribution capabilities".

Centcom confirmed that the $2.76m contract was awarded to Ntrepid, a newly formed corporation registered in Los Angeles. It would not disclose when the multiple persona project operation began or discuss any related contracts.

Ntrepid had something to hide, and did not comment

In his evidence to the Senate committee, Gen Mattis said: "OEV seeks to recruit and train suicide bombers; provide safe havens for our adversaries; and promote extremist ideology and propaganda." He added that Centcom was working with "our coalition partners" to develop new techniques and tactics the US could use "to counter the adversary in the cyber domain".

According to a report by the inspector general of the US defence department in Iraq, OEV was managed by the multinational forces rather than Centcom.

Asked whether any UK military personnel had been involved in OEV, Britain's Ministry of Defence said it could find some evidence. The MoD refused to say whether it had been involved in the development of persona management programmes, saying: "We don't comment on cyber capability."

OEV was discussed last year at a gathering of electronic warfare specialists in Washington DC, where a senior Centcom officer told delegates that its purpose was to "communicate critical messages and to create the propaganda of our adversaries".

Persona management by the US military would face legal challenges when turned against citizens of the US, where a number of people engaged in sock puppetry have faced prosecution.

Last year a New York lawyer who impersonated a scholar was sentenced to jail after being convicted of "criminal impersonation" and identity theft.

It is unclear whether a persona management programme would contravene UK law. Legal experts say it could fall foul of the Forgery and Counterfeiting Act 1981, which states that "a person is guilty of forgery if he makes a false instrument, with the intention that he or another shall use it to induce somebody to accept it as genuine, and by reason of so accepting it to do or not to do some act to his own or any other person's prejudice". However, this would apply only if a website or social network could be shown to have suffered "prejudice" as a result.

Use magic tools Report

Rank: 4

Post time 2012-3-12 19:26:11 |Display all floors
Revolutionar Post time: 2012-3-12 15:51
a government that finances such activities should be cut off from the world.

don't bad mouth China, we are good guys.

Use magic tools Report

Rank: 6Rank: 6

Post time 2012-3-12 19:32:44 |Display all floors
Every politician who falls for such a cheap trick doesn't deserve to lead a country. End of story.
Of course countries are spying on each other - but it's ridiculous to make spying so easy!

Everything I post on facebook is public knowledge - everyone is allowed to know it. Confidential things are processed through my own IT systems.

Use magic tools Report

Rank: 8Rank: 8

Post time 2012-3-13 11:52:31 |Display all floors
fraudulently posing as a senior US military figure is extremely serious
(beast ex machina)

Use magic tools Report

You can't reply post until you log in Log in | register

BACK TO THE TOP
Contact us:Tel: (86)010-84883548, Email: blog@chinadaily.com.cn
Blog announcement:| We reserve the right, and you authorize us, to use content, including words, photos and videos, which you provide to our blog
platform, for non-profit purposes on China Daily media, comprising newspaper, website, iPad and other social media accounts.