Attacking Soldiers on Social Media

A research group at NATO's Strategic Communications Center of Excellence catfished soldiers involved in an European military exercise -- we don't know what country they were from -- to demonstrate the power of the attack technique.

Over four weeks, the researchers developed fake pages and closed groups on Facebook that looked like they were associated with the military exercise, as well as profiles impersonating service members both real and imagined.

To recruit soldiers to the pages, they used targeted Facebook advertising. Those pages then promoted the closed groups the researchers had created. Inside the groups, the researchers used their phony accounts to ask the real service members questions about their battalions and their work. They also used these accounts to "friend" service members. According to the report, Facebook's Suggested Friends feature proved helpful in surfacing additional targets.

The researchers also tracked down service members' Instagram and Twitter accounts and searched for other information available online, some of which a bad actor might be able to exploit. "We managed to find quite a lot of data on individual people, which would include sensitive information," Biteniece says. "Like a serviceman having a wife and also being on dating apps."

By the end of the exercise, the researchers identified 150 soldiers, found the locations of several battalions, tracked troop movements, and compelled service members to engage in "undesirable behavior," including leaving their positions against orders.

"Every person has a button. For somebody there's a financial issue, for somebody it's a very appealing date, for somebody it's a family thing," Sarts says. "It's varied, but everybody has a button. The point is, what's openly available online is sufficient to know what that is."

This is the future of warfare. It's one of the reasons China stole all of that data from the Office of Personal Management. If indeed a country's intelligence service was behind the Equifax attack, this is why they did it.

Go back and read this scenario from the Center for Strategic and International Studies. Why wouldn't a country intent on starting a war do it that way?

Posted on February 26, 2019 at 6:10 AM • 26 Comments

Comments

(required)February 26, 2019 6:53 AM

Some years back I stumbled upon a Facebook group for "operators" (I'd originally been looking for 911 operators but hey, mercenaries are interesting too).

Pretty friendly group - lots of posts RE: contracts, many of them had photo galleries on location or w/clients (faces blurred but easily enough information to figure out the where, when, and probably *who* of the assignment) - got a Kevlar vest shipped overseas for cheap out of the deal.

Friendly soldiers on social media: not so good for operational security.

JonKnowsNothingFebruary 26, 2019 7:49 AM

NSA Hunts Sys Admins mostly off of LinkedIn

Sport and Health trackers provide free Heat Maps of secured and hidden Black Sites (where nothing ever happens of course)

Smartphones are Warheads on Foreheads and are being curtailed in some militaries because well, they don't want their personnel War-Headed too quickly.

There is a limited lifetime supply to live personnel and militaries would rather state when this expires for themselves.

Contract:
-WE: give you lots of nice fancy clothes, food, shelter, parades, guns, more guns and honor and honor and more honor.
-YOU: die when we tell you.

The UK is so desperate they are recruiting children soldiers. So school rosters are highly sought items.

Simple Google Search will turn up most anything of interest except where Right To Be Forgotten has been enacted but even so... you can still find interesting stuff.

Police and Others are using public/private DNA research for finding DNA matches for persons of interest. Persons of Interest mean: Everyone. Similar to Relevant means All.

Every intersection and mall driveway now has Superior Monitoring installed.

Consider:
Locating even 1 soldier posted in one dark site or anywhere will yield information about the entire system.

All it takes is One

SteveFebruary 26, 2019 8:40 AM

This may be related to this story:

Russia bans smartphones for soldiers over social media fears

Russia's parliament has voted to ban soldiers from using smartphones while on duty, after their social media use raised issues of national security.

The bill forbids military personnel from using a phone with the
ability to take pictures, record videos and access the internet.

Soldiers also cannot write about the military or talk to journalists.

More than 400 of 450 lawmakers in Russia's lower house of parliament,
the Duma, backed the law on Tuesday.

Phones with basic calling and messaging facilities could still be
used, but tablets and laptops would also subject to the new ban.

[. . .]

tazer2000February 26, 2019 8:48 AM

Interesting read...10 to 20 years ago we were trying to imagine what a cyberwar would look like, at the time everyone was thinking in terms of hard-force and attacks on a countries infrastructure. Oh, how naive we were. lol. If only...

Instead we're seeing mostly soft-tactics against very specific targets with in some cases almost surgical precision. Tactics of modern warfare have shifted completely; why destroy the communication abilities of an adversaries populace, when with a little techno know-how you can infiltrate and use the enemies own networks against them for propaganda; sow discord, hatred and chaos.

All that data being collected, surely it's not just sitting someone gathering digital "dust"? Nah...Its being used for simulations; think SIMCITY, but on a much grander scale. Models that take not just physical variables into considerations, but ideological differences, innate biases, psychological profiles, ...ect. Likely, we're in there too. Those profiles the social media companies built of all their "users". The technocracy will be able to data mine all of this to find patterns/correlations of which we are totally unaware and use it to further their own personal ambitions at the expense of the social collective.

#FreeMyDigitalSelf (lol)


SlagFebruary 26, 2019 8:57 AM

Once had a briefing that started with "If I wanted to hack this bank I would shoot the chief DBA on a friday." This scenario works better than the mass attack from the previous post because it's targeted, you pick out the critical people and find their button.

tazer2000February 26, 2019 9:13 AM

@slag:

"This scenario works better than the mass attack from the previous post because it's targeted, you pick out the critical people and find their button."

Oh, you must of missed the part where I said

"some cases almost surgical precision."

Thats fancy talk for "targeted"

You, did bring up a rather good example though of the sort of thing referenced in the article.

Sed Contra February 26, 2019 9:39 AM

“Social” media - dirty bomb weapons grade gossip trees

Everyone needs to adopt need-to-know as part of their opsec. Do I need to know this ?

Petre Peter February 26, 2019 9:52 AM

i trust military personnel because, they have been tested by a verifiable authority, and because they have taken an oath.
i trust doctors because they have been tested by a verifiable authority, and because they have taken an oath.
i don't know if i can trust videos or news that were verified by a future AI system because an AI system cannot take an oath. Now i understand why "this machine kills fascists".

Petre Peter February 26, 2019 10:29 AM

i believe that once war is declared social media will become useless because of the amount of disinformation.
In cyberwar, the war comes after cyber which means that hostilities start before a declaration of war through social media.

albertFebruary 26, 2019 10:37 AM

@Steve,
"...Russia's parliament has voted to ban soldiers from using smartphones..."

This is a wise move. Of course it will never happen here in the US, the Land of the Free and the Home of the Brave.

The price of freedom is eternal vigilance. Well, we got the freedom, but where's the vigilance?
..
@Petre Peter,
"...because an AI system cannot take an oath...". Not yet, but soon. True AI Systems, like Fusion Power, are "just around the corner".

We live in the Theatre of the Absurd. Nothing surprises me anymore.

. .. . .. --- ....

EvilKiruFebruary 26, 2019 11:34 AM

@albert:

>>> "...because an AI system cannot take an oath...". Not yet, but soon.

How is that going to work when the AI maker has a disclaimer like the following?

"This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."

vas pupFebruary 26, 2019 3:03 PM

@Steve
As I recall, many years ago Russia banned FSB staff participate in odnoklassniki.ru social platform because it supposedly was bought by German BND (kind od US CIA).

GRU failed on that (looks like) based on recent successful disclosure of real identity of operatives allegedly involved in poisoning of Skripals in UK.

@taser2000:
"why destroy the communication abilities of an adversaries populace, when with a little techno know-how you can infiltrate and use the enemies own networks against them for propaganda; sow discord, hatred and chaos."

I agree. That is very good point for any IC in any country around the globe. My point is tools of those activities are universal regardless who applied them. It is like plumber using wrench regardless where he is fixing toilet: US, UK, China, Russia, Germany, France, Israel you name it.

@all:
General conclusion on Bruce's post: it is just additional confirmation that humans are the weakest link in any security chain. That is why I try to bring to the attention of all respected bloggers new scientific and technological information which potentially could affect this weakest link and for this reason is relevant for this respected blog.

Sancho_PFebruary 26, 2019 3:47 PM


”This is the future of warfare.” (@Bruce)

No, not really:

a) “The enemy” is not necessarily boozy on drugs & social media (a disease of civilization).
The USA != world.

b) In the West, Hollywood style is necessary to claim increasing military funds (= business), but to get rid of the old stuff (planes, ammunition, …) it needs their physical destruction, a battlefield.
Remember: Never ending growth requires never ending waste.

”It's one of the reasons China stole all of that data from the Office of Personal Management.” (@Bruce)
No, sorry: Whoever took it - they did it simply because they could.


We should really stop whining and blaming others,
instead take to the own nose and lock our valuables.

fooFebruary 26, 2019 3:48 PM

I have heard a talk from the person who personally made that or a very similar military survey.

He claimed that the salaries of entry level jobs in more electronically secure military have gone up (new numbers were very high) because recruits refused to live in electronically secure environment.

Listening to his talk was depressing, social media changes humans, fast and for worse. For me the military experience with social media has significant weight because he told the country, job, previous and new salary.

Wesley ParishFebruary 27, 2019 2:28 AM

@tazer2000

Tactics of modern warfare have shifted completely; why destroy the communication abilities of an adversaries populace, when with a little techno know-how you can infiltrate and use the enemies own networks against them for propaganda; sow discord, hatred and chaos.

FWIW, Iain Banks in 1987 had already reached that conclusion: read Consider Phlebas about the Idiran-Culture war and note the note on the ending of that particular war:
Idir was never attacked, and technically never surrendered. Its computer network was taken over by effector weapons, and-freed of designed-in limitations-upgraded itself to sentience, to become a Culture Mind in all but name.

Technically, Iain Banks was in the forefront, though we should also consider Stanisław Lem's Cyberiad, Golem XIV, and other books of the like. Cyberiad contains a sally of the constructors Trurl and Klapaucius where they are required to make cyber-automatons of two opposing armies by two opposing kings. Of course, once both armies have been connected up, the whole issue of the war between the two sovereigns is so petty to the resulting entities that they abandon it immediately for more fulfilling pursuits.

65535February 27, 2019 10:40 AM

@ all

Facecrook is making millions scamming the average Jane/Joe and a number of unwitting US solders – quite a lucrative business.

“The phony Facebook pages looked just like the real thing…. total cost of the scheme? Sixty dollars…researchers identified 150 soldiers, found the locations of several battalions, tracked troop movements, and compelled service members to engage in “undesirable behavior,” including leaving their positions against orders…inmates in South Carolina were busted for allegedly blackmailing 442 service members using fake personas on online dating services…”-Wired

https://www.wired.com/story/nato-stratcom-catfished-soldiers-social-media/

[Research from Stratcomcoe]

ht tps://www.stratcomcoe.org/responding-cognitive-security-challenges

for those who just wanting the pdf

ht tps://www.stratcomcoe.org/download/file/fid/79857

the last 2 links fractured for safety and OPSEC.

albertFebruary 27, 2019 2:02 PM

@EvilKiru,

In the future, AI programs will be products of AI programs.

I can't speak for mainframes, but when personal computers were just hitting the market, disclaimers weren't considered a big deal. After all, makers of everything have always tried to avoid any and all responsibilities regarding their products. This was but another example.

Now that software functionality can be a matter of life and death, it's time to reconsider those all-encompassing EULAs, etc. Unfortunately, such traditions will never be abandoned in the current system.

@Wesley Parish,

Even though I'm fascinated by technology, even military technology, the US military is way too reliant on satellites, computers, and networking. Bombs are not needed to destroy that infrastructure, just computers and knowhow.

. .. . .. --- ....

Ross SniderFebruary 28, 2019 9:53 AM

Isn't it terribly overbroad to say that this is why China stole the OPM information?

They stole it to challenge US intelligence's capability to infiltrate their country, foremost by secret identities, and second by gaining leverage on those individuals.

Anyhow, agreed that the future of warfare will involve more targetted psyops. NATO's STRATCOM and DoD have been building those capabilities for a while, and this demonstration is a good reminder of this intention and trend.

vas pupFebruary 28, 2019 4:23 PM

@martha • February 28, 2019 8:21 AM
Wow!
I'd say when anybody in US suggested you any kind of not so legal activity (stranger in particular) that is trap set up by LEA, and person is undercover agent (with 99,5% probability). Nothing personal.

For all family issues: if anybody offer you to resolve your family issue by killing your spouse for money reward, then see comment above.

Just observation.

A Nonny BunnyMarch 3, 2019 4:01 AM

@EvilKiru

@albert:
>>> "...because an AI system cannot take an oath...". Not yet, but soon.
How is that going to work when the AI maker has a disclaimer like the following?
"This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."

Well, I don't know about you, but I wasn't born with any warranty, and I can take oaths (and even keep them, probably).

EvilKiruMarch 4, 2019 6:53 PM

@A Nonny Bunny: Whereas software, which could be programmed to pretend to take an oath, can too easily be broken, leaving me with no trust that it is capable of keeping an oath, rendering meaningless any oath that software takes.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.