Consumerization of Warfare

  • Post author:
  • Post last modified:June 16, 2011
  • Post category:CyberwarSecurity
  • Post comments:7 Comments
  • Reading time:6 mins read

Written by Andrea Zapparoli Manzoni and Paolo Passeri. As predicted a couple of months ago, NATO admitted to use Twitter…

Continue Reading Consumerization of Warfare

Social Notice

  • Post author:
  • Post last modified:June 9, 2011
  • Post category:Social Networks
  • Post comments:0 Comments
  • Reading time:6 mins read

The relationship between social networks and law is very controversial. If, on one hand, we are now accustomed to consider…

Continue Reading Social Notice

Tweets Of Democracy

  • Post author:
  • Post last modified:May 19, 2011
  • Post category:Mobile
  • Post comments:7 Comments
  • Reading time:4 mins read

Today President Obama held his speech on the Middle East announcing a new strategy (and new investments) for the Middle…

Continue Reading Tweets Of Democracy

Social Espionage

  • Post author:
  • Post last modified:May 1, 2011
  • Post category:Security
  • Post comments:10 Comments
  • Reading time:8 mins read

Updated on 5/6/2011: Primoris Era is Back!

Few days ago the Twitter Community was shaken by the affair of @PrimorisEra AKA “The tweeter who loved me”, a Twitter user with more than 23.000 tweets and 1300 followers, depicting herself as a young, attractive woman with a keen interest in missile technology and national security strategy. Her sudden departure has subsequently created many questions and concerns about the security of information on the Internet and Social Network. As a matter of fact, more than a few Twitter users who work in national security panicked upon hearing the accusation lodged against @PrimorisEra, since it looks like she (or he) allegedly requested sensitive information using Twitter’s Direct Messaging, or DM, service, persuading several young men on Twitter (and Facebook as well) to divulge sensitive information for more than two years.

Albeit this interesting article explains the (alleged) real story behind, and in a certain manner belittles the spy story, social pitfalls (socialeaks) remain more relevant than ever.

This does not sound surprising to me: as soon as my colleague David told me the story (of course by mean of a tweet), the notorious affair of Robin Sage came immediately to my mind: a fake Facebook (and LinkedIn) Profile of a Cyber Threat Analyst, who  was capable to gain access to email addresses, bank accounts and location of secret military units from her 300 contacts, persuading them to be a 25-year-old “cyber threat analyst” at the Naval Network Warfare Command in Norfolk, Virginia, graduated from MIT, with 10 years of work experience, despite her young age (she was also given private documents for review and was offered to speak at several conferences).

Lesson learned? Not at all, (nearly) every security professional should know very well, at least in theory, the story of Robin Sage and the consequent risks connected with a fickle Social behavior, most of all in those blurred cases when professional and personal information overlaps. Never ignore the first rule: young attractive girls have nothing to do with geeks, even if they often have persuading arguments, sometimes so persuading to tear down the personal natural defenses (the first form of “physical” security), especially in those cases (as in the example of Robin Sage) when other trusted peers have already fallen in the (honey)trap, and consequently appear between the contacts of the fake profile.

Even if @PrimorisEra or @LadyCaesar (another pseudonym of her Digital Identity) is not a spy in the pay of any foreign country, the possibility to use the Social Network for espionage, SecOps, or PsyOps is far from being remote. Indeed is a consolidated practice and may already rely on an (in)famous example: the one of Anna Chapman, the 28 years old Russian Spy, living in new york, arrested on 27 June 2010, together with other 9 people, on suspicion of working for Illegals Program spy under the Russian Federation’s external intelligence agency. One of the noticeable aspects of the whole story was just her Facebook profile full of hot pictures (and equally hot comments) used to attract friends, and probably as one of the ways to grab information (curiously it looks like she did not show how many friends she had, as to say, unlike everyone else, that spies apparently know how to deal with Facebook privacy settings.

(more…)

Continue Reading Social Espionage