Spies used Facebook to steal NATO officials' private data

Facebook is turning out to be a spy's best friend, after it was used in the theft of private data of North Atlantic Treaty Organization (NATO) officials.

 

Senior British military officers and Ministry of Defence officials were among those who fell for the scam, according to a report on UK's The Telegraph.

 

The report said the officials accepted "friend requests" from a bogus account for American Admiral James Stavridis, NATO's supreme Allied commander.

 

Stirvis was in charge of operations in Libya to bring about the end of Colonel Muammar Gaddafi's regime.

 

"They thought they had become genuine friends of Nato's Supreme Allied Commander - but instead every personal detail on Facebook, including private email addresses, phone numbers and pictures were able to be harvested," The Telegraph report said.

 

While NATO officials are mum on who was behind the attack, the Sunday Telegraph cited classified briefings where military officers and diplomats were told the evidence pointed to "state-sponsored individuals in China."

 

"Although they are unlikely to have found any genuine military secrets from the Facebook accounts they accessed, the incident is highly embarrassing," The Telegraph said.

 

Following the incident, NATO has advised senior officers and officials to open their own social networking pages to prevent a repeat of the security breach.

 

Also, Stirvis' bogus Facebook account has been permanently deleted from the Internet.

 

On the other hand, The Telegraph said Facebook uses sophisticated techniques to identify bogus accounts which it said have different footprints compared to genuine Facebook users.

 

"After the profile was reported to us, it was taken down as soon as we were notified and investigated the issue," it quoted a Facebook spokesperson as saying.

 

The Telegraph also said officials at SHAPE, the Supreme Headquarters Allied Powers Europe, reluctantly confirmed that its commander had been targeted.

 

"This type of compromising attempts are called 'social engineering' and has nothing to do with 'hacking' or 'espionage,'" it quoted a SHAPE spokesperson as saying.

 

A NATO official added there have been several fake supreme allied commander pages.

 

The official added Facebook has cooperated in taking them down, even as the official said they are not aware that they are Chinese.

 

"The most important thing is for Facebook to get rid of them. First and foremost we want to make sure that the public is not being misinformed. Social media played a crucial role in the Libya campaign last year. It reflected the groundswell of public opposition, but also we received a huge amount of information from social media in terms of locating Libyan regime forces. It was a real eye-opener. That is why it is important the pubic has trust in our social media," the commander said.

 

Scope of stolen information

 

While it is not known how much information was harvested, The Telegraph said huge amounts of information may have been taken and can be used to produce detailed profiles of potential targets for espionage —or even blackmail.

 

Senior NATO staff were warned about the fake account late last year and made representations to Facebook.

 

'Spear fishing' tactics

 

The so-called "spear fishing" exercise is the latest tactic in the use of the Internet to spy on key Western figures and to steal their secrets.

 

Among the items stolen are said to be the secrets of stealth aircraft, submarine technology, the space programme and solar energy, The Telegraph said.

 

"We see thousands of breaches every month across all industry and retail, infrastructure and across all sectors. We know that the capabilities of foreign states are substantial and we know the type of information that they are targeting," Shawn Henry, the Federal Bureau of Investigation's executive assistant director in charge of targeting cyber crime said.

 

The state-sponsored attacks are aimed at stealing information to give them an economic, political and military advantage.

 

On the other hand, some hawkish figures in the US also fear that a hostile country or terror group might launch a "cyber war" against them attempting to attack and destroy military and civil infrastructure using viruses or other electronic weapons, though most experts think this is highly unlikely.

 

It is similar to the so-called "Night Dragon" attacks which targeted executives of some of the world biggest oil and gas companies.

 

Security expert Dmitri Alperovich, who helped uncover the "Night Dragon" breach, says Western businesses and Government are all routinely being targeted.

 

"They will know your strategy, your price list, everything to undercut and beat you. The Chinese are using every trick in the book... They stole emails between executives about high level negotiations. They are stealing their negotiation playbook and then they outbid them.If they know your strategy they can't lose," he said. — TJD, GMA News