Blog Archives
Facebook ‘Friend’ or Foreign ‘Spy’
The internet and the current phenomenon of social media has changed the way we communicate, do business and even socialize, it is a paradigm shift that society has embraced at such speed and ease that rarely a moment goes by in a civilised nation where such technology has not impacted each and every person.
The way in which social media flourishes is that it requires engagement and ‘engagement’ is encouraged by ‘sharing’, and ‘sharing’ comes in various forms whether it be via Facebook’s or LinkedIn ‘Likes’ or actual ‘sharing’ buttons, to sharing the mobile App you have downloaded via a ‘share’ button.
Sharing introduces a whole new realm to how we perceive trust. Studies have shown that the majority of the figures below are a result of people ‘sharing’.
General Internet statistics 2012
- In one day on the Internet:
- Enough information is consumed to fill 168 million DVDs
- 294 billion emails are sent
- 2 million blog posts are written (enough posts to fill TIME magazine for 770 million years)
- 172 million people visit Facebook
- 40 million visit Twitter
- 22 million visit LinkedIn
- 20 million visit Google+
- 17 million visit Pinterest
- 4.7 billion minutes are spent on Facebook
- 532 million statuses are updated
- 250 million photos are uploaded
- 22 million hours of tv and movies are watched on Netflix
- 864,000 hours of video are uploaded to YouTube
- More than 35 million apps are downloaded
- More iPhones are sold than people are born
(http://thesocialskinny.com/100-social-media-mobile-and-internet-statistics-for-2012/)
As we know ‘sharing’ brings trust, loyalty and generally out of this comes relationship development, whether personal or professional and in turn it is here vulnerabilities may emerge.
Recently the media has been awash with not only industrial cyber espionage reports but of a major issue facing the internet community and that is ‘country sanctioned’ cyber espionage and or attacks.
History may one day reveal that as the United States fretted over the possibility of a “cyber Pearl Harbor” – a catastrophic attack that would take down electrical grids – its economic lifeblood was being slowly drained away by a massive hacking enterprise located in the People’s Republic of China. (Magnuson, 2012)
Cyber Command Commander Army Gen. Keith Alexander last year called the cyber-espionage being conducted against U.S. companies the largest transfer of intellectual property from one nation to another in the history of the world. (Magnuson, 2012)
Eric Rosenbach, deputy assistant secretary of defense for cyber policy, said the nation is not as focused on intellectual property theft as it should be. A catastrophic cyber war is important to prepare for, but an unlikely scenario. Stealing data important to the nation’s economic security, meanwhile, is occurring here and now. (Magnuson, 2012)
We all have seen them on our travels or have had friends bring back ‘knock offs’ from trips to Asia, watches, handbags, sunglasses, fashion items even IPHONEs and computer software. All produced with such high quality similarities that it is hard at times to distinguish the ‘fake’ from the real item.
The proliferation of the internet and its related activity has allowed for ‘copying’ to occur at a rate that cannot be controlled or monitored. The aforementioned figures identify the staggering internet traffic and streaming that is taking place on any given day.
Experts describe a large, technologically advanced and well organized enterprise coming out of China that is going after businesses large and small. Any firm that has a trade secret, or could be used as a stepping stone to a larger company, is a potential target. Intellectual property theft has the potential to erode a company’s profits or even bankrupt it. There is no magical software that can stop every intrusion attempt, but even companies with few resources can take steps to mitigate the risk, experts told National Defense. (Magnuson, 2012)
To thwart the Chinese cyber-espionage enterprise, it is important to characterize it. In the world of network security, it was once called the “advanced persistent threat.” But government officials have done away with using that euphemism: it’s China, they now say. The October 201 1 “Foreign Spies Stealing U.S. Economic Secrets in Cyberspace” report, produced by the FBI‘s office of national counterintelligence executive, acknowledged that the attacks came from China, but stopped short of blaming the Chinese government, which routinely denies involvement. (Magnuson, 2012)
Jason Lewis, chief technology officer of Looking Glass Cyber Solutions, said, “In general, when you have a situation where the state runs everything, you have to assume that the state is involved in any enterprise.”
Phishing Attacks
In country “scouts” doing the reconnaissance are increasingly using social media websites to gather personal information to use in phishing attacks, said Dave Papas, chief operating officer of Cyveillance, a subsidiary of QinetiQ North America that provides security for Fortune 500 companies. (Magnuson, 2012)
Friends, hometowns, hobbies, anything that can be placed in the email to make the target believe it is a legitimate message, can be used and every piece of information is a means to an end.
It was recently reported in the Australian Financial Review that an “…Australian chief executive was travelling in China recently when he received a curious email from his adult daughter asking if “Daddy” was having a good time. But it wasn’t his daughter who had sent the email…” (Grigg, 2013) It was a ‘phishing’ attack to penetrate the chief executives lap top and such a line in the email idicates the logistical efforts of a well resourced and technologically advanced team to not only hack into the executives daughters email but to establish his travel movements and the like. Had it not been for the executive being alert and realising that his daughter had not called him ‘daddy’ for a long time, the attempt by the perpetrators failed on this occasion.
This attack is a clear example of an attack that attempts to infiltrate a network in the form of an phishing email, a well-crafted letter that seemingly comes from a friend or business associate. This tactic has not changed in years, but is growing more sophisticated and frequent. Why? Phishing attacks work and, “it is a lot easier to control humans than the technology,” said Rick Doten, vice president of cybersecurity for DMI, a firm that does work for the U.S. government. (Magnussen, 2012)
This example clearly, supports that we must not count on it being written in anguished English like the common scam letters purportedly originating from Nigerian princesses as it is common place now that native speakers of English are helping compose the phony emails.
Once an attachment or a link to a fake website is opened, specialists in moving around a network without being detected take over and probe for other vulnerabilities. This may mean taking over an email account in order to generate more trusted, fake emails as most likely would have bene the case with the example identified in the Australian Financial Review.
It is well founded that smaller companies, particularly in the defense industrial base, may be used to go after bigger companies – big prime contractors – higher in the food chain. Once the cyberspies have located the information they want, another team takes over to exflltrate it. It is ideally ferreted away in normal traffic without being detected. (Magnussen, 2012)
Unit 61398
Unit 61398 Shanghai
Open source defence journals have reported the following:
- A US company has identified an organisation in China that it says is responsible for stealing hundreds of terabytes of data from US government organisations and companies
- According to the company, the organisation receives direct funding from the Chinese government through a PLA department called Unit 61398
China is conducting a campaign of sustained and persistent state-sponsored hacking by an organisation referred to as Advanced Persistent Threat 1 (APT1), according to a report from US cyber security company Mandiant that was released on 18 February.
The report, entitled ‘APT1: Exposing One of China’s Cyber Espionage Units’, details wide-ranging hacking activities that Mandiant has traced back to China. It focuses on a particular series of cyber security breaches and intrusions carried out against at least 141 victims from 2006, all of which Mandiant has attributed specifically to APT1. According to the report, “hundreds of terabytes” of data have been stolen in these attacks.
Mandiant concludes that APT1 is able to carry out such sustained and extensive hacking activities because it receives direct government backing. It names the 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s 3rd Department, or Unit 61398, as the organisation behind this activity. This group is also informally referred to as Comment Crew or Comment Group. Mandiant states the allegations are based on its own forensic analysis of similarities in the characteristics and geographical sources of hacking activity.
Comment Crew’s activities were traced to the Pudong New Area of Shanghai, where Unit 61398 is believed to engage in computer network operations. Mandiant said Unit 61398 is staffed by “hundreds, if not thousands” of people that have undergone cyber training and are proficient English speakers. Of the victims tracked in the Mandiant report, 87% are headquartered in countries where English is the native language.
Andrew Beckett, head of cyber security consulting at Cassidian, told IHS Jane’s that “the Mandiant report provides no surprise to those involved in cyber security and this should provide a wake-up call to industry and governments. Comment Crew are one of many groups Cassidian know of that are operating in this area”.
China’s Ministry of National Defence rejected Mandiant’s findings. “The Chinese military has never supported any kinds of hacker activities, so saying that the Chinese military is involved in internet attacks is neither professional nor consistent with the facts,” it said in a statement released on 19 February.
However, I recall from one of my lectures in my Masters of National Security, from American Military University that China allegedly has in excess of 50,000 persons engaged in ‘internet espionage at any one time.
So, next time you get that ‘friend’ request or you ‘like’ or ‘fan’ a page in Facebook or in any other form of social media or email, always remember that ‘friend’ or ‘like’ could be just be a foreign spy……
References:
Grigg, A, 2013, ‘Australian Execs Among Those Hacked In China’ The Australian Financial Review, 26 January 2013.
Magnuson, S. (2012). Stopping the chinese hacking onslaught. National Defense, 97(704), 26-28. Retrieved from http://search.proquest.com/docview/1026586020?accountid=8289
Social Skinny, 2012, http://thesocialskinny.com/100-social-media-mobile-and-internet-statistics-for-2012/
Twitters Transparancy Report and Government Surveillance
As reported in the Huffington Post on 28 January 2013, Twitters second transparency report was released last week and the report disclosed that 1,009 requests for Twitter account information was received by Twitter from July 2012 to December 2012.
Twitters Manager of legal policy, Jeremy Kessel, said in a recent blog post that: “It is vital for us (and other Internet services) to be transparent about government requests for user information and government requests to withhold content from the Internet,” where he believed that: “These growing inquiries can have a serious chilling effect on free expression — and real privacy implications.”
Under US law, Twitter is often asked to hand over data without warrant under the 1986 Electronic Communication Privacy Act where the requests are usually for E-Mail addresses associated with the Twitter account.
The Power of Twitter and The Sharing Of Information
It is interesting to note in the Transparency Report that Twitter received requests from almost 30 countries for user information and almost all were denied as Twitter believes that it is under no obligation to hand over information to foreign governments because almost all of its servers and employees are in the US.
However as announced recently, Twitter is planning to open an office in Australia in 2013, and as they will have an Australian presence they may well find requests from local law enforcement agencies being served on them for information.
Will Twitter be a ‘good corporate citizen’ and comply with Australian requests or will they ignore such requests by saying that all of its data is stored offshore and therefore not subjected to Australian laws?
Recently in a radio interview, Communications Minister Stephen Conroy voiced his frustration, where he said: “My department has been trying to get in touch but they (Twitter) have no Australian presence,” and it is well known that these frustrations are held by many government and law enforcement agencies across the globe.
Maybe the Australian office will be the solution or will Australian authorities have to continue to rely on the Mutual Assistance In Criminal Matters Act 1987 (Cth), which from experience can be a very slow process that requires requests being made by the Australian Attorney Generals Office to member states.
Mutual assistance is an important tool in obtaining evidence for the investigation and prosecution of transnational crime, particularly drug trafficking, fraud, money laundering, child pornography and other child exploitation offences and terrorism offences.
As outlined in the Australian Attorney Generals Mutual Assistance In Criminal Matters legislation summary, mutual assistance is the process countries use to obtain government to government assistance in criminal investigations and prosecutions. Mutual assistance is also used to recover the proceeds of crime. Mutual assistance to and from Australia is governed by the Mutual Assistance in Criminal Matters Act 1987 (Cth) (the Mutual Assistance Act).
Australia can make requests to any foreign country and can receive requests from any foreign country where countries assist on the understanding that they will receive assistance in return when the need arises and the process is assisted by over 25 bilateral mutual assistance treaties to which Australia is a party.
Overview of the Mutual Assistance Process
Mutual Assistance in Criminal Matters Act Process
Overall, it will be interesting to see how Twitter will operate their Australian office and most importantly how will they deal with law enforcement requests for user information.
Reference:
Australian Attorney Generals International Relations 2013, http://www.ag.gov.au/Internationalrelations/Internationalcrimecooperationarrangements/MutualAssistance/Documents/Mutual%20assistance%20overview.pdf accessed 28 January 2013.
Huffington Post, http://www.huffingtonpost.com/2013/01/28/twitter-transparency-report_n_2569250.html accessed 29 January 2013.
Trial By Social Media
It has been well documented lately that uploading compromising pictures can have lifelong consequences. Images depicting drunken behaviour, explicit sexual activity to attending sporting events or social activities whilst on ‘sick leave‘ can all have lifelong consequences.
Lord Leveson of the United Kingdom recently spoke at a privacy seminar in Sydney recently and given he led the inquiry into the British phone hacking scandal he is well qualified to remind us of ‘trial by social media‘ and its consequences.
The following article in the The Age Newspaper clearly identifies this digital age phenomena that is gripping our society and ruining the lives of school children, adolescents and adults alike.
Awareness, education and communication are paramount tools in the fight against the surge in ‘trial by social media’ and the more aware we all are of the ramifications of inappropriate social media activity the less damage will be incurred by all.
English: Infographic on how Social Media are being used, and how everything is changed by them. (Photo credit: Wikipedia)
The Dark Side Of Facebook & College Admissions
Profile shown on Thefacebook in 2005 (Photo credit: Wikipedia)
Who would have thought back in 2005 when Facebook was first released that in 2011 a survey of 359 college admissions officers from leading Colleges in the United States would reveal that 24% of them would review an applicants social media activity? A recent post by Allen Grove highlights how a persons Facebook profile may sabotage ones chances of getting into college. The posting titled, ‘Facebook, Google and College Admissions Don’t Let Social Networking and Your Online Image Sabotage Your Chances’ is a timely reminder for all to sit down with their college bound children and discuss how tidying up their social networks may in fact just enhance the possibility of being accepted into College.
However, once your children are granted access to social media accounts and platforms it is imperative that all communication channels are open where dialogue is encouraged between the child and parent alike to reinforce positive social media activity.
Positive social media activity can identify how responsible the owner of the account is and how they interact with society in general. Posts relating to charitable activities, volunteer work and ‘feel good’ moments all can work in a positive way to self promote the social media account holder as a person that should be considered for a college position or employment.
http://collegeapps.about.com/od/theartofgettingaccepted/a/Facebook.htm
Bradley W. Deacon
