Belgian intelligence employees ‘outed themselves’ on LinkedIn

Several alleged employees of Belgian security and intelligence agencies have revealed their identities on social networking sites, it has been reported. Belgian newspaper De Standaard, which made the revelation in a leading article on Tuesday, said that many LinkedIn and Facebook users appear to list their employer as Belgium’s State Security Agency (Sûreté de l’État or SE/SV) or the Coordinating Body for Threat Analysis (OCAM/OCAD). The SE is Belgium’s foremost civilian intelligence agency, operating under the country’s Ministry of Justice. OCAM is one of Belgium’s several anti-terrorist intelligence collection and analysis agencies, which operates under the joint supervision of the Justice and Interior Ministries. De Standaard contacted the two agencies, which refused to comment on whether the social networking profiles are authentic. But the paper spoke with an unnamed Belgian senior intelligence official, who said that this was potentially a very serious issue for Belgian national security. “Russian and Chinese intelligence services employ thousands of people”, said the official, “and have the resources and time to manually search for such profiles and then exploit the information they provide. Our people could, by their very presence on such sites, become the target of hostilities”. De Standaard also spoke to Belgian Senator Dirk Claes, who is a member of the country’s Parliamentary Committee on Intelligence. He told the paper that his colleagues in the Committee would be up in arms if the profiles turned out to be authentic. “These individuals have security clearances and are obligated to stay in the background, as much as possible. I will be raising this issue in the [Intelligence] Committee”, Claes told De Standaard. Read more of this post

Did US spies hack French government computers using Facebook?

The Palais de l'ÉlyséeBy JOSEPH FITSANAKIS | |
A sophisticated computer virus discovered at the center of the French government’s secure computer network was planted there by the United States, according to unnamed sources inside France’s intelligence community. Paris-based magazine L’Express, France’s version of Time magazine, says in its current issue that the alleged American cyberattack took place shortly before last April’s Presidential elections in France. It resulted in the infection of the entire computer system in the Palais de l’Élysée, which is the official residence of the President of France. The French magazine cites unnamed sources inside the French Network and Information Security Agency (ANSSI), which is responsible for cybersecurity throughout France. The sources claim that the snooping virus allowed its handlers to gain access to the computers of most senior French Presidential aides and advisers during the final weeks of the administration of French President Nicolas Sarkozy, including his Chief of Staff, Xavier Musca. The article claims that the virus used a source code nearly identical to that of Flame, a super-sophisticated version of Stuxnet, the virus unleashed a few years ago against the computer infrastructure of the Iranian nuclear energy program. Many cybersecurity analysts believe that the US and Israel were instrumental in designing both Stuxnet and Flame. IntelNews understands that the alleged virus was initially directed at employees of the Palais de l’Élysée through Facebook. The targets were allegedly befriended by fake Facebook profile accounts handled by the team that operated the virus. The targets were then sent phishing emails that contained links to phony copies of the login page for the Palais de l’Élysée intranet website. Read more of this post

News you may have missed #791

Liang GuanglieBy IAN ALLEN | |
►►India sees espionage behind Chinese cash payments to Indian pilots. According to Indian government sources, Chinese Defense Minister General Liang Guanglie gave two envelopes to the two Indian pilots, both wing commanders, who had flown him in a special Indian Air Force aircraft to New Delhi from Mumbai. After seeing off Liang, the pilots opened the sealed envelopes and found cash gifts inside. They immediately reported this to their superiors, who, in turn, informed the Indian Defense Ministry. India is now planning to lodge a protest with China over the incident.
►►NSA says foreign cyberattacks increasingly reckless. Debora Plunkett, of the secretive National Security Agency, whose responsibilities include protecting US government computer networks, has said that other nations are increasingly employing cyberattacks without “any sense of restraint”, citing “reckless” behaviors that neither the United States nor the Soviet Union would have dared at the height of Cold War tensions. She also predicted that Congress would pass long-stalled cybersecurity legislation within the next year. One wonders whether the Stuxnet incident is included in such “reckless” cyberattacks?
►►Taliban ‘using Facebook to lure Australian soldiers’. According to a review of social media by the Australian federal government, Australian soldiers are being warned by their commanders that enemies are creating fake Facebook profiles to spy on them. The report says that Taliban insurgents in Afghanistan are posing as “attractive women” on Facebook to befriend coalition soldiers and gather intelligence about operations. It adds that family and friends of soldiers are inadvertently jeopardizing missions by sharing confidential information online. This is not the first such warning in recent years.

News you may have missed #714

Tjostolv Moland and Joshua FrenchBy IAN ALLEN | |
►►British PM urged to intervene in Congo spy case. The mother of Joshua French, who has dual British and Norwegian nationality, and is facing execution in the Democratic Republic of Congo, has urged British Prime Minister David Cameron to ask Congolese authorities to pardon him. French, and his Norwegian friend Tjostolv Moland, were sentenced to death for murder and spying in the vast central African country in 2009. A prison official claimed in August last year that the pair had tried to escape, but their lawyer denies this.
►►Computers of Syrian activists infected with Trojan. Since the beginning of the year, pro-Syrian-government hackers have steadily escalated the frequency and sophistication of their attacks on Syrian opposition activists. Many of these attacks are carried out through Trojans, which covertly install spying software onto infected computers, as well as phishing attacks which steal YouTube and Facebook login credentials. According to the Electronic Frontier Foundation, the latest surveillance malware comes in the form of an extracting file which is made to look like a PDF if users have their file extensions turned off. The PDF purports to be a document concerning the formation of the leadership council of the Syrian revolution and is delivered via Skype message from a known friend.
►►Report claims Australian government spied on anti-coal activists. The leader of the Australian Greens, Bob Brown, says he is outraged at reports that the Australian Security Intelligence Organisation (ASIO) is spying on mining protesters, and says such action is a misuse of the spy agency’s resources. The revelations were reported in Australian newspapers yesterday, and are based on a Freedom of Information request to the Department of Resources, Energy and Tourism that was reportedly rejected because it involved “an intelligence agency document”. The ASIO says it cannot confirm whether it has conducted surveillance of anti-coal protesters, but it says it does not target particular groups or individuals unless there is a security-related reason to do so.

Spies seen behind fake Facebook profile of senior NATO commander

James G. StavridisBy JOSEPH FITSANAKIS| |
A Facebook account bearing the name of a senior commander of the North Atlantic Treaty Organization was set up by Chinese spies to siphon information from unsuspecting Western military officials, according to a British newspaper. The London-based Daily Telegraph said in an article that the fake Facebook account was discovered a year ago by NATO counterintelligence officers. It bore the name of United States Admiral James Stavridis, who serves as Supreme Allied Commander in Europe and currently leads the Organization’s mission in Libya. The account was reportedly used to befriend Western military officials, primarily in Britain and other European countries, probably in an attempt to collect personal information found on their personal pages on the popular social networking site. This sort of practice is known as ‘spear phishing’, and consists of messages sent to carefully targeted individuals, seemingly sent from a trusted source. The operation involving Admiral Stavridis appears to have been purposely targeted at high-ranking Western officials, a technique sometimes known as ‘whaling’. The London-based daily says NATO officials have been “reluctant to say publicly who was behind the attack”. But the paper claims it has been told that declassified briefings from NATO point to a series of Internet protocol addresses belonging to Chinese government facilities. Organization officials insist —correctly— that the individuals or government agencies behind the operation to falsify Stavridis’ social networking identity are unlikely to have acquired any actual military secrets. However, the information collected from Western military officials befriended online by Admiral Stavridis’ fake Facebook account could aid the compilation of personal and psychological profiles of these officials produced by foreign intelligence agencies. Read more of this post

Research: Spies increasingly using Facebook, Twitter to gather data

Spying on social networkingBy JOSEPH FITSANAKIS | |
During the past four years, this blog has reported several incidents pointing to the increasing frequency with which spy agencies of various countries are utilizing social networking media as sources of tactical intelligence. But are we at a point where we can speak of a trend? In other words, is the rapid rise of social networking creating the conditions for the emergence of a new domain in tactical intelligence collection? This past week saw the publication of a new research paper (.pdf), which I co-authored with Micah-Sage Bolden, entitled “Social Networking as a Paradigm Shift in Tactical Intelligence Collection”. In it, we argue that recent case studies point to social networking as the new cutting edge in open-source tactical intelligence collection. We explain that Facebook, Twitter, YouTube, and a host of other social networking platforms are increasingly viewed by intelligence agencies as invaluable channels of information acquisition. We base our findings on three recent case studies, which we believe highlight the intelligence function of social networking. The first case study comes out of the Arab Spring, which, according to one report, “prompted the US government to begin developing guidelines for culling intelligence from social media networks”. We also examine NATO’s operations during the 2011 Libyan civil war (Operation UNIFIED PROTECTOR), when Western military forces systematically resorted to social networking media to gather actionable intelligence, by utilizing open sources like Twitter to pinpoint targets for attack. Finally, we examine the sabotage by Israeli security services of the 2011 “Welcome to Palestine Air Flotilla” initiative, a campaign organized by several European groups aiming to draw worldwide attention to the travel restrictions imposed by Israeli authorities on the Occupied Territories. Read more of this post

News you may have missed #646

Syed Ghulam Nabi Fai

Syed Fai

►►Analysis: Reorganizing Colombia’s disgraced spy agency. One former director of Colombia’s Administrative Department of Security, or DAS, has been convicted of conspiring to kill union activists. A former high-ranking manager is accused of collaborating with death squads to assassinate a television humorist. Dozens of agents have been implicated in what prosecutors call a systematic effort to illegally spy on the Supreme Court and opposition politicians, which some former DAS agents said was done with US equipment and funding. The new man in charge, however, Ricardo Giraldo, is an affable bankruptcy lawyer and former university professor, and his role is decidedly different from his predecessors’: namely to dismantle the agency.
►►Russian site snubs FSB request to block opposition networking. Russia’s top social networking site on Thursday defiantly rejected a request by the Federal Security Service to block opposition groups from using it to organize street protests accusing the authorities of rigging this week’s election. Over 45,000 people in Moscow alone have pledged on Facebook and the Russian site, VKontakte, to join fresh protests on Saturday against the 12-year rule of Vladimir Putin and the victory of his United Russia party in last Sunday’s parliament vote.
►►American citizen admits he took Pakistan spy money. Ghulam Nabi Fai, who is accused of working in Washington for Pakistan’s Inter-Services Intelligence (ISI) directorate, to lobby for Kashmiri independence, has pleaded guilty to secretly receiving millions of dollars from Pakistan’s spy agency in violation of US federal laws.


Get every new post delivered to your Inbox.

Join 1,057 other followers