Facebook says efforts to subvert upcoming US elections resemble ‘new arms race’

FacebookFacebook has said it is involved in an “arms race” against “bad actors” as it announced on Tuesday the removal of accounts that allegedly tried to subvert the upcoming mid-term elections in the United States. The social-media giant said its security division had identified 32 profiles and pages that were set up for the sole purpose of disrupting, subverting or otherwise influencing the American political process. At least seven more accounts were shut down on the Instagram platform –which is also owned by Facebook– for the same reasons. In the past 14 months, the suspect accounts generated nearly 10,000 posts and were liked or followed by over 290,000 users, said Facebook.

In addition to producing memes that aimed to stir existing racial, political and religious tensions in American society, the suspect accounts are also believed to have generated approximately 150 paid advertisements, spending around $11,000 for that purpose. Moreover, close to 30 public events were organized, advertised and hosted by the suspect pages throughout the US in the past 14 months. One such event was subscribed to by 4,700 users, with another 1,400 users stating that they would attend.

In a preliminary report posted on its online newsroom, Facebook said it was too early in the investigation to identify the party or parties behind the alleged effort to influence the US mid-term elections. Its security team had detected “one instance” of a connection between this latest operation and the Russian-based Internet Research Agency (IRA), which Facebook identified as being one of the main sources behind efforts to influence the 2016 US presidential elections. But the report cautioned that the instigators of this latest attempt to influence the US political process had gone to great pains to hide their identities, affiliations and geographical coordinates. For instance, they routinely employed virtual private networks in order to disguise their internet protocol addresses. They also used third parties to purchase advertisements on Facebook and Instagram. These and many other tactics severely limited the ability of security technicians to attribute these efforts to specific countries, governments or companies, said Facebook.

Using unusually strong language to describe its ongoing probe, Facebook said that the exploitation of its platform for sinister political purposes resembled “an arms race” and that constantly changing tactics were needed to combat it. In addition to removing the suspect accounts, Facebook said it was working closer with law enforcement and leading online security firms in order to analyze and eliminate threats from what it described as “bad actors”. It added that it was “investing heavily” in more people and better technology in order to eliminate those who were trying to weaponize its communication platform for sinister goals.

Author: Joseph Fitsanakis | Date: 01 August 2018 | Permalink

Advertisements

Trump’s Twitter feed is ‘gold mine’ for foreign spies, says ex-CIA analyst

Trump 2016With nearly 53 million Twitter followers, United States President Donald Trump could easily be described as the most social-media-friendly American leader in our century. It is clear that Trump uses Twitter to communicate directly with his followers while circumventing mainstream media, which he views as adversarial to his policies. However, according to former Central Intelligence Agency analyst Nada Bakos, foreign intelligence agencies are among those paying close attention to the president’s tweets. Bakos spent 20 years in the CIA, notably as the Chief Targeter of the unit that tracked down Abu Musab al-Zarqawi, the founder of al-Qaeda in Iraq, which later evolved into the Islamic State of Iraq and Syria. In a June 23 editorial in The Washington Post, Bakos argues that President Trump’s “Twitter feed is a gold mine for every foreign intelligence agency”.

All intelligence agencies, explains Bakos, build psychological profiles of foreign leaders. These profiles typically rely on information collected through intelligence operations that are “methodical, painstaking and often covert”. The final product can be crucial in enabling countries to devise strategies that counter their adversaries, says Bakos. But with Trump, covert intelligence-collection operations are not needed in order to see what is on his mind, since “the president’s unfiltered thoughts are available night and day”, she claims. The former CIA analyst points out that President Trump’s tweets are posted “without much obvious mediation” by his aides and advisors, something that can be seen by the frequency with which he deletes and reposts tweets due to spelling and grammatical errors. These unfiltered thoughts on Twitter offer a “real-time glimpse of a major world leader’s preoccupations, personality quirks and habits of mind”, says Bakos.

Undoubtedly, she argues, foreign intelligence agencies are utilizing President Trump’s tweets in numerous ways while building his personality profile. The most obvious ways are by performing content analysis of his tweets, which could then be matched against information collected from other sources about major US policy decisions. Additionally, foreign intelligence agencies could identify media sources that the US president seems to prefer, and then try to feed information to these sources that might sway his views. Countries like Saudi Arabia and Russia may have done so already, claims Bakos. The US president’s views, as expressed through Twitter, could also be compared and contrasted with the expressed views of his aides or senior cabinet officials, in order to discern who he agrees with the least. It is equally useful to analyze the issues or events that the US president does not tweet about, or tweets about with considerable delay. One could even derive useful information about Trump’s sleeping patterns based on his tweets, says the former CIA analyst.

Bakos does not go as far as to suggest that the US president should abstain from social media. But she clearly thinks that the US leader’s use of social media is too impulsive and potentially dangerous from a national-security perspective. She also laments that, throughout her career in the CIA, her she and her team “never had such a rich source of raw intelligence about a world leader, and we certainly never had the opportunity that our adversaries (and our allies) have now”, thanks to Trump’s incessant social media presence.

Author: Joseph Fitsanakis | Date: 03 July 2018 | Permalink

Facebook shared user data with Chinese firm despite warnings by US intelligence

HuaweiThe online social media company Facebook shares data about its users with a Chinese telecommunications company that has been flagged in United States government reports as a threat to security. The New York Times revealed on Tuesday that Facebook has been routinely giving access to the private data of its users to four Chinese companies since at least 2010. The paper said that the data-sharing agreement with Lenovo, Oppo, TCL, and Huawei Technologies, has its roots in 2007. That was the year when Facebook began an effort to entice cell phone hardware and software manufacturers to include Facebook-friendly apps and features in their products. As part of the agreement, Facebook gave cell phone manufacturers access to its users’ private data, including “religious and political leanings, work and education history and relationship status”, said the Times.

However, several sources in the United States, United Kingdom, Australia and other governments, have repeatedly flagged Huawei as a company that is uncomfortably close to the Chinese government and its intelligence agencies. In 2011, the US Open Source Center, which acts as the open-source intelligence arm of the Office of the Director of National Intelligence, became the first US government agency to openly link Huawei with the Chinese intelligence establishment. It said that Huawei relied on a series of formal and informal contacts with the Chinese People’s Liberation Army and the Ministry of State Security, which oversee and administer China’s military and civilian intelligence apparatus. In 2013, the British government launched an official review of Huawei’s involvement in the UK Cyber Security Evaluations Centre in Oxfordshire, England, following a British Parliament report that raised strong concerns about the Chinese company’s links with the government in Beijing. And last year the Australian government expressed concern about Huawei’s plan to provide high-speed Internet to the Solomon Islands, a small Pacific island nation with which Australia shares Internet resources.

In a statement, Facebook said that all data shared with Huawei remained stored on users’ phones and was not downloaded on the Chinese’ company’s private servers. It also said that it would “phase out” the data-sharing agreement with Huawei by the middle of June. The Times noted on Tuesday that Facebook has been officially banned in China since 2009. However, the social media company has been trying to make a comeback in the Chinese market, by cultivating close links with Chinese Communist Party officials. Facebook founder Mark Zuckerberg visited China in October of last year, and met with Chinese Premier Xi Jinping and other senior officials.

Author: Joseph Fitsanakis | Date: 06 June 2018 | Permalink

India arrests commando instructor who fell for Pakistani honey trap on Facebook

Garud Commando ForceIndian authorities have arrested an Indian Air Force officer for allegedly giving classified documents to two Pakistani spies on Facebook, who posed as women interested in him. The officer has been named as Arun Marwaha, a wing commander stationed at the Indian Air Force headquarters in Delhi. Marwaha, 51, is a para-jumping instructor who trains members of India’s Garud Commando Force —the Special Forces unit of the Indian Air Force. He was reportedly due to retire in 2019.

According to Indian government investigators, several months ago Marwaha was befriended by two Facebook users who claimed to be Indian women. He began chatting regularly with them on Facebook and eventually on the popular cell phone messenger service WhatsApp. Within weeks, Marwaha’s WhatsApp exchanges with the women had become intimate in nature. Before long, the Indian Air Force instructor was providing the women with classified documents in return for intimate photos of themselves. Media reports state that the classified documents related to special operations, some involving cyberwarfare, and space reconnaissance. Government investigators claim that Marwaha’s Facebook contacts were in fact male officers of Pakistan’s Inter-Services Intelligence (ISI), who targeted Marwaha in a carefully planned honey trap operation.

According to reports, the breach caused by Marwaha was discovered last month, at which time the internal security branch of the Indian Air Force launched an investigation. Marwaha was questioned for over a week before turning over his case to Delhi Police, who arrested him on Thursday. He has reportedly been charged under India’s Official Secrets Act and is facing a jail sentence of up to 14 years. Meanwhile, the Indian Air Force is investigating whether other officers have fallen victims to similar honey trap operations by Pakistan’s ISI on Facebook.

Author: Ian Allen | Date: 09 January 2018 | Permalink

German intelligence warns European officials of fake Chinese LinkedIn profiles

BfV GermanyIn an unusual step, German intelligence officials have issued a public warning about what they said are thousands of fake LinkedIn profiles created by Chinese spies to gather information about Western targets. On Sunday, Germany’s Federal Office for the Protection of the Constitution (BfV) held a press conference in which it said that it had discovered a wide-ranging effort by spy agencies in China to establish links with Westerners. The agency said that it undertook a 9-month investigation, during which it identified 10,000 German citizens who were contacted by Chinese spy-run fake profiles on LinkedIn. Across Europe, the number of targets could be in the hundreds of thousands, according to the BfV.

The main targets of the operation appear to be members of the German and European Union parliaments. Also targeted are members of the armed forces, lobbyists and researchers in private think tanks and foundations in Germany and across Europe. These individuals were all targeted as part of “a broad attempt to infiltrate Parliaments, ministries and administrations”, said BfV Director Hans-Georg Maassen. He added that the fake LinkedIn profiles are of people who claim to be scholars, consultants, recruiters for non-existent firms, or members of think tanks. Their profile photographs are usually visually appealing and are often taken from fashion catalogs or modeling websites. During the press conference BfV officials showed examples of what they said were fake LinkedIn accounts under the names “Rachel Li” and “Alex Li”. The two identified themselves as a headhunter for a company called RiseHR and a project manager at the Center for Sino-Europe Development Studies, respectively. The information on these accounts was purely fictitious, said the BfV officials.

Individuals who have been targeted by the Chinese include European politicians and senior diplomats, according to the Germans. Many were invited to all-expenses-paid conferences or fact-finding trips to China by their LinkedIn contacts, presumably in attempts to recruit them for Chinese intelligence. At the closing of the press conference, the BfV urged European officials to refrain from posting private information on social media, including LinkedIn, because foreign intelligence operatives are actively collecting data on users’ online and offline habits, political affiliations, personal hobbies and other interests. In a statement issued on Monday, the Chinese government dismissed the German allegations, saying that the BfV’s investigation was based on “complete hearsay” and was thus “groundless”. Beijing also urged German intelligence officials to “speak and act more responsibly”.

Author: Joseph Fitsanakis | Date: 11 December 2017 | Permalink

Mismanagement plagues US online program against ISIS, say sources

CENTCOM military computersWhistleblowers say mismanagement, amateurism and cronyism are plaguing a multimillion-dollar American psychological operation aimed at countering online propaganda by the Islamic State. The program, known as WebOps, was established by the United States Department of Defense during the administration of US President Barack Obama. Its stated goal is to counter efforts by the Islamic State (also known as the Islamic State of Iraq and Syria —ISIS) to spread propaganda and recruit followers using online social media. Since its creation, it has been administered by the US Central Command’s Information Operations Division. But its implementation has been contracted to Colsa Corporation, a private company based in the US state of Alabama. The company specializes in providing services for US government agencies, some of which include the use of specialized software that utilizes information found on social media.

According to the Associated Press news agency, WebOps staff consists of civilian analysts who speak Arabic. Every day, using fabricated online profiles, they browse social media platforms like Facebook and Twitter looking for pro-ISIS activity to counter. But the news agency said on Tuesday that it spoke to several people with knowledge of the program, who claim that it is plagued by incompetence, mismanagement and cronyism. They allege that analysts involved in WebOps have limited experience in counter-propaganda, incomplete understanding of Islam, and little more than a basic command of Arabic. Consequently, they have been known to make crucial errors when posting messages online. The latter end up amusing their readers instead of countering ISIS propaganda. In one case, a WebOps analyst confused the Arabic word for “authority” (as in Palestinian Authority) with the similarly sounding word “salad”, thus ending up with “Palestinian salad” instead of “Palestinian Authority”. Rather than managing to counter ISIS propaganda, the message was ridiculed on social media.

The report also cited “four current or former workers” who claimed that they personally witnessed “data being manipulated” to make the WebOps program seem more successful than it has been. They also claim that the program’s administrators have purposely resisted efforts by the Department of Defense to exercise independent oversight of the program’s performance. The Associated Press said it contacted US Central Command, the Pentagon outfit that is responsible for WebOps, on January 10. But it said that no response has been received from anyone there.

Author: Joseph Fitsanakis | Date: 01 February 2017 | Permalink

Israeli military says Hamas lured its soldiers using online profiles of women

Cellular telephoneThe Israel Defense Forces told a press conference on Wednesday that hackers belonging to the Palestinian militant group Hamas lured Israeli soldiers by posing as young women online. Wednesday’s press conference was led by an IDF spokesman who requested to remain anonymous, as is often the case with the Israeli military. He told reporters that the hackers used carefully crafted online profiles of real Israeli women, whose personal details and photographs were expropriated from their publicly available social media profiles. The hackers then made contact with members of the IDF and struck conversations with them that in many cases became intimate over time. At various times in the process, the hackers would send the Israeli soldiers photographs of the women, which were copied from the women’s online public profiles.

The anonymous IDF spokesman said that, if the soldiers continued to show interest, they were eventually asked by the hackers posing as women to download an application on their mobile telephones that would allow them to converse using video. Once the soldiers downloaded the application, the ‘women’ would find excuses to delay using the application, or the relationships would abruptly end. But the soldiers would leave the application on their telephones. It would then be used by the Hamas hackers to take control of the camera and microphones on the soldiers’ mobile devices. According to the IDF spokesman, dozens of Israeli soldiers were lured by the Hamas scam. No precise number was given.

Media reports suggest that the Hamas hackers were primarily interested in finding out information about IDF maneuvers around the Gaza Strip, the narrow plot of densely inhabited territory that is controlled by the Palestinian militant group. They were also interested in collecting information about the size and weaponry of the Israeli forces around Gaza. Media representatives were told on Wednesday that the operation “had potential for great damage”. But the IDF claims that the harm to its operations was “minimal”, because it primarily targeted low-ranking soldiers. Consequently, according to the Israeli military, the hackers were not able to acquire highly sensitive information.

In 2009, dozens of members of Sweden’s armed forces serving with NATO’s International Security Assistance Force in Afghanistan were found to have been approached via Facebook, and asked to provide details on NATO’s military presence in the country. The Afghan Taliban are believed to have carried out the operation.

Hamas has not commented on the allegations by the IDF.

Author: Joseph Fitsanakis | Date: 12 January 2017 | Permalink