Dutch hacker says he logged into Trump’s Twitter account by guessing password

Twitter IA

A DUTCH ETHICAL COMPUTER hacker and cybersecurity expert claims to have logged into the personal Twitter account of United States President Donald Trump, reportedly after guessing his password. The hacker, Victor Gevers, took several screenshots of the private interface of Trump’s Twitter account, and shared them with Dutch news media, before contacting US authorities to notify them of the breach.

Trump attributes much of his popularity and electoral success to social media, and is especially fond of Twitter as a means of communication. He has tweeted nearly 20,000 times since 2015 (including re-tweets), with at least 6,000 of those tweets appearing in 2020 alone. His personal account, which uses the moniker @realDonaldTrump, has almost 90 million followers.

But Gevers, a self-described ethical computer hacker, cybersecurity researcher and activist, said he was able to guess the American president’s password and log into his Twitter account after four failed attempts. The hacker claims that Trump’s password was “maga2020!”. According to Gevers, Trump’s account did not require a two-factor authentication log-in process, which usually requires a password coupled with a numeric code that is sent to a user’s mobile telephone. As a result, Gevers said he was able to access Trump’s private messages on Twitter and —had he wanted to— post tweets in the name of the US president. He could also change Trump’s profile image, had he chosen to do so.

The Dutch hacker took several screenshots of the webpages he was able to access and emailed them to Volkskrant, a Dutch daily newspaper, and Vrij Nederland, an investigative monthly magazine. Shortly after accessing Trump’s account, Gevers said he contacted the US Computer Emergency Readiness Team (US-CERT), which operates under the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. He said the US president’s password was changed “shortly after”, and that he was then contacted by the US Secret Service.

Also on Thursday, a Twitter spokesman said the company’s security team had seen “no evidence to corroborate” Gevers’ claim. He added that the San Francisco, California-based social media company had “proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government”. Such measures included “strongly” encouraging such accounts to enable two-factor authentication, said the spokesman. But he did not specify whether Trump’s account had activated this feature. The White House also denied Gevers’ claim, calling it “absolutely not true” and adding that it would “not comment on security procedures around the president’s social media accounts”.

Author: Ian Allen | Date: 23 October 2020 | Permalink

After dropping charges, US prosecutors broaden indictment against Saudi spies

TwitterTwo days after dropping charges against three Saudi men for spying on American soil, United States prosecutors submitted a new indictment that restates the two original charges and adds five more. The original complaint was filed by the Federal Bureau of Investigation in November of last year in San Francisco, California. It accused three men of “acting as unregistered agents” of Saudi Arabia since 2015. The phrase is used in legal settings to refer to espionage.

According to the FBI, the Saudi government allegedly contacted Ali Alzabarah, a 35-year-old San Francisco-based network engineer working for Twitter. Ahmed Almutairi (also known as Ahmed Aljbreen), a “social media advisor” for Saudi Arabia’s royal family, arranged for Alzabarah to be flown to Washington to meet an unidentified member of the Saudi dynasty. He and another Twitter employee, 41-year-old Ahmad Abouammo, were allegedly given money and gifts by the Saudi government. These were given in return for the email addresses, IP addresses and dates of birth of up to 6,000 Twitter users who had posted negative comments about the Saudi royal family on social media.

Earlier this week, however, US government prosecutors filed a motion to drop the charges against the three men. The two-page filing did not offer a reason behind this sudden decision by the US government. Interestingly, however, it included a request to have the charges against the three men dismissed “without prejudice”, meaning that the US government could decide to file new charges against them in the future.

This has now happened, as the US government has filed fresh charges against the three men. In addition to the two original charges, the men have now been charged with acting as agents for a foreign government without notifying the US attorney general. They have also been charged with conspiracy to commit wire fraud, committing wire fraud and money laundering, aiding and abetting, and destroying, altering or falsifying records in a federal investigation. The indictment also specifies the financial rewards Abouammo allegedly received from the Saudi government in return for his services. These included a wire transfer for $200,000 to a shell company and associated bank account in Lebanon, as well as a luxury watch valued at $20,000.

Author: Joseph Fitsanakis | Date: 30 July 2020 | Permalink

Without explanation, US dismisses charges against Saudis caught spying on US soil

Twitter IAIn a surprising move, the United States government is seeking to dismiss espionage charges it filed last year against three men, including a member of staff of Saudi Arabia’s royal family, who were caught spying on American soil. Last November, the Federal Bureau of Investigation filed a complaint in San Francisco, accusing the three men of “acting as unregistered agents” of Saudi Arabia. The phrase is used in legal settings to refer to espionage.

According to the FBI, the charges stemmed from an investigation that lasted several years and centered on efforts by the oil kingdom to identify and silence its critics on social media. In 2015, the Saudi government allegedly reached out to Ali Alzabarah, a 35-year-old network engineer working for Twitter, who lived in San Francisco. The complaint alleges that Ahmed Almutairi (also known as Ahmed Aljbreen), who worked as a “social media advisor” for Saudi Arabia’s royal family, arranged for Alzabarah to be flown from San Francisco to Washington to meet with an unidentified member of the Saudi dynasty.

Alzabarah, along with another Twitter employee, 41-year-old Ahmad Abouammo, were allegedly given money and gifts by the Saudi government in return for supplying it with private information about specific Twitter users, according to the FBI complaint. The information provided by the two Twitter employees to the Saudi authorities allegedly included the email addresses, IP addresses and dates of birth of up to 6,000 Twitter users, who had posted negative comments about the Saudi royal family on social media. Special Agents from the FBI’s Settle field office arrested Abouammo at his Seattle home. However, Alzabarah managed to flee the United States along with his family before the FBI was able to arrest him, and is believed to be in Saudi Arabia. The FBI issued a warrant for his arrest.

In a surprising move, however, US government prosecutors have now filed a motion to drop the charges against the three men. The motion, filed on Tuesday in San Francisco, is asking for permission from the judge in the case to have all charges against the three men dismissed “without prejudice”, meaning that the US government could decide to file new charges against them in the future. The two-page filing does not offer a reason behind this sudden decision by the US government. The Bloomberg news service, which reported the news on Tuesday, said it inquired about this case by calling and emailing the Saudi Embassy in Washington, the San Francisco US Attorney’s office, and Twitter. It received no responses.

Author: Ian Allen | Date: 29 July 2020 | Permalink

Popular beer app used to trace movements of military and intelligence personnel

Untappd appResearchers have been able to uncover the identities and track the movements of military and intelligence personnel by using visual and geo-locational information found on a popular smartphone application for beer aficionados. The information uncovered included the home addresses of United States government personnel, some of whom were found to be working at a secret Central Intelligence Agency (CIA) facility.

The application, or “app” in question is Untappd, which is arguably the most popular social media platform for beer aficionados in the United States and much of Western Europe. The app is believed to have over 8 million users worldwide, with many of whom serving in the armed forces or intelligence agencies. Untappd users are able to rate beers, share reviews of breweries and bars, post photographs, and discuss their findings with other users.

Earlier this week, a team of researchers working for the investigative website Bellingcat said that visual and geo-locational information collected from Untappd users compromised the movements and whereabouts of military and intelligence personnel who used the app.

Much of the information was collected by monitoring the activity of app users at bars or breweries located near known facilities belonging to intelligence agencies or the military —including the Pentagon. In one case, the movements of an individual user were traced all the way from his home to the Armed Forces Experimental Training Activity (AFETA). Known as Camp Peary, AFETA is a United States Department of Defense facility that is believed to be home to the CIA’s training grounds.

In other instances, photographs of beers posted by Untappd users contained snippets of US government employee badges, sensitive or classified documents, and even credit card and other personal information. Used collectively, the data extracted from the app could be utilized to build travel and habit profiles of users, including the work and home locations of military and intelligence personnel, said Bellingcat.

Author: Joseph Fitsanakis | Date: 21 May 2020 | Permalink

Europol culls thousands of Islamic State online accounts in ‘day of action’

Telegram AppThe law enforcement agency of the European Union, in cooperation with the popular online messaging service Telegram, has culled thousands of Islamic State online accounts in what it described as “a day of action”. The operation was coordinated by the European Union Agency for Law Enforcement Cooperation, better known as Europol. The agency coordinated its activities with the popular instant-messaging service Telegram, which the Islamic State has used as its main platform of mass communication since 2014.

In a press release that appeared on its website on Friday, Europol said that it had managed to locate “a significant portion of key actors within the Islamic State network on Telegram” and “push [them] away from the platform”. The messaging app confirmed the joint “day of action” with Europol and said it took down over 5,000 “terrorist accounts and bots” from its network on November 22 and 23. The company said this was nearly 10 times higher than the usual number of user accounts taken down daily for violating its user agreement.

The BBC said that the removal of the accounts appeared to affect heavily the activities of the Nashir News Agency, an Islamic State propaganda outlet that uses the Telegram app to publicize press releases from the Islamic State. Dozens of online channels and community groups that were moderated by Nashir News Agency editors were also impacted, as their moderators had disappeared from the network. On Saturday, some Telegram users began posting information about replacement accounts for Nashir News Agency press releases, but these too were taken down within hours.

This was the second major “day of action” against online terrorist propaganda that Europol coordinated, with the first one being in April of last year. But critics argue that such efforts are unlikely to have a long-term impact on the ability of terrorist groups to spread online propaganda, unless they are constant and systematic. Meanwhile, Islamic State sympathizers criticized the Telegram service on other social media platforms and warned that moves to silence the group would result in its membership going deeper underground.

Author: Joseph Fitsanakis | Date: 26 September 2019 | Permalink

FBI charges Twitter employees with working as spies for Saudi Arabia

TwitterUnited States authorities have charged two employees of the social media firm Twitter and a member of staff of Saudi Arabia’s royal family with spying for Riyadh. The Federal Bureau of Investigation filed a complaint on Wednesday in San Francisco, accusing the three men of “acting as unregistered agents” for Saudi Arabia. The phrase is used in legal settings to refer to espionage.

According to the FBI, the charges stem from an investigation that lasted several years and centered on efforts by the oil kingdom to identify and silence its critics on social media. In 2015, the Saudi government allegedly reached out to Ali Alzabarah, a 35-year-old network engineer working for Twitter, who lived in San Francisco. The complaint alleges that Ahmed Almutairi (also known as Ahmed Aljbreen), who worked as a “social media advisor” for Saudi Arabia’s royal family, arranged for Alzabarah to be flown from San Francisco to Washington to meet with an unidentified member of the Saudi dynasty.

Alzabarah, along with another Twitter employee, 41-year-old Ahmad Abouammo, were given money and gifts by the Saudi government in return for supplying it with private information about specific Twitter users, according to the complaint. The information provided by the two Twitter employees to the Saudi authorities allegedly included the email addresses, IP addresses and dates of birth of up to 6,000 Twitter users, who had posted negative comments about the Saudi royal family on social media.

Special Agents from the FBI’s Settle field office arrested Abouammo at his Seattle home on Tuesday. However, Alzabarah is believed to have fled the United States along with his family before the FBI was able to arrest him. He is currently believed to be in Saudi Arabia and is wanted by the FBI, which has issued a warrant for his arrest. The Saudi government has not commented on the case. Twitter issued a statement on Wednesday, saying it planned to continue to cooperate with the FBI on this investigation.

Author: Joseph Fitsanakis | Date: 07 November 2019 | Permalink

Facebook shuts down suspected state effort to prop up Sudanese military regime

Sudan civil unrestFacebook has shut down a well-funded online campaign to support Sudan’s military regime, which some say is part of wider efforts by Egypt, the United Arab Emirates and Saudi Arabia to stop democratic reforms in Sudan. The northeast African country has experienced civil unrest for more than a year. In February Sudan’s longtime strongman, Omar Hassan al-Bashir, fell from power after 30 years, following prolonged popular protests. But the new military junta that succeeded him launched a violent campaign of suppression against the country’s pro-democracy movement. The junta’s leaders have relied heavily on ample support provided by three close American allies, namely Egypt, Saudi Arabia and the United Arab Emirates. Meanwhile, the student-led pro-democracy movement has taken to the Internet to mobilize the Sudanese population. The regime has at times shut down the Internet in an attempt to stop pro-democracy organizers from spreading their message online.

Now it has emerged that Facebook detected and terminated a systematic misinformation campaign to promote the views of the Sudanese regime while also slamming the pro-democracy movement as reckless and irresponsible. The campaign was reportedly carried out by two self-described “digital marketing” companies: New Waves, headquartered in Egypt, and Newave, which is based in the Emirates. According to Facebook, the two companies worked in parallel to establish hundreds of fake accounts on social media platforms such as Facebook and Instagram. They also spent nearly $170,000 to promote material that was posted online by an army of paid users. The latter were allegedly paid $180 a month to post disinformation and other forms of carefully directed propaganda on social media. A total of 13.7 million Facebook and Instagram users were reached in the course of the disinformation campaign, according to Facebook. Twitter and Telegram were also employed by the two companies to post messages in favor of the Sudanese military. Other messages extoled the Libyan warlord Khalifa Haftar, as well as Muse Bihi Abdi, president of the self-declared state of Somaliland. Egypt, Saudi Arabia and the Emirates are staunch supporters of both Haftar and Abdi.

Facebook said it had been unable to collect evidence of a direct link between the New Waves/Newave disinformation campaign and the governments of Egypt, Saudi Arabia and the United Arab Emirates. But it added that the features of the campaign bore the hallmarks of a state-run operation. The New York Times, which reported on the story last week, said the Emirati company, Newave, did not respond to several requests for a comment. Amr Hussein, an Egyptian former military officer who owns the Cairo-based New Wave, issued a public statement calling Facebook “liars” and denying he had any links to the Emirates.

Author: Joseph Fitsanakis | Date: 11 September 2019 | Permalink

Many countries, not just Russia, are trying to influence US elections, experts warn

TwitterSeveral countries are behind organized efforts to influence electoral politics in the United States, with Russia being one among a growing list of culprits, according to experts. Speaking to The Washington Post last week, cybersecurity experts issued what they described as “a wake-up call” to voters and warned that America’s information space is becoming “a free-for-all for foreign intelligence”. Foreign spy services that are utilizing information operations in order to influence US elections reportedly include —aside from Russia— Israel, Saudi Arabia, the United Arab Emirates, Venezuela and China.

The majority of foreign information operations take place on social-media platforms such as YouTube, Twitter, Instagram and Facebook. But there are also campaigns to influence more traditional American media, for instance by tricking newspapers into publishing letters to the editor that are in fact authored by foreign intelligence operatives. Analysts from FireEye, Graphika and other cybersecurity and network-analysis firms told The Post that some information operations are difficult to detect, because the presence of a state security service is not always apparent. However, the messages that are communicated in tweets, Facebook postings, online videos, etc., tend to echo —often word for word— the rhetoric of foreign governments, and promote their geopolitical objectives. As can be expected, these objectives vary. Thus, Russian, Israeli and Saudi information operations tend to express strong political support for US President Donald Trump, arguably because these governments see his potential re-election as a development that would further their national interest. In contrast, Iranian information operations tend to lambast Trump for his negative stance on the Iranian nuclear deal and for his support for Saudi Arabia’s intervention in the Yemeni Civil War.

The Washington Post article notes that all major social-media companies employ teams of screeners whose mission is to detect and eliminate disinformation campaigns by both state and non-state actors. However, experts remain skeptical about their ability to combat the phenomenon, given that the quantity and sophistication of disinformation campaigns is constantly increasing. Many countries —including Israel and the United States— now maintain advanced information operations targeting national elections on several continents. There are also many governments —such as Qatar, the Philippines and Turkey— that use these techniques on their own voters and could potentially use them in the near future to target foreign populations, including Americans. The 2020 presidential election in the US is expected to be the most hotly contested in many decades, so it is certain that numerous foreign spy agencies will try to influence it in numerous ways, says The Post.

Author: Joseph Fitsanakis | Date: 29 July 2019 | Permalink

Election meddling by foreign powers already underway, says Canadian spy agency

CSE CanadaThe manipulation of social media by foreign governments aiming to sow division in Canada ahead of the country’s federal election in October is growing, according to the country’s signals intelligence agency. In a report published Monday, the Communications Security Establishment (CSE), Canada’s national communications interception agency, warns that election meddling by foreign powers is already taking place. The report, titled “2019 Update: Cyber Threats to Canada’s Democratic Process”, says that voters, as well as specific political figures, have been targeted by foreign powers since 2015 in the North American country.

The foreign intelligence agencies behind the efforts to manipulate Canada’s electoral process have systematically attempted to “polarize Canadians or undermine Canada’s foreign policy goals”, says the report. These efforts will continue and intensify in the run-up to October, claims the report, and concludes by warning that Canadians should expect to “encounter some form of foreign cyber interference ahead of, and during, the 2019 federal election”. However, foreign cyber interference on the scale that was experienced in the months leading up to the 2016 presidential election in the United States is improbable, according to the CSE.

Meanwhile, in an unrelated development, the former director of the Canadian Security Intelligence Service (CSIS), Canada’s primary national intelligence service, said in an interview last week that Ottawa would have to be patient in dealing with Russia and —especially— China. Speaking at a public forum hosted by the Canadian International Council in Vancouver, Richard Fadden noted that neither China nor Russia wish to go to war with the West. What they want instead is to “fragment the West” and thus increase their own influence on the international scene, said Fadden, who directed the CSIS from 2009 to 2013. It would be fair for Canada to “poke back”, he said, but would have to be “careful how [to] do it”, he added. “We need to be realistic. We’re dealing with an emergent superpower and […] we’re going to have to be patient”, Fadden concluded.

Author: Joseph Fitsanakis | Date: 09 April 2019 | Research credit: C.D. | Permalink

Islamic State’s online footprint declines drastically, experts say

Islamic State - IAThe online arm of the Islamic State, which was once one of the organization’s most noticeable trademarks, has declined markedly in 2018, according to expert observers in the United States and elsewhere. This is especially applicable to the militant group’s online propaganda and recruitment campaign, which appears to have effectively ceased, say experts.

According to The Washington Times newspaper, most information warfare experts at the United States Department of Defense believe that very little is left of the Islamic State’s once sizeable Web and social-media presence. The paper said that, according to the US Pentagon, the total media footprint of the group —which is also known as the Islamic State of Iraq and Syria (ISIS)— has diminished by as much as 83 percent since its peak in 2015. Online activity measured by the US Pentagon includes posts on social media by Islamic State members and commanders, as well as professionally produced pro-ISIS images and videos aired on YouTube and other image- and video-based online platforms. It also includes material from the Islamic State’s press bureau, the Amaq News Agency, which in previous years produced hundreds of pro-ISIS videos.

Experts told The Washington Times that the Islamic State’s online footprint has shrunk as a result of the group’s loss of its territory. The loss of ISIS’ physical bases in the Middle East has resulted in the death of many of the group’s online propagandists. Those who survived are currently hiding or fleeing from the authorities, fearing arrest or death. This has “crushed [the militant Sunni group’s] ability to mount a coordinated Web-based strategy”, said The Washington Times. The military attacks against ISIS continue to take place alongside an “aggressive counterstrategy in cyberspace”, said the paper, which is being led by the US Pentagon and its allies. This has included the successful targeting of thousands of social media accounts belonging to ISIS members and supporters, as well as complex hacking operations. The US Pentagon also coordinates the delivery of online content that counters the Islamic State’s narrative and messages.

But some experts warned the paper that the Islamic State continues to recruit members online and that the group’s online recruitment efforts are not completely a thing of the past. In fact, new ISIS-sponsored content continues to appear online regularly, they said. In September of this year alone, the Islamic State released 12 different videos, mostly aimed at recruiting new members. Additionally, the militant group continues to use Facebook, YouTube, and other popular online social media platforms, experts warned.

Author: Ian Allen | Date: 26 October 2018 | Permalink

Facebook says efforts to subvert upcoming US elections resemble ‘new arms race’

FacebookFacebook has said it is involved in an “arms race” against “bad actors” as it announced on Tuesday the removal of accounts that allegedly tried to subvert the upcoming mid-term elections in the United States. The social-media giant said its security division had identified 32 profiles and pages that were set up for the sole purpose of disrupting, subverting or otherwise influencing the American political process. At least seven more accounts were shut down on the Instagram platform –which is also owned by Facebook– for the same reasons. In the past 14 months, the suspect accounts generated nearly 10,000 posts and were liked or followed by over 290,000 users, said Facebook.

In addition to producing memes that aimed to stir existing racial, political and religious tensions in American society, the suspect accounts are also believed to have generated approximately 150 paid advertisements, spending around $11,000 for that purpose. Moreover, close to 30 public events were organized, advertised and hosted by the suspect pages throughout the US in the past 14 months. One such event was subscribed to by 4,700 users, with another 1,400 users stating that they would attend.

In a preliminary report posted on its online newsroom, Facebook said it was too early in the investigation to identify the party or parties behind the alleged effort to influence the US mid-term elections. Its security team had detected “one instance” of a connection between this latest operation and the Russian-based Internet Research Agency (IRA), which Facebook identified as being one of the main sources behind efforts to influence the 2016 US presidential elections. But the report cautioned that the instigators of this latest attempt to influence the US political process had gone to great pains to hide their identities, affiliations and geographical coordinates. For instance, they routinely employed virtual private networks in order to disguise their internet protocol addresses. They also used third parties to purchase advertisements on Facebook and Instagram. These and many other tactics severely limited the ability of security technicians to attribute these efforts to specific countries, governments or companies, said Facebook.

Using unusually strong language to describe its ongoing probe, Facebook said that the exploitation of its platform for sinister political purposes resembled “an arms race” and that constantly changing tactics were needed to combat it. In addition to removing the suspect accounts, Facebook said it was working closer with law enforcement and leading online security firms in order to analyze and eliminate threats from what it described as “bad actors”. It added that it was “investing heavily” in more people and better technology in order to eliminate those who were trying to weaponize its communication platform for sinister goals.

Author: Joseph Fitsanakis | Date: 01 August 2018 | Permalink

Trump’s Twitter feed is ‘gold mine’ for foreign spies, says ex-CIA analyst

Trump 2016With nearly 53 million Twitter followers, United States President Donald Trump could easily be described as the most social-media-friendly American leader in our century. It is clear that Trump uses Twitter to communicate directly with his followers while circumventing mainstream media, which he views as adversarial to his policies. However, according to former Central Intelligence Agency analyst Nada Bakos, foreign intelligence agencies are among those paying close attention to the president’s tweets. Bakos spent 20 years in the CIA, notably as the Chief Targeter of the unit that tracked down Abu Musab al-Zarqawi, the founder of al-Qaeda in Iraq, which later evolved into the Islamic State of Iraq and Syria. In a June 23 editorial in The Washington Post, Bakos argues that President Trump’s “Twitter feed is a gold mine for every foreign intelligence agency”.

All intelligence agencies, explains Bakos, build psychological profiles of foreign leaders. These profiles typically rely on information collected through intelligence operations that are “methodical, painstaking and often covert”. The final product can be crucial in enabling countries to devise strategies that counter their adversaries, says Bakos. But with Trump, covert intelligence-collection operations are not needed in order to see what is on his mind, since “the president’s unfiltered thoughts are available night and day”, she claims. The former CIA analyst points out that President Trump’s tweets are posted “without much obvious mediation” by his aides and advisors, something that can be seen by the frequency with which he deletes and reposts tweets due to spelling and grammatical errors. These unfiltered thoughts on Twitter offer a “real-time glimpse of a major world leader’s preoccupations, personality quirks and habits of mind”, says Bakos.

Undoubtedly, she argues, foreign intelligence agencies are utilizing President Trump’s tweets in numerous ways while building his personality profile. The most obvious ways are by performing content analysis of his tweets, which could then be matched against information collected from other sources about major US policy decisions. Additionally, foreign intelligence agencies could identify media sources that the US president seems to prefer, and then try to feed information to these sources that might sway his views. Countries like Saudi Arabia and Russia may have done so already, claims Bakos. The US president’s views, as expressed through Twitter, could also be compared and contrasted with the expressed views of his aides or senior cabinet officials, in order to discern who he agrees with the least. It is equally useful to analyze the issues or events that the US president does not tweet about, or tweets about with considerable delay. One could even derive useful information about Trump’s sleeping patterns based on his tweets, says the former CIA analyst.

Bakos does not go as far as to suggest that the US president should abstain from social media. But she clearly thinks that the US leader’s use of social media is too impulsive and potentially dangerous from a national-security perspective. She also laments that, throughout her career in the CIA, she and her team “never had such a rich source of raw intelligence about a world leader, and we certainly never had the opportunity that our adversaries (and our allies) have now”, thanks to Trump’s incessant social media presence.

Author: Joseph Fitsanakis | Date: 03 July 2018 | Permalink

Facebook shared user data with Chinese firm despite warnings by US intelligence

HuaweiThe online social media company Facebook shares data about its users with a Chinese telecommunications company that has been flagged in United States government reports as a threat to security. The New York Times revealed on Tuesday that Facebook has been routinely giving access to the private data of its users to four Chinese companies since at least 2010. The paper said that the data-sharing agreement with Lenovo, Oppo, TCL, and Huawei Technologies, has its roots in 2007. That was the year when Facebook began an effort to entice cell phone hardware and software manufacturers to include Facebook-friendly apps and features in their products. As part of the agreement, Facebook gave cell phone manufacturers access to its users’ private data, including “religious and political leanings, work and education history and relationship status”, said the Times.

However, several sources in the United States, United Kingdom, Australia and other governments, have repeatedly flagged Huawei as a company that is uncomfortably close to the Chinese government and its intelligence agencies. In 2011, the US Open Source Center, which acts as the open-source intelligence arm of the Office of the Director of National Intelligence, became the first US government agency to openly link Huawei with the Chinese intelligence establishment. It said that Huawei relied on a series of formal and informal contacts with the Chinese People’s Liberation Army and the Ministry of State Security, which oversee and administer China’s military and civilian intelligence apparatus. In 2013, the British government launched an official review of Huawei’s involvement in the UK Cyber Security Evaluations Centre in Oxfordshire, England, following a British Parliament report that raised strong concerns about the Chinese company’s links with the government in Beijing. And last year the Australian government expressed concern about Huawei’s plan to provide high-speed Internet to the Solomon Islands, a small Pacific island nation with which Australia shares Internet resources.

In a statement, Facebook said that all data shared with Huawei remained stored on users’ phones and was not downloaded on the Chinese’ company’s private servers. It also said that it would “phase out” the data-sharing agreement with Huawei by the middle of June. The Times noted on Tuesday that Facebook has been officially banned in China since 2009. However, the social media company has been trying to make a comeback in the Chinese market, by cultivating close links with Chinese Communist Party officials. Facebook founder Mark Zuckerberg visited China in October of last year, and met with Chinese Premier Xi Jinping and other senior officials.

Author: Joseph Fitsanakis | Date: 06 June 2018 | Permalink

India arrests commando instructor who fell for Pakistani honey trap on Facebook

Garud Commando ForceIndian authorities have arrested an Indian Air Force officer for allegedly giving classified documents to two Pakistani spies on Facebook, who posed as women interested in him. The officer has been named as Arun Marwaha, a wing commander stationed at the Indian Air Force headquarters in Delhi. Marwaha, 51, is a para-jumping instructor who trains members of India’s Garud Commando Force —the Special Forces unit of the Indian Air Force. He was reportedly due to retire in 2019.

According to Indian government investigators, several months ago Marwaha was befriended by two Facebook users who claimed to be Indian women. He began chatting regularly with them on Facebook and eventually on the popular cell phone messenger service WhatsApp. Within weeks, Marwaha’s WhatsApp exchanges with the women had become intimate in nature. Before long, the Indian Air Force instructor was providing the women with classified documents in return for intimate photos of themselves. Media reports state that the classified documents related to special operations, some involving cyberwarfare, and space reconnaissance. Government investigators claim that Marwaha’s Facebook contacts were in fact male officers of Pakistan’s Inter-Services Intelligence (ISI), who targeted Marwaha in a carefully planned honey trap operation.

According to reports, the breach caused by Marwaha was discovered last month, at which time the internal security branch of the Indian Air Force launched an investigation. Marwaha was questioned for over a week before turning over his case to Delhi Police, who arrested him on Thursday. He has reportedly been charged under India’s Official Secrets Act and is facing a jail sentence of up to 14 years. Meanwhile, the Indian Air Force is investigating whether other officers have fallen victims to similar honey trap operations by Pakistan’s ISI on Facebook.

Author: Ian Allen | Date: 09 January 2018 | Permalink

German intelligence warns European officials of fake Chinese LinkedIn profiles

BfV GermanyIn an unusual step, German intelligence officials have issued a public warning about what they said are thousands of fake LinkedIn profiles created by Chinese spies to gather information about Western targets. On Sunday, Germany’s Federal Office for the Protection of the Constitution (BfV) held a press conference in which it said that it had discovered a wide-ranging effort by spy agencies in China to establish links with Westerners. The agency said that it undertook a 9-month investigation, during which it identified 10,000 German citizens who were contacted by Chinese spy-run fake profiles on LinkedIn. Across Europe, the number of targets could be in the hundreds of thousands, according to the BfV.

The main targets of the operation appear to be members of the German and European Union parliaments. Also targeted are members of the armed forces, lobbyists and researchers in private think tanks and foundations in Germany and across Europe. These individuals were all targeted as part of “a broad attempt to infiltrate Parliaments, ministries and administrations”, said BfV Director Hans-Georg Maassen. He added that the fake LinkedIn profiles are of people who claim to be scholars, consultants, recruiters for non-existent firms, or members of think tanks. Their profile photographs are usually visually appealing and are often taken from fashion catalogs or modeling websites. During the press conference BfV officials showed examples of what they said were fake LinkedIn accounts under the names “Rachel Li” and “Alex Li”. The two identified themselves as a headhunter for a company called RiseHR and a project manager at the Center for Sino-Europe Development Studies, respectively. The information on these accounts was purely fictitious, said the BfV officials.

Individuals who have been targeted by the Chinese include European politicians and senior diplomats, according to the Germans. Many were invited to all-expenses-paid conferences or fact-finding trips to China by their LinkedIn contacts, presumably in attempts to recruit them for Chinese intelligence. At the closing of the press conference, the BfV urged European officials to refrain from posting private information on social media, including LinkedIn, because foreign intelligence operatives are actively collecting data on users’ online and offline habits, political affiliations, personal hobbies and other interests. In a statement issued on Monday, the Chinese government dismissed the German allegations, saying that the BfV’s investigation was based on “complete hearsay” and was thus “groundless”. Beijing also urged German intelligence officials to “speak and act more responsibly”.

Author: Joseph Fitsanakis | Date: 11 December 2017 | Permalink