Fake femme fatale shows social network risks
Researcher Thomas Ryan says fictitious Robin Sage character fooled many holding security, military and intelligence posts
Computerworld - Hundreds of people in the information security, military and intelligence fields recently found themselves with egg on their faces after sharing personal information with a fictitious Navy cyberthreat analyst named "Robin Sage," whose profile on prominent social networking sites was created by a security researcher to illustrate the risks of social networking.
In a conversation with Computerworld, Thomas Ryan, co-founder of Provide Security, said he used a few photos to portray the fictional Sage on Facebook, LinkedIn and Twitter as an attractive, somewhat flirty cybergeek, with degrees from MIT and a prestigious prep school in New Hampshire.
Then he established connections with some 300 men and women from the U.S. military, intelligence agencies, information security companies and government contractors.
The goal, said Ryan, was to determine how effective social networking sites can be in conducting covert intelligence-gathering activities.
Despite some patently obvious red flags -- such as noting that the 25-year-old Sage had worked professionally for 10 years -- the scheme worked. The connections to Sage, who was depicted as a real-life Abby Scuito, a fictional character in CBS's NCIS television series, were established in less than a month.
Many friends freely shared personal information and photos, invited the fictional threat analyst to conferences and asked her to review documents. Some "friends" at major companies, including Google and Lockheed Martin, even expressed interest in hiring her, he noted.
Had Sage really been a foreign agent, she would have had access to a lot of very useful information, said Ryan, who is scheduled to present his findings next week at the BlackHat security conference in Las Vegas. Excerpts from his interview with Computerworld follow:
What prompted you to conduct the experiment? One of the biggest drivers was all the talk about cyberwarfare and cyberespionage -- and what's real and what's not real. I wanted to see how much intel you could gather from a person just by lurking on a social networking site. I [also] wanted to see who was most susceptible to clicking. I wanted to see how fast this thing would propagate. One of the things I found was that MIT and St. Paul's [prep school] were very cliquey. If they don't remember seeing you, they are not going to click. You had less of a chance of penetrating those groups than the actual intel and security communities.
How many connections and friends did Robin Sage make? On Facebook, 226; on LinkedIn, 206; and on Twitter, 204. The connections on Facebook were security and military, LinkedIn was mainly security and intel, and Twitter was mostly hackers.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts