Be careful befriending strangers in social media

Who is Robin Sage? Members of the defense and national security establishment violated military operational security restrictions trying to get to know her.

 

Adding tons of Facebook friends doesn’t necessarily make you popular; it may actually put you and the Defense Department (DoD)’s information security at risk—especially when you have friends you don’t even know.
 
Provide Security, a cyber security company, illustrated this danger with the Robin Sage Experiment. The experiment created fake Facebook, Twitter and LinkedIn profiles under the alias “Robin Sage.” A photo of a cute girl (borrowed from an adult website) and the job title “Cyber Threat Analyst” completed the fake profiles.
 
Thomas Ryan, co-founder & managing partner at Provide Security, posing as Robin, sent requests and established social network connections with more than 300 professionals in the National Security Agency, DoD, and global 500 corporations.
 
Robin’s new friends revealed information to Ryan that violated military operational security and personal security restrictions.
 
“The worst compromises of operational security I had were troops discussing their locations and what time helicopters were taking off,” Ryan said during a phone conversation.
 
People also sought Robin’s professional advice, invited her to dinners and offered her job opportunities. Not bad in this economy for a person who doesn’t even exist.
 
“From one person I was profiling, I was able to get all the security questions for their e-mail and bank account,” Ryan said. “These are questions like what was your first car?”
 
I don’t even want people I know to have access to my e-mail or bank account, much less anybody on the Internet with audacity to send out a friend request from a fake profile.
 
From time to time I have received a random friend request from a person I don’t know, usually accompanied by a profile picture of a pretty girl, but I have this rule of thumb: if I haven’t met you, we aren’t friends yet. Megan Fox is the only exception to this rule.
 
My suspicions are that the unknown friend request could lead to anything from phishing scams to something as harmless as trying to get me to fill out annoying surveys—either way the answer is ignore.
 
Out of curiosity, I still like to confirm they are fake requests. You know, on the off chance it actually is a cute girl that found me out of the blue and is totally into me. Having low amounts of friends is my first clue, as is having only one photo.
 
According to Ryan’s report, an inspection of Robin Sage’s profile would have revealed her claimed ten years of cyber security experience would have put her in the career field at age 15.
 
During the experiment, one person checked the alumni records of the Massachusetts Institute of Technology (MIT), her claimed educational background, and this confirmed that MIT had no record of a Robin Sage.
 
The danger isn’t social networking itself. The danger is doing it carelessly.
 
According to DoD’s directive-type memorandum concerning social media and Internet capabilities, it is the responsibility of military leaders on all levels to ensure the safety of DoD and personal information.
 
All service members are instructed to beware of operational security when using communications such as telephone lines and e-mail; however, service members need to remember that information posted through social media should be regulated the same way, despite the casual feel of many of these sites.
 
Having a friend you don’t know means virtually anyone could be monitoring your activities and the information in your posts. If you post as much as some of my friends that means they’d know almost everything about your schedule right down to that “epic cheeseburger” you ate.
 
Social media is a great tool for networking and communication if the user is careful about the information he or she is sharing and who has the privileges to view it.
 
So, for anyone hoping to be my friend in the social media realm, you’ll have to at least buy me dinner first.
 
Petty Officer 2nd Class Elliott Fabrizio writes for the Department of Defense.

Comments

Argentine president says prosecutor's death was not suicide

Prosecutor Alberto Nisman was found dead this week after claiming he had evidence that President Kirchner sought to stop an investigation into a 1992 terrorist bombing that invovled Iran and Hezbollah.

Exclusive interview with fallen Argentine prosecutor Alberto Nisman

Prosecutor Alberto Nisman was found dead on Jan 18, the day he was to give testimony linking the Argentine president with a cover-up of Iranian terrorism. This is an unpublished and exclusive interview with him on April 16, 2014.

Suicide? Argentine official received death threats

Alberto Nisman was investigating ties between Argentine president Cristina Fernandez de Kirchner and Iran. He said that transcripts prove she made deal with Iranians and forego prosecuting Iranians for terrorist bombing.

Argentine who implicated president in terrorism is dead

Special prosecutor Alberto Nisman, investigator of 1994 terrorist bombing that killed dozens at a Jewish center, was found dead on the day before he was to present testimony. He implicated Pres.Fernandez de Kirchner in oil/grain swap with Iran.

Global warming trend is up, say NASA and NOAA

2014 was the hottest year on record. Marc Morano, a climate-change skeptic, points out discrepancies in datasets.

Crucified Again: persecution of Christians becomes more widespread

Approximately 100,000 Christians die every year because of their faith. One thousand Nigerian churches destroyed in 2014.

This page took 0.1563seconds to load