People trust and share way too much on social media sites, and unfortunately this extends to government employees and military troops around the world. Iranian hackers have taken advantage of this and for the last three years have been targeting high ranking officials worldwide by attacking social media accounts using social engineering.
Social Engineering means to attempt to gain access or information from someone by pretending to be someone else or by physiologically manipulating someone to trick them into doing something they normally wouldn’t. Hackers use these techniques to gain account login information, access to a physical location or confidential data, or to gain information that could be used in future attacks.
According to the security firm iSight Partners in Dallas, Iranian hackers pretending to be members of US News media and defense contractors have social engineered high ranking officials via sites like Facebook, Linked-In, YouTube and Twitter since 2011. The firm has tracked the attacks for six months and have been amazed at the depth and persistence of the hackers:
“It is such a complex and broad-reaching, long-term espionage campaign for the Iranians, what they lack in technical sophistication, they make up in creativity and persistence,” said iSight Senior Vice President Tiffany Jones.
The targets included a US Navy Admiral and other high ranking officials from the US and also Israel, UK, Iraq, Saudi Arabia and Syria.
People share way to much via social media assuming it is a safe environment. Military personnel and government officials around the globe share where they are, what technology they are working on, unit locations and capabilities, and other seemingly innocent data shared with “friends” that could be a gold mind to cyber espionage and social engineering hackers.
Officials should be very wary of unknown social media contacts pressing them for confidential data or account information. High ranking military personnel or those in top secret positions should not use social media sites as resumes or to share where they are or what they are working on.
Some country’s even prohibit soldiers from posting any pictures of themselves in uniform or discussing any military occupation information on social media sites.