By Cliff Montgomery – July 2nd, 2014
U.S. officials have learned that foreign Internet hackers are using well-known social network sites to successfully target “federal, state and local government and private academic and industry networks,” according to recent bulletins from the Federal Bureau of Investigation (FBI).
The FBI quietly released the two bulletins in late May to federal contractors and other businesses involved in government activities. The statements were first posted on The Security Awareness Company’s website.
Below, The American Spark quotes the essential matter of the two bulletins – one may also access the full FBI statements, here and here.
“Law enforcement has become aware that foreign cyber adversaries are utilizing popular social network sites to assess, target and successfully conduct computer network exploitation activities against:
- US federal, state and local government and private academic and industry networks
- Individual employees of US federal, state and local government and private academic and industries [and]
- Family members and personal and/or professional associates of these employees and private citizens with high visibility.
It is advised that industry use due diligence to inform and educate their associates on the vulnerabilities associated with the use of social networking sites.” […]
“The FBI and NCIS [Naval Criminal Investigative Service] believe a group of cyber actors have been using various social networking sites to conduct spear phishing activities since at least 2011.
“FBI and NCIS investigation to date has uncovered 56 unique Facebook personas, 16 domains, and a group of IP addresses associated with these actors. These personas typically would attempt to befriend specific types of individuals such as government, military, or cleared defense contractor personnel.
“After establishing an online friendship the actor would send a malicious link (usually through one of the associated domains) to the victim, either through e-mail or in a chat on the social networking site eventually compromising the target’s computer.
“While this [FBI] FLASH specifically deals with Facebook personas, it is believed that many of these personas also maintain a presence on other social networking sites such as LinkedIn, Google +, and Twitter which are just as malicious.
“This group of cyber actors also has created and maintained multiple malicious Web sites, often spoofing a legitimate Web site and implanting malicious links into the actor’s version of the Web site.”
