NATO’s most senior military commander has been repeatedly targeted in a Facebook scam thought to have been coordinated by cyberspies in China. The spies are suspected of being behind a campaign to glean information about US Admiral James Stavridis from his colleagues, friends and family, sources say.
This involved setting up fake Facebook accounts bearing his name in the hope that those close to him would be lured into making contact or answering private messages, potentially giving away personal details about Stavridis or themselves.
This type of “social engineering” impersonation is an increasingly common Web fraud. NATO said it was not clear who was responsible for the spoof Facebook pages, but other security sources pointed the finger at China.
Last year, criminals in China were said to be behind a similar operation, which was given the codename Night Dragon. This involved hackers impersonating executives at companies in Taiwan, the US and Greece so that they could steal business secrets.
The latest disclosure will add to growing fears in the UK and US about the scale of cyberespionage being undertaken by China. As well as targeting senior figures in the military, the tactic has been blamed for the wholesale theft of valuable intellectual property from some leading defense companies.
The sophistication and relentlessness of these “advanced persistent threat” cyberattacks has convinced intelligence agencies on both sides of the Atlantic Ocean that they must have been state-sponsored. NATO has warned its top officials about the dangers of being impersonated on social networking sites and last week awarded a US$63 million contract to a major defense company to bolster security at the organization’s headquarters and 50 other sites across Europe.
A NATO official confirmed Stavridis, who is supreme allied commander Europe (SACEUR), had been targeted on several occasions in the past two years: “There have been several fake SACEUR pages. Facebook has cooperated in taking them down ... the most important thing is for Facebook to get rid of them.”
“First and foremost, we want to make sure that the public is not being misinformed. SACEUR and NATO have made significant policy announcements on either the Twitter or Facebook feed, which reflects NATO keeping pace with social media. It is important the public has trust in our social media,” the official added.
NATO said it was now in regular contact with Facebook account managers and that the fake pages were usually deleted within 24 to 28 hours of being discovered.
Finding the actual source in cases such as these is notoriously difficult, but another security source said: “The most senior people in NATO were warned about this kind of activity. The belief is that China is behind this.”
Stavridis, who is also in charge of all US forces in Europe, is a keen user of social media. He has a genuine Facebook account, which he uses to post frequent messages about what he is doing, and where. Last year he used Facebook to say that the military campaign in Libya was at an end.
The threat posed by Chinese cyberactivity has been causing mounting concern in the UK and the US, where it is judged to be a systematic attempt to spy on governments and their militaries. They also say Beijing is involved in the anonymous theft and transfer of massive quantities of data from the west.
In a surprisingly pointed report to the US Congress last year, US officials broke with diplomatic protocol and for the first time challenged China directly on the issue.
The US National Counterintelligence Executive said Chinese hackers were “the world’s most active and persistent perpetrators of economic espionage.”
It said China appeared to have been responsible for “an onslaught of computer network intrusions.”
The report also claimed that Chinese citizens living abroad were being leaned on to provide “insider access to corporate networks to steal trade secrets.”
The use of moles was, it said, a clear exploitation of people who might fear for relatives in China.
Security analysts in Washington said they believed China had undertaken comprehensive cybersurveillance of the computer networks that control much of the US’ critical infrastructure. This has stoked a political debate on Capitol Hill, where Democrats and Republicans are locked in an ideological battle about how to tackle cyberthreats. US President Barack Obama wants to introduce regulation to ensure companies are taking it seriously, but that approach is opposed by Republicans.
The US Department of Homeland Security has been tasked by the White House with countering the cyberthreat, but without making people lose confidence in the Web.
Its senior counselor for cybersecurity, Bruce McConnell, said: “The Internet is civilian space. It is a marketplace. Like the market in Beirut in the 1970s, it will sometimes be a battleground, but its true nature is peaceful and that must be preserved.”
AFGHAN CHILD: A court battle is ongoing over if the toddler can stay with Joshua Mast and his wife, who wanted ‘life, liberty and the pursuit of happiness’ for her Major Joshua Mast, a US Marine whose adoption of an Afghan war orphan has spurred a years-long legal battle, is to remain on active duty after a three-member panel of Marines on Tuesday found that while he acted in a way unbecoming of an officer to bring home the baby girl, it did not warrant his separation from the military. Lawyers for the Marine Corps argued that Mast abused his position, disregarded orders of his superiors, mishandled classified information and improperly used a government computer in his fight over the child who was found orphaned on the battlefield in rural Afghanistan
NEW STORM: investigators dubbed the attacks on US telecoms ‘Salt Typhoon,’ after authorities earlier this year disrupted China’s ‘Flax Typhoon’ hacking group Chinese hackers accessed the networks of US broadband providers and obtained information from systems that the federal government uses for court-authorized wiretapping, the Wall Street Journal (WSJ) reported on Saturday. The networks of Verizon Communications, AT&T and Lumen Technologies, along with other telecoms, were breached by the recently discovered intrusion, the newspaper said, citing people familiar with the matter. The hackers might have held access for months to network infrastructure used by the companies to cooperate with court-authorized US requests for communications data, the report said. The hackers had also accessed other tranches of Internet traffic, it said. The Chinese Ministry of Foreign Affairs
STICKING TO DEFENSE: Despite the screening of videos in which they appeared, one of the defendants said they had no memory of the event A court trying a Frenchman charged with drugging his wife and enlisting dozens of strangers to rape her screened videos of the abuse to the public on Friday, to challenge several codefendants who denied knowing she was unconscious during their actions. The judge in the southern city of Avignon had nine videos and several photographs of the abuse of Gisele Pelicot shown in the courtroom and an adjoining public chamber, involving seven of the 50 men accused alongside her husband. Present in the courtroom herself, Gisele Pelicot looked at her telephone during the hour and a half of screenings, while her ex-husband
EYEING THE US ELECTION: Analysts say that Pyongyang would likely leverage its enlarged nuclear arsenal for concessions after a new US administration is inaugurated North Korean leader Kim Jong-un warned again that he could use nuclear weapons in potential conflicts with South Korea and the US, as he accused them of provoking North Korea and raising animosities on the Korean Peninsula, state media reported yesterday. Kim has issued threats to use nuclear weapons pre-emptively numerous times, but his latest warning came as experts said that North Korea could ramp up hostilities ahead of next month’s US presidential election. In a Monday speech at a university named after him, the Kim Jong-un National Defense University, he said that North Korea “will without hesitation use all its attack