Senior British military officers and officials were tricked into revealing personal information to spies by a faked Facebook account set up in the name of NATO Supreme Allied Commander for Europe James Stavridis, reports suggest.
“NATO officials are reluctant to say publicly who was behind the attack. But the Sunday Telegraph has learned that in classified briefings, military officers and diplomats were told the evidence pointed to "state-sponsored individuals in China,” The Telegraph says.
“Although they are unlikely to have found any genuine military secrets from the Facebook accounts they accessed, the incident is highly embarrassing…In the wake of it NATO has advised senior officers and officials to open their own social networking pages to prevent a repeat of the security breach.”
Since the breach took place, Facebook has been developing a system to allow public figures to verify their accounts using a government-issued photo ID, and also allows them to display a preferred pseudonym instead of their real name. On the NATO case, Facebook released a statement saying that it had “removed the profile for violating our terms within a business day of receiving a report.”
The incident is a big blow to NATO, which has increasingly turned to social media to help spread word of its work. Back in October, Stavridis used his Facebook page to announce his intention to end the war in Libya following Muammar Gaddafi’s capture.
“An extraordinary 24 hours in Libya. As SACEUR, I will be recommending conclusion of this mission to the North Atlantic Council of NATO in a few hours. A good day for NATO. A great day for the people of Libya,” he wrote on his wall.
The news of the NATO breach comes just days after a high-profile report to the U.S. Congress warned that cyber warfare initiated by China poses a genuine risk to the U.S. military.
“Chinese capabilities in computer network operations have advanced sufficiently to pose genuine risk to U.S. military operations in the event of a conflict,” the report, released by the U.S.-China Economic and Security Review Commission, said.
But attributing blame isn’t always easy. Certainly, one U.S. military analyst I’ve spoken with recently has said that it’s clear that many of the attacks the U.S. armed forces are subject to originate in China because “they start at 9 am Hainan time and finish at 5 pm Hainan time.” (Hainan Island, home to key Chinese military units, is frequently described as the source of many Chinese government-backed hacking attacks).
Still, as Marcus Sachs – director of the SANS Internet Storm Center – has told me previously, attribution in cyberspace is always very difficult.
“There are too many ways to be anonymous and too many ways to spoof another person or system,” he said. “The basic protocols of the Internet don’t allow for positive attribution, which is great for free speech, but makes things hard for law enforcement.”
Either way, James Holmes, a professor of strategy at the U.S. Naval War College, argues that military officials should be careful, but not deterred moving forward with new media.
"Senior officials' usual reflex would be to discourage the use of social media to plug potential security leaks. The services have been very ambivalent about servicemen blogging, for example," he told me. "By contrast, I think Admiral Stavridis has the right outlook. He has embraced the use of social media. He presumably calculates that the benefits of connectivity with the world outside the military outweigh the potential costs this case dramatizes."
"'Loose Lips Sink Ships' was good guidance during World War II. I guess we should amend that by adding 'Loose Fingertips' to the list. It's easy to click on the wrong thing on a screen, and I suspect this will be added to our annual IT training this year, in an effort to keep ahead of the threat."