An Iran-based hacking network used fake Facebook and other social media profiles to "befriend" and spy on US lawmakers and defence contractors in the US and Israel, among other targets, according to a new report. According to the study, the hackers attempted to get "friendly" with US lawmakers, defence contractors and "at …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Friday 30th May 2014 14:00 GMT Anonymous Coward

answer is simple get rid of social media

Remove the necessity, the eagerness the so called homepage for where lots of internet users who have no use but to Facebook and the problem is solved.

Each day I sit on the train and see people dissolvd in their facebook and wonder is this all they know ?

Do they think the Internet = Facebook?

Anyhow the solution is easy US defence bods should be hired but before hired told no social networking or if you do actually want to do use bogus information -nothing real to link you back to your job..

The resolution is quite simple the eagerness to use this sort of rubbish amongst those trying pretend their in with the new trends how ever is not.

I have never seen any of these people on the register or stackoverflow

To them these sort of places don't even exit its is just facebook, live breath and eat S***T

1 0
1. Friday 30th May 2014 15:27 GMT Anonymous Coward
  
  Re: answer is simple get rid of social media
  
  > I have never seen any of these people on the register or stackoverflow
  
  Are we talking about the same "The Register"? I've seen many users on El Reg that, judging on their posting history, would easily fall for social engineering attacks.
  
  1 0
  1. Friday 30th May 2014 15:43 GMT Anonymous Coward
    
    Re: answer is simple get rid of social media
    
    indeed the same "The Register"?
    
    but hey posting as an anonymous cow or with a name somehow does not allow hackers to gain insight into your job or life, its just a post after all. There is no way for this style of hacking to take place.
    
    I have never met anyone wanting to add me on to their El Reg Friends list after posting something since such features are not part of this site and rightly so
    
    0 0
    1. Friday 30th May 2014 17:18 GMT Don Jefe
      
      Re: answer is simple get rid of social media
      
      Is there an El Reg friends list?
      
      0 0
      1. Friday 30th May 2014 20:22 GMT Anonymous Coward
        
        Re: answer is simple get rid of social media
        
        Yep, No. 1 is Apple :-)
        
        2 0
Friday 30th May 2014 14:05 GMT Anonymous Coward

Difficult to credit such poor attitudes to security

OK, "lawmaker" is just a 10 dollar euphemism for "dumb-ass politician", so you wouldn't expect anything better from them. But people working in the military or for defence contractors really should know better than to trust anyone on a social media site, and start with an entirely sceptical attitude to any contact there.

3 0
Friday 30th May 2014 15:53 GMT Anonymous Coward

The Peter Principle in practice.

Numpty morons and twerps are EVERYWHERE, even in the military. Those same idiots become CEO's, Presidents and Generals via the Peter Principle. If you could avoid the drive by downloads and trojans, you still have the fake websites to worry about. I have seen enough of those to be very afraid of things on the Internet. Add Farcebook or FinkedIn to the mix and people seem to trust them implicitly. The "social engineering" aspect of their hacking is truly devious.

1 0
1. Friday 30th May 2014 19:07 GMT Anonymous Coward
  
  No.
  
  The Peter Principle does not put "morons" in place as CEOs, Presidents and Generals. You completely misunderstand the Peter Principle if you think so.
  
  However, I don't disagree with the idea that there are morons/twerps that are generals, CEOs and presidents. In fact, I'd substitute "especially in the military" for "even in the military". Not because the military necessarily attracts dumb people to OCS, but because the hierarchy is so rigid that the factors that result in promotion in the military are completely different from the factors that result in promotion in the business world.
  
  0 0
Friday 30th May 2014 17:17 GMT Don Jefe

Perfect Cover?

A faux news organization is easy to setup and offers the perfect cover? Bullshit. At least here in the US that's bullshit. Ok, it may be easy to setup a faux news organization and website, but using it as cover? Just don't buy it.

We're just a commercial entity but we've got a very detailed protocol with explicit identity verification mechanisms with three complete sets of alternative identity assurance challenges if we just aren't sure who we're dealing with. Guesses where we got the protocol and who audits it regularly? Who will go double check on our behalf to check out suspicious sorts? Guesses, anybody? The fucking DoD.

The Department of State is involved as well, but it's a DoD program. While the DoD might not be the most financially efficient bunch in the US, they do a pretty damn good job of keeping secrets. They want to make sure their commercial vendors who deal with sensitive stuff can keep secrets too, and they even give you the tools to do it with. While we don't do any work on weapons systems, we do work on a lot of projects that could be bad if the wrong people accessed the information.

I want to know why the guys who do work with weapons systems aren't using the tools we are. It's not like we are so special that the DoD cooked up a special set of instructions for us. It was all implemented when I first opened the company, it had to be because the DoD wouldn't let us in on a lot of project. The system is still audited on a regular basis and they even send us a review of our performance and they ask for our feedback and the listen and act on that feedback as well. That by itself is truly stunning.

Somebody said it in an earlier comment, but the defense and intelligence people have no business being on Facebook. There are tens of thousands, if not far more, people who are prohibited from using social networks or ordering stuff from certain websites, or even patronizing some stores physically (look up the liquor store and titty bar stories in Norfolk, VA).

I realize interfering in the personal lives of your staff/soldiers is really shitty, but it's a voluntary decision to take those jobs. If you want all the perks of a job dealing with sensitive information then that's the tradeoff you make.

4 2
1. Friday 30th May 2014 22:21 GMT Ted Treen
  
  Re: Perfect Cover?
  
  Seeing what our UK politicos have done on YouTube etc., and their Twitter/Facebook stuff as reported in the press (I don't do Facebook or Twitter), perhaps ALL politicos and their ilk should be banned from the interwebs in general...
  
  2 0
  1. Saturday 31st May 2014 12:57 GMT Don Jefe
    
    Re: Perfect Cover?
    
    I second your motion to prevent politicos from using the interwebs!
    
    Ha! That would be a fun Facebook project. Start a 'remove politicos from the internet'.
    
    0 0
Friday 30th May 2014 23:35 GMT Sanctimonious Prick

Absolutely!

What's more credible are suggestions that Iran got serious about boosting its cyber capabilities since the Stuxnet worm sabotaged systems at a key nuclear enrichment facility

0 3
Saturday 31st May 2014 14:20 GMT Vociferous

How?

How do you spy on someone by befriending them on Facebook?

They "spied" on their Facebook updates? That's some serious hardcore hacking & spying, right there. For an encore, they could spy on the politicians by following them on Twitter.

3 0
1. Saturday 31st May 2014 17:35 GMT Anonymous Coward
  
  Re: How?
  
  Can you imagine the information they could extract?
  
  Current Weather
  
  Food habits
  
  Films seen
  
  Times when hungover
  
  Pictures of Pets
  
  and any other self-obsessed attention seeking whore comments you can think of because they live a worthless shit life.
  
  1 1
  1. Sunday 1st June 2014 13:01 GMT Don Jefe
    
    Re: How?
    
    It sounds like a pretty standard consulting company 'solution' to me. You know, the most convoluted, unlikely and, of course, expensive way to do something.
    
    I think my favorite part is that somewhere there's guaranteed to be an insanely complex process matrix, with a really fabulous name, and right now some junior employee is pounding his brain trying to figure out a way to learn the name of somebody's pet box turtle, because the matrix says they'll have a far better chance of guessing a password if they know that. That's worth a promotion right there.
    
    1 0
  2. Tuesday 3rd June 2014 10:28 GMT Anonymous Coward
    
    Re: How?
    
    Can you imagine the information they could extract?
    
    Ever heard of social engineering? It's one of them things which is aided by gathering as much background information as you can get, knowing your targets habits and routines makes it much easier to target them.
    
    0 0
2. Sunday 1st June 2014 01:17 GMT Sanctimonious Prick
  
  Re: How?
  
  That deserves ten upvotes!
  
  0 1