Online "Robin Sage" Fools High-level Military, IT, Int types

[The Bread Guy]

This from the Washington Times:

Call her the Mata Hari of cyberspace.

Robin Sage, according to her profiles on Facebook and other social-networking websites, was an attractive, flirtatious 25-year-old woman working as a "cyber threat analyst" at the U.S. Navy's Network Warfare Command. Within less than a month, she amassed nearly 300 social-network connections among security specialists, military personnel and staff at intelligence agencies and defense contractors.

A handful of pictures on her Facebook page included one of her at a party posing in thigh-high knee socks and a skull-and-crossbones bikini captioned, "doing what I do best."

"Sorry to say, I'm not a Green Beret! Just a cute girl stopping by to say hey!" she rhymingly proclaimed on her Twitter page, concluding, "My life is about info sec (information security) all the way!"

And so it apparently was. She was an avid user of LinkedIn - a social-networking site for professionals sometimes described as "Facebook for grown-ups." Her connections on it included men working for the nation's most senior military officer, the chairman of the Joint Chiefs of Staff, and for one of the most secret government agencies of all, the National Reconnaissance Office (NRO), which builds, launches and runs U.S. spy satellites. Others included a senior intelligence official in the U.S. Marine Corps, the chief of staff for a U.S. congressman, and several senior executives at defense contractors, including Lockheed Martin Corp. and Northrop Grumman Corp. Almost all were seasoned security professionals.

But Robin Sage did not exist.

Her profile was a ruse set up by security consultant Thomas Ryan as part of an effort to expose weaknesses in the nation's defense and intelligence communities - what Mr. Ryan calls "an independent 'red team' exercise" ....

 

[PMedMoe]

"Everything in her profile screamed fake," he told The Times. She claimed to have 10 years' experience in the cybersecurity field - which would mean that she entered it at age 15 - and there is no such job as "cyber threat analyst" at the Naval Network Warfare Command. Even her name is taken from the code name of an annual U.S. special-forces military exercise, as a two-second Google search establishes.

Should have been quite the eye-opener.  I bet that the majority of the people who tried to contact her were men.

 

[Kat Stevens]

sigh...  or raging lezzbos

 

[PMedMoe]

sigh...  or raging lezzbos

That's possible, too.

 

[SeanNewman]

Sadly, the knee jerk reaction to this type of news may result in something like a "nobody in uniform is allowed to have a Facebook page" rule.

And all of us who don't give up any OpSec info on Facebook won't be able to post pics of our kids for our families anymore.

 

[off126]

This is silly. Where's the 'So what?'. These peoples' identities are not classified, their existence isn't a state secret, they're allowed to have friends outside of work. So you're on their facebook, great, now what? They aren't accidentally going to post some TS info on their wall, and as soon as you start digging, they'll likely realize they have no idea who you are and zip right up.

 

[PMedMoe]

This is silly. Where's the 'So what?'. These peoples' identities are not classified, their existence isn't a state secret, they're allowed to have friends outside of work. So you're on their facebook, great, now what? They aren't accidentally going to post some TS info on their wall, and as soon as you start digging, they'll likely realize they have no idea who you are and zip right up.

Did you read the article at the link?

One soldier uploaded a picture of himself taken on patrol in Afghanistan containing embedded data revealing his exact location. A contractor with the NRO who connected with her had misconfigured his profile so that it revealed the answers to the security questions on his personal e-mail account.

I think this is just more of a "wake-up" call to people about how easy it is for someone to get personal information about you.  In the case of the soldier in A'stan, there was definitely a breach of OpSec.

 

[George Wallace]

I think this is just more of a "wake-up" call to people about how easy it is for someone to get personal information about you.  In the case of the soldier in A'stan, there was definitely a breach of OpSec.

This has been brought up on a regular basis.  People keep dozing off.  Remember  Killing with Keyboards?

 

[PMedMoe]

This has been brought up on a regular basis.  People keep dozing off.  Remember  Killing with Keyboards?

Yes, George, I do.  And I agree, people have that (wrong) tendency to believe they are anonymous on the internet.  Sure can rope in quite a few with a pretty face, huh? 

 

[George Wallace]

It is just another version of that Game Show.........."The Man Trap".    ;D

 

[BF1]

I think it just represents the natural evolution of Intelligence collection.  Before the internet, sources were cultivated using money, sex, and booze to name a few. It was very labour intensive, expensive, and time consuming.  Now, thanks to the internet, agencies can troll for possible sources using social media at a minimal cost.  Once contact is made with a likely target, the real work begins.  I am sure the individual responding as Robin Sage was likely a large, hairy backed 40 something male with garlic breath

 

[George Wallace]

I think it just represents the natural evolution of Intelligence collection.  Before the internet, sources were cultivated using money, sex, and booze to name a few. It was very labour intensive, expensive, and time consuming.  Now, thanks to the internet, agencies can troll for possible sources using social media at a minimal cost. 

I would disagree with this statement.  With the advent of the internet things have become more labour intesive, expensive and time consuming.  Researchers, not just intelligence operators, are now facing "information overload" and have to sift through tonnes of information to pick out information that is accurate and relevant to what their needs are. 

It is similar to that statement that computers would cut down on the amounts of paper we would use.  I still see tonnes of paper being used up. 

Although digitalization has made world become smaller, the amounts of information being processed has grown.  This takes a lot of people, time, training, facilities, and expense.

 

[Michael OLeary]

George, based on the part you didn't quote, I would suggest that BF1's remarks were specifically referring to spying tactics like the "Robin Sage" operation which started this thread. Rather than trying to identify a likely weak point and then deploying a real life "Mata Hari" to meet him in a bar 'by accident', or finding the one analyst with an embarrassing habit that can be used against him for information, the Internet lets them use social media and fictional agents to work from one contact through an existing network of friends and associates.

Once the online contacts are widespread enough within the target community, examination of the dataflow can be focused on all those working in a single area of interest.

And that brings us back to your post Killing with Keyboards.

 

[TimBit]

I would agree entirely with you Michael. The net lets you find a good target, then get to know them. Example? If someone posts daily something about hating his job and how much everyone's passing him over for promotion, then that is a good prospect for recruiting. Throw in a few postings about leggy blondes, fine dining and foreign films, you know exactly who to send, what to talk about and to end the evening. From there it's downhill quick...