Hackers Hide Cyberattacks in Social Media Posts

(New York Times) . . . While corporations and government agencies around the world are training their staff to think twice before opening anything sent by email, hackers have already moved on to a new kind of attack, targeting social media accounts, where people are more likely to be trusting.

Pentagon officials are increasingly worried that state-backed hackers are using social media sites such as Twitter and Facebook to break into Defense Department computer networks. And the human error that causes people to click on a link sent to them in an email is exponentially greater on social media sites, the officials said, because people are more likely consider themselves among friends.

Once one person is compromised, attacks can move quickly through that person’s friend network, leading to what the officials described as a nightmare situation in which entire departments at the Pentagon could be targeted. . . .

. . . . Pentagon officials say the scale of the spear phishing attacks is unlike anything they had ever seen before. A report in Time magazine this month revealed that a Russian-led cyberattack tried to spear phish 10,000 Twitter accounts belonging to Defense Department employees, using personal messages targeted at specific users. . . .

. . . . Social media gives a number of indicators to an attacker, on a state-sponsored level, that you couldn’t get through email.”

Outside of simply using a spear phishing email to gain access to a network, attackers could use an account to gather intelligence. By watching a group of soldiers posting online, attackers could watch location changes to discern troop movements or engage directly in conversations to try to ferret out military decisions.

“Most people don’t think twice when they are posting on social media. They don’t think about people using the information against them maliciously,” Mr. Kaplan said. “They also don’t assume people on their network might be attackers.”

According to a 2016 report by Verizon, roughly 30 percent of spear phishing emails are opened by their targets. But research published by the cybersecurity firm ZeroFOX showed that 66 percent of spear phishing messages sent through social media sites were opened by their intended victims. . . .  (read entire article)

ADDITIONAL

Information Operations and Facebook (Facebook Security White Paper)