Inside Cyber Warfare - Jeffrey Carr [60]
Chapter 6. Nonstate Hackers and the Social Web
Social services such as Twitter, Facebook, MySpace, and LiveJournal are an essential part of the hacker’s toolkit. Commonly known as the Social Web, these services provide a heretofore unprecedented data store of personal information about people, companies, and governments that can be leveraged for financial crime, espionage, and disinformation by both state and nonstate hackers.
In this new era of cyber warfare, the Web is both a battle space and an information space. As this chapter shows, it is also a social, educational, and support medium for hackers engaged in cyber operations of one kind or another.
This chapter also discusses security implications for employees of the US government, including the armed services, who use social media and how their activities can put critical networks in jeopardy of being compromised by an adversary.
In addition to the giant social applications mentioned earlier are hacker forums, many of which are private or offer VIP rooms for invited members. These forums, along with blogs and websites, provide recruitment, training, coordination, and fundraising help to support the hackers’ nationalistic or religious activities. What follows is a sampling organized by nation.
Russia
Social networking is very popular among Russians. A recent Comscore study shows that, as a group, Russians are the most engaged social networking audience in the world, spending an average of 6.6 hours viewing 1,307 pages per visitor per month. The United States came in ninth at 4.2 hours.
The Russian Security Services are quite aware of this and have expressed concern over violations of operations security by Russian military personnel via social networks such as LiveJournal, Vkontaktel.ru, and Odnoklassniki.ru. In fact, the Federal Security Service (FSB) has banned its members from using Classmates.ru and Odnoklassniki.ru. That ban does not apply to former military personnel, however, and that’s who is doing most of the posting today, now that a more rigid policy has been put into effect.
Numerous Russian LiveJournal users self-identified as former or present members of the FSB, Spetsnaz, Special Rapid Reaction Unit (SOBR), Border Patrol, and others.
Odnoklassniki.ru, however, has earned the attention of the Russian press and the Kremlin for a reason: it is rife with information of a military nature. As an example, one of Project Grey Goose’s researchers was able to find mentions of over 50 strategic assets in this Russian social network, including:
“Ordinata” Internal Ministry of Defence Central Command Communication Center
2nd special forces division of FSB-GRU
42nd secret RF Navy Plant
63rd Brigade of RF Internal Defense Ministry
Air defense ant-missile staging area for C-300
Air Paratroopers 38th special communication division
C-75 missile complex
Central Northern Navy Fleet missile test site—NENOKS Severodvisk Air map
FSB division of Dzerzhinsky range
Headquarters of Russian Strategic Rocket Forces (RSVN)
Heavy Navy Carrier “Admiral Gorshkov” location
K-151 nuclear submarine location
RF navy “Admiral Lazarev” missile carrier
RT-2M Topol (NATO SS-25 SICKLE) Mobile ICMB Launcher Base
Russian Akula Submarine K-152 Nerpa (SSN)
Russian Typhoon Class SSBN
Sheehan-2 Central Research and Testing Institute of Chemical Defense Ministry troops
The availability of this level of information has created a furor in various Russian online communities. One forum administrator complains that even the FSB doesn’t have the data about Russian citizens, institutions, and the armed forces and their movements and interactions that these social networks have, particularly Odnoklassniki.ru.
China
China has a huge Internet population and, as might be expected, has a correspondingly