Espiões chineses operam no Facebook contra militares da NATO

Admiral Stirvis – who was in charge of operations in Libya to bring about the end of Colonel Muammar Gaddafi’s regime – now has an official Facebook site while the bogus one has been permanently deleted from the internet.

But it opened up a treasure trove of personal information to the people behind the fake.

As well as their names, people routinely put personal email addresses, dates of birth, clues about their home address and personal and family pictures online. Some even state their current location, and messages on a page’s “wall” can reveal huge amounts about their beliefs and state of mind.

Although it is not known how much information was harvested, foreign intelligence agencies would be delighted to have such huge amounts of information which can be used to produce detailed profiles of potential targets for espionage or even blackmail.

Senior Nato staff were warned about the fake account late last year and made representations to Facebook.

It is understood that Facebook uses very sophisticated techniques to identify bogus accounts which, it says, have very different footprints to genuine Facebook users.

A spokesman said: “After the profile was reported to us, it was taken down as soon as we were notified and investigated the issue.”

Last night officials at SHAPE, the Supreme Headquarters Allied Powers Europe, reluctantly confirmed that its commander had been targeted.

They refused to be drawn on the origin of the security breach although other senior security sources confirmed that it had been traced to China.

A spokesman for SHAPE said: “This type of compromising attempts are called “Social Engeneering” and has nothing to do with “hacking” or “espionage”.

“Discussions/chats/postings on Facebook are of course only about unclassified topics.”

A NATO official added: “There have been several fake supreme allied commander pages. Facebook has cooperated in taking them down. We are not aware that they are Chinese.

“The most important thing is for Facebook to get rid of them. First and foremost we want to make sure that the public is not being misinformed. Social media played a crucial role in the Libya campaign last year.

“It reflected the groundswell of public opposition, but also we received a huge amount of information from social media in terms of locating Libyan regime forces. It was a real eye-opener. That is why it is important the pubic has trust in our social media.”

The so-called “spear fishing” exercise is the latest tactic in the wide ranging use of the internet to spy on key Western figures and to steal their secrets.

Fears centre on the espionage operation of Chinese intelligence agencies – which are targeting not just military secrets but every aspect of western life.

Among the items stolen are said to be the secrets of stealth aircraft, submarine technology, the space programme and solar energy.

British institutions are equally vulnerable including Chinese hackers successful getting access to House of Commons secure computer network.

Shawn Henry, the FBI’s executive assistant director in charge of targeting cyber crime said: “We see thousands of breaches every month across all industry and retail, infrastructure and across all sectors.

“We know that the capabilities of foreign states are substantial and we know the type of information that they are targeting.”

The state-sponsored attacks are aimed at stealing information to give them an economic, political and military advantage.

Some hawkish figures in the US also fear that a hostile country or terror group might launch a “cyber war” against them attempting to attack and destroy military and civil infrastructure using viruses or other electronic weapons. However most experts think this is highly unlikely.

It is similar to the so-called “Night Dragon” attacks which targeted executives of some of the world biggest oil and gas companies.

The names of the firms involved have not been disclosed. Their reluctance is widespread as companies fear disclosure will damage customer confidence in them and it their share price.

The attacks infiltrated the energy companies computer system and looked for how the firms operated.

The attackers targeted the Western firms’ public websites and specific individuals using Facebook and other social networking sites to learn about them first, and then trying to dupe them into revealing their log in names and passwords.

The hackers were traced to China, to Beijing and investigators found the attacks only happened on week days between 9am and 5pm local time suggesting they were working at an office or a government facility.

Security expert Dmitri Alperovich, who helped uncover the “Night Dragon” breach, says Western businesses and Government are all routinely being targeted.

He said: “They will know your strategy, your price list, everything to undercut and beat you. The Chinese are using every trick in the book

“They stole emails between executives about high level negotiations. They are stealing their negotiation playbook and then they outbid them.If they know your strategy they can’t lose.”

Last year an executive at a key US defence firm, RSA, opened a personal email with the subject line “2011 Recruitment Plan” and clicked on the attached Excel spreadsheet.

The attachment contained a virus, apparently engineered by the Chinese, which opened up RSA’s system and allowed access to all its secrets, including its work for the White House, the Central Intelligence Agency, the National Security Agency, the Pentagon and the Department of Homeland Security(DHS).

Such is concern over the cyber-attacks that the DHS now sees it as a key priority along with tackling terrorism.

Bruce McConnell, its director of cyber security said: “The internet is civilian space. It is a marketplace. Like the market in Beirut in the ’70s, it will sometimes be a battleground.”

He likened his department’s job to attempts to co-ordinate the civilian response to a hurricane.

But “unlike in a hurricane, we are responding to incidents every day,” he added.

China suspected of Facebook attack on Nato’s supreme allied commander

Beijing cyber-spies accused of using fake social networking accounts in bid to steal military secrets from the west

Admiral James Stavridis was targeted by cyber-spies on Facebook who set up fake accounts in his name. Photograph: Yves Logghe/AP

Nato‘s most senior military commander has been repeatedly targeted in a Facebook scam thought to have been co-ordinated by cyber-spies in China, the Observer has learned. The spies are suspected of being behind a campaign to glean information about Admiral James Stavridis from his colleagues, friends and family, sources say.

This involved setting up fake Facebook accounts bearing his name in the hope that those close to him would be lured into making contact or answering private messages, potentially giving away personal details about Stavridis or themselves.

This type of “social engineering” impersonation is an increasingly common web fraud. Nato said it wasn’t clear who was responsible for the spoof Facebook pages, but other security sources pointed the finger at China.

Last year, criminals in China were accused of being behind a similar operation, which was given the codename Night Dragon. This involved hackers impersonating executives at companies in the US, Taiwan and Greece so that they could steal business secrets.

The latest disclosure will add to growing fears in the UK and US about the scale of cyber-espionage being undertaken by China. As well as targeting senior figures in the military, the tactic has been blamed for the wholesale theft of valuable intellectual property from some leading defence companies.

The sophistication and relentlessness of these “advanced persistent threat” cyber attacks has convinced intelligence agencies on both sides of the Atlantic that they must have been state-sponsored. Nato has warned its top officials about the dangers of being impersonated on social networking sites, and awarded a £40m contract to a major defence company to bolster security at the organisation’s headquarters and 50 other sites across Europe. A Nato official confirmed that Stavridis, who is the supreme allied commander Europe (Saceur), had been targeted on several occasions in the past two years: “There have been several fake Saceur pages. Facebook has cooperated in taking them down… the most important thing is for Facebook to get rid of them.”

The official added: “First and foremost, we want to make sure that the public is not being misinformed. Saceur and Nato have made significant policy announcements on either the Twitter or Facebook feed, which reflects Nato keeping pace with social media. It is important the public has trust in our social media.”

Nato said it was now in regular contact with Facebook account managers and that the fake pages were usually deleted within 24 to 28 hours of being discovered. Finding the actual source in cases such as these is notoriously difficult, but another security source said: “The most senior people in Nato were warned about this kind of activity. The belief is that China is behind this.”

Stavridis, who is also in charge of all American forces in Europe, is a keen user of social media. He has a genuine Facebook account, which he uses to post frequent messages about what he is doing, and where. Last year he used Facebook to declare that the military campaign in Libya was at an end.

The threat posed by Chinese cyber activity has been causing mounting concern in the UK and the US, where it is judged to be a systematic attempt to spy on governments and their militaries. They also accuse Beijing of being involved in the anonymous theft and transfer of massive quantities of data from the west. In a surprisingly pointed report to Congress last year, US officials broke with diplomatic protocol and for the first time challenged China directly on the issue. The National Counterintelligence Executive said Chinese hackers were “the world’s most active and persistent perpetrators of economic espionage”.

It said China appeared to have been responsible for “an onslaught of computer network intrusions”. The report also claimed that Chinese citizens living abroad were being leaned on to provide “insider access to corporate networks to steal trade secrets”. The use of moles was, it said, a clear exploitation of people who might fear for relatives in China.

Security analysts in Washington said they believed China had undertaken comprehensive cyber-surveillance of the computer networks that control much of America’s critical infrastructure. This has stoked a political debate on Capitol Hill, where Democrats and Republicans are locked in an ideological battle about how to tackle cyber threats. President Barack Obama wants to introduce regulation to ensure companies are taking them seriously, but that approach is opposed by Republicans, including Senator John McCain.

James Lewis, a cyber expert from the Centre for Strategic and International Studies thinktank in Washington, said the time for dithering had passed. “We know that Russia and China have done the reconnaissance necessary to plan to attack US critical infrastructure,” he said. “You might think we should put protection of critical infrastructure at a slightly higher level. It is completely vulnerable.”

Shawn Henry, an executive assistant director at the FBI, told the Observer that the agency was dealing with thousands of fresh attacks every month. “We recognise that there are vulnerabilities in infrastructure. That’s why we see breaches by the thousand every single month,” he said. “There are thousands of breaches every month across industry and retail infrastructure. We know that the capabilities of foreign states are substantial and we know the type of information they are targeting.”

The department of homeland security has been tasked by the White House with countering the cyber threat, but without making people lose confidence in the web. Its senior counsellor for cyber-security, Bruce McConnell, said: “The internet is civilian space. It is a marketplace. Like the market in Beirut in the 1970s, it will sometimes be a battleground. But its true nature is peaceful, and that must be preserved.”