PGT wrote:just so we're clear, here's the headline:
Anonymous: Government contractor has weaponized social media
the word I take umbrage with is 'weaponized'. of course it shows the existence of open source collection. Open source intelligence gathering has been public for a long time:
https://www.cia.gov/careers/opportuniti ... alyst.html
I do hate to beat a dead horse, really. But I think you're not quite getting the picture. Let me posit the following:
A Maori fundamentalist in New Zealand is causing trouble for the authorities. The New Zealand special police are very concerned he might be tainting public supplies of whale blubber, causing mass hysteria and possibly great damage to the government. So the police decide to follow the guy
online, where he leaves Maori propaganda (an accordion word, to be sure) on several forums. As the Maori fundie begins to show a pattern of activity online, the special police build a profile of where he is at given times. Based upon this, a strike profile is generated and he is arrested by a 3pm attack-and-arrest (he spends a lot of time on fourchon in the afternoons).
Or another:
A zen nihilist is amassing an army in central Mongolia. He, too, posts information on a forum for other Mongolian zen nihilists, but he's a lot more careful. In this case, he monitors his traffic logs, and he would notice the Mongolian special police coming after him. Understanding this, the Mongolian special police take great measures to obscure their identity online. At the same time, they undertake a "spear-phishing" attack (which is sometimes called an Advanced Persistent Threat) inducing the guy to view an image in an email that was sent to him. By noting the location of the phone from which he viewed his email, the Mongolians are able to track the times the nihilist is in physical contact with his phone. During one such occasion – he was poasting on 7chan – a pair of Mongolian M-15E Strike Yaks drop a pair of 250lb small-diameter bombs on him.
While in both these cases, OSINT and subterfuge are used to exploit social media (which is
not just facebook) and through that, combine a "kinetic" attack with an "information" attack. Why is it that the only "weapon" here is the kinetic devices? Is an EMP a weapon if it only destroys electronics? How about an attack via BGP that disables the internet for the southern hemisphere? What about fraudulent messages that cause an organization to depose those in power (consider we're not just talking about the PTA here)?
The spectrum is admittedly very, very broad. I think, though, that is what makes these
weapons very dangerous. One of the drawbacks with kinetic weapons is that they leave a very big signature and it's almost always clear who was behind it. With "cyber" weapons, it's not just about collection and analysis. And done right, we don't leave any signatures when we undertake operations with "cyber persona capabilities."
The other thing hampering people here is that any of us who actually work with this stuff are forbidden from discussing it in a place like this. When trying to discuss this with people, I'm limited to citing what's out in the media, and perhaps what's happening is there's an incomplete picture provided by and to the public and people like myself are speaking in very vague terms.
I get to meets like every two years at this point, but if you'd like to talk some about the unclas applications of this software, I'm happy to fill you in a little... in person.
