Your Facebook profile is a “treasure-trove” for state-sponsored hackers looking to gather intelligence about U.S. troop locations and organizational hierarchies, according to the cybersecurity firm Imperva.
A new report from the California-based firm says hackers can analyze connections between “friended” business partners and colleagues, to map out the hierarchy of different organization, reports Nextgov.
“The organizational structure can be used for corporate espionage, foreign-government and even military intelligence,” a draft reportedly states.
Rob Rachwald, Imperva’s security strategy director said individuals often post status updates that unwittingly reveal their geographic locations.
“Geolocation data is all together more valuable when cross-referencing it with the organizational structure,” he told Nextgov. “This can be very useful, say, to gain military intel on the location of the adversary’s military units. In fact, last year an [Israel Defense Forces] operation was cancelled following a soldier’s status update of the operation’s time and location,” the report states.
A Facebook spokesman said in response that the company has many technical systems in place to prevent “scraping,” or mining the site’s data, and to restrict Web search services from crawling through non-public information:
“We designed Facebook to provide a safer and more trusted online environment by offering users industry leading tools to control access to their information so they can choose what they share and with whom they share it. We encourage people exercise caution when connecting with others unknown to them online or otherwise.”
The Army’s Online and Social Media Division’s handbook for soldiers includes a list of safety measures. It also advises commanders to ensure designated social media managers monitor their unit’s official presence carefully for sensitive information, Army Times has previously reported.
“America’s enemies scour blogs, forums, chat rooms and personal websites to piece together information that can harm the United States and its Soldiers,” the handbook warns. “Be cautious when accepting friend requests and interacting with people online.”
A section for Army-sanctioned family readiness groups advises leaders to steer clear of posting specific unit information and gossip. As an example, it suggests using vague language such as their soldier is, “‘operating in southern Afghanistan’ as opposed to ‘operating in the village of Hajano Kali in Arghandab district in southern Afghanistan.’”[via Nextgov]