Insight from the West Fargo PD: FBI issues cyberattack warning
The FBI and NCIS believe a group of cyber actors have been using various social networking sites to conduct spear phishing activities since at least 2011.
FBI and NCIS investigation to date has uncovered 56 unique Facebook personas, 16 domains and a group of IP addresses associated with these actors.
These personas typically would attempt to befriend specific types of individuals such as government, military or cleared defense contractor personnel. After establishing an online friendship the actor would send a malicious link (usually through one of the associated domains) to the victim, either through email or in a chat on the social networking site eventually compromising the target’s computer.
Law enforcement reports indicate foreign cyberadversaries are utilizing popular social network sites to assess, target and successfully conduct computer network exploitation activities against federal, state and local government and private academic and industry networks individual employees of federal, state and local government and private academic and industries, family members and personal and/or professional associates of these employees and private citizens with high visibility.
It is advised that industry use due diligence to inform and educate their associates on the vulnerabilities associated with the use of social networking sites.
The U.S. Computer Emergency Readiness Team defines social networking sites, referred to as “friend-of-a-friend” sites, as “where you are connected to new people through people you already know. The purpose of some networking sites may be purely social, allowing users to establish friendships or romantic relationships, while others may focus on establishing business connections.
Although the features of social networking sites differ, they all allow you to provide information about yourself and offer some type of communication mechanism (forums, chatrooms, email and instant messenger) that enables you to connect with other users. On some sites, you can browse for people based on certain criteria, while other sites require that you be “introduced” to new people through a connection you share. Many of the sites have communities or subgroups that may be based on a particular interest. The three most popular social network sites are Facebook, Twitter and LinkedIn.
The following are security tips on the use of social network sites from US-CERT: How can you protect yourself? Limit the amount of personal information you post. Do not post information that would make you vulnerable, such as your address or information about your schedule or routine. If your connections post information about you, make sure the combined information is not more than you would be comfortable with strangers knowing. Also be considerate when posting information, including photos, about your connections.
Remember that the Internet is a public resource. Only post information you are comfortable with anyone seeing. This includes information and photos in your profile and in blogs and other forums.
Also, once you post information online, you can’t retract it. Even if you remove the information from a site, saved or cached versions may still exist on other people’s machine.
Be wary of strangers. The Internet makes it easy for people to misrepresent their identities and motives. Consider limiting the people who are allowed to contact you on these sites. If you interact with people that you do not know, be cautious about the amount of information you reveal or agreeing to meet them in person.
Be skeptical. Don’t believe everything you read online. People may post false or misleading information about various topics, including their own identities. This is not necessarily done with malicious intent; it could be unintentional, an exaggeration or a joke. Take appropriate precautions, though, and try to verify the authenticity of any information before taking any action.
Evaluate your settings. Take advantage of a site’s privacy settings. The default settings for some sites may allow anyone to see your profile, but you can customize your settings to restrict access to only certain people. There is still a risk that private information could be exposed despite these restrictions, so don’t post anything that you wouldn’t want the public to see. Sites may change their options periodically, so review your security and privacy settings regularly to make sure that your choices are still appropriate.
Be wary of third-party applications. Third-party applications may provide entertainment or functionality, but use caution when deciding which applications to enable. Avoid applications that seem suspicious, and modify your settings to limit the amount of information the applications can access.
Use strong passwords. Protect your account with passwords that cannot easily be guessed. If your password is compromised, someone else may be able to access your account and pretend to be you.
Check privacy policies. Some sites may share information such as email addresses or user preferences with other companies. This may lead to an increase in spam. Also, try to locate the policy for handling referrals to make sure that you do not unintentionally sign your friends up for spam. Some sites will continue to send email messages to anyone you refer until they join.
Keep software, particularly your Web browser, up to date. Install software updates so that attackers cannot take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.
Use and maintain anti-virus software. Anti-virus software helps protect your computer against known viruses, so you may be able to detect and remove the virus before it can do any damage. Bcause attackers are continually writing new viruses, it is important to keep your anti-virus definitions up to date.
For more information on the use of social network sites, please visit US-CERT website www.us-cert.gov. The FBI encourages recipients of this document to report information concerning suspicious or criminal activity to their local FBI Cyber Task Force or Cyber Watch (CyWatch), by telephone at (855) 292-3937 or by e-mail at firstname.lastname@example.org.
Reitan is the assistant chief of West Fargo Police Department