The recent Israel Defense Force Intelligence Branch "Operation Social Resistance," used Facebook to simulate a Hamas-like organization posing as a new female friend, to initiate online chats for the purpose of eliciting soldiers to click on a link which would activate mobile telephone or computer surveillance and tracking. It was conducted after six Hamas operatives, complete with attractive photos, sought to convince soldiers to download a program, ostensibly for chat access, which gave Hamas complete access to multiple devices. The operation demonstrates that there are dangers posed by users unaware of such threats, which could thereafter result in unauthorized access to critical confidential information and intelligence.
On the non-military side, this issue does present risks, which the proper use of social media resource tools can mitigate down to acceptable levels. The public and private sectors where such risks exist include:
(1) Government leaders who are concerned that their rank-and-file staff might give attackers access to confidential or even classified information, through social media targeting similar to that detailed above,
(2) Executives in the private sector who are fearful that their employees may become the targets of industrial espionage, giving opponents' agents access to proprietary information, or even trade secrets.
In both types of situations, the prudent use of a social media platform, employed within a work environment where staff are aware of and consent to social media monitoring for internal security purposes, could expose external operations conducted by adversaries, seeking to gain illegal access to communications, to capture information. If any staff have been penetrated, they can be identified through the use of a program utilizing an AI/algorithm searching for such enticements, and any damage which may have occurred can be dealt with, or disinformation can be disseminated.
Additionally, the use of proactive operations by your company, such as deployed by the IDF, where those who were tricked into providing access, receive a warning message, indicating that they could have been penetrated, will raise the level of awareness among staff members.
It is suggested that leaders create both programs to raise the level of awareness of critical staff members and employees, and also use social media research tools to identify possible penetrations, by adversaries,using the social media tactics illustrated in this article. The optimum result would be prudent social media use by the potential targets, and exposure of any possible penetration/security violation that has already occurred.