recommended reading

State-sponsored cyber spies want your Facebook status, researchers say

Pan Xunbin /

This story was updated to provide a link to the Imperva report after it was released.

Facebook frequently takes flack for privacy invasions, but the next controversial byproduct of the social network may be cyber espionage, according to security researchers.

Status updates on Facebook posted by friends and family of government officials or the officials' own unencrypted Facebook activities can be used to gather intelligence such as U.S. troop movements, says Rob Rachwald, security strategy director for cybersecurity firm Imperva.

While data brokers profit by collating social communications for advertisers, spies and hackers on government payrolls can profit by parsing the same information. And there's a lot of it. In 2011, Max Schrems, a Vienna law student interested in the dossier Facebook's computers kept on him, filed a request for his social media records under European data protection regulations. He claims to have received a 1,222-page file of deleted messages, removed "friends" and other current and former data.

An Imperva report released on Tuesday explains hackers can analyze these records, including connections between "friended" business partners and colleagues, to map out the hierarchy of different organizations. "The organizational structure can be used for corporate espionage, foreign-government and even military intelligence," states a draft reviewed by Nextgov.

"The worst case scenario is you get admin rights to Gmail," by piecing together public or hacked intelligence from Facebook, Rachwald said in an interview. Last year, assailants apparently based in China actually did target the personal Gmail accounts of senior federal officials, according to Google.

Facebook spokesman Fred Wolens, who had not seen the report, said in response to Rachwald's concerns, "We designed Facebook to provide a safer and more trusted online environment by offering users industry leading tools to control access to their information so they can choose what they share and with whom they share it. We encourage people exercise caution when connecting with others unknown to them online or otherwise."

He added that the company has many technical systems in place to prevent "scraping," or mining the site's data, and to restrict Web search services from crawling through non-public information.

Rachwald said individuals often post status updates that unwittingly reveal their geographic locations. "Geolocation data is all together more valuable when cross-referencing it with the organizational structure. This can be very useful, say, to gain military intel on the location of the adversary's military units. In fact, last year an [Israel Defense Forces] operation was cancelled following a soldier's status update of the operation's time and location," the report states.

Government-sponsored hackers and spies may use tactics such as eavesdropping on a Facebook member's activities through unencrypted Wi-Fi connections, the paper states. Facebook uses a secure connection to read users' login credentials but all other information is sent back and forth in an unprotected format. Responding to this potential vulnerability, Facebook in January allowed users to opt into a setting that secures all Facebook activities. Imperva recommends users enable that option.

On the flipside, U.S. agencies can tap the same intelligence to ensnare spies and criminals, the report notes. Mentions of extreme weather in status updates have tipped off authorities to the locations of fugitives. And federal law enforcement officials need only a subpoena to obtain Facebook records on criminal suspects, according to the company's safety guidelines.

(Image via Pan Xunbin /

Threatwatch Alert

Accidentally leaked credentials / Misplaced data / Stolen credentials

Internet-Connected Teddy Bears Don’t Keep Secrets

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.