recommended reading

State-sponsored cyber spies want your Facebook status, researchers say

Pan Xunbin /

This story was updated to provide a link to the Imperva report after it was released.

Facebook frequently takes flack for privacy invasions, but the next controversial byproduct of the social network may be cyber espionage, according to security researchers.

Status updates on Facebook posted by friends and family of government officials or the officials' own unencrypted Facebook activities can be used to gather intelligence such as U.S. troop movements, says Rob Rachwald, security strategy director for cybersecurity firm Imperva.

While data brokers profit by collating social communications for advertisers, spies and hackers on government payrolls can profit by parsing the same information. And there's a lot of it. In 2011, Max Schrems, a Vienna law student interested in the dossier Facebook's computers kept on him, filed a request for his social media records under European data protection regulations. He claims to have received a 1,222-page file of deleted messages, removed "friends" and other current and former data.

An Imperva report released on Tuesday explains hackers can analyze these records, including connections between "friended" business partners and colleagues, to map out the hierarchy of different organizations. "The organizational structure can be used for corporate espionage, foreign-government and even military intelligence," states a draft reviewed by Nextgov.

"The worst case scenario is you get admin rights to Gmail," by piecing together public or hacked intelligence from Facebook, Rachwald said in an interview. Last year, assailants apparently based in China actually did target the personal Gmail accounts of senior federal officials, according to Google.

Facebook spokesman Fred Wolens, who had not seen the report, said in response to Rachwald's concerns, "We designed Facebook to provide a safer and more trusted online environment by offering users industry leading tools to control access to their information so they can choose what they share and with whom they share it. We encourage people exercise caution when connecting with others unknown to them online or otherwise."

He added that the company has many technical systems in place to prevent "scraping," or mining the site's data, and to restrict Web search services from crawling through non-public information.

Rachwald said individuals often post status updates that unwittingly reveal their geographic locations. "Geolocation data is all together more valuable when cross-referencing it with the organizational structure. This can be very useful, say, to gain military intel on the location of the adversary's military units. In fact, last year an [Israel Defense Forces] operation was cancelled following a soldier's status update of the operation's time and location," the report states.

Government-sponsored hackers and spies may use tactics such as eavesdropping on a Facebook member's activities through unencrypted Wi-Fi connections, the paper states. Facebook uses a secure connection to read users' login credentials but all other information is sent back and forth in an unprotected format. Responding to this potential vulnerability, Facebook in January allowed users to opt into a setting that secures all Facebook activities. Imperva recommends users enable that option.

On the flipside, U.S. agencies can tap the same intelligence to ensnare spies and criminals, the report notes. Mentions of extreme weather in status updates have tipped off authorities to the locations of fugitives. And federal law enforcement officials need only a subpoena to obtain Facebook records on criminal suspects, according to the company's safety guidelines.

(Image via Pan Xunbin /

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.