Iranian hackers play to DC vanity through social media

Maybe it’s because Washington, D.C., is known as a city of vanity, arrogance, and many high-profile people that it became the target of Iranian social media hackers looking for important information, contacts and connections.

Some months ago, social media “friend” requests began to subtly pour into the email inboxes of Washington insiders, influence peddlers and officials from purported high-profile journalists.  Washington was unwittingly being “harpooned” by Iran.  Why? Because by invading social media accounts, the Iranians would then weave a network among their other “friends” of unwitting Washington officialdom … which by and large is naïve about social media.

The fake news organization, NewsOnAir.org.

The fake news organization, NewsOnAir.org.

LinkedIn, Twitter and Facebook were the favorite channels. It worked like a charm in Washington and played to the vanity of people always looking to network, themselves, for more names to drop and perhaps a chance at greater attention from a credible-looking but completely fake news site – NewsOnAir.org.

But … and, there is always a “but” … careful reading of the friend requests from the so-called news personalities at Fox News, Reuters, and nearly every other news organization would reveal a complete lack of substance. Names were cleverly misspelled in order to easily mislead. Backgrounds, experience and education details were all faked, blatantly bogus.

In the digital world, the practice of creating phony and misleading social media profiles is called, “harpooning.”  Here is one example of harpooning by the Iranian hackers on Facebook … a completely fictitious person and profile of a so-called Joseph Nilsson, “founder” of the Iranian news site, NewsOnAir.org.

The fake Facebook profile of NewsOnAir.org's "founder."

The fake Facebook profile of NewsOnAir.org’s “founder.”

NewsOnAir.org today was officially exposed by Reuters:

The operation has been active since at least 2011 and has been called the most elaborate cyber espionage campaign using “social engineering” to date. In an unprecedented, three-year cyber espionage campaign, Iranian hackers created false social networking accounts and a fake news website to spy on military and political leaders in the United States, Israel and other countries.

The Iranian hackers created six “personas” who appeared to work for a fake news site, NewsOnAir.org, which used content from the Associated Press, BBC, Reuters and other media outlets. The hackers created another eight personas who purported to work for defense contractors and other organizations

The hackers set up false accounts on Facebook and other online social networks for these 14 personas, populated their profiles with fictitious personal content, and then tried to befriend target victims.

The Iranian hackers used the 14 personas to make connections with more than 2,000 people, including ambassadors, military leaders, political leaders in the U.S., Israel and other countries, and members of the U.S.-Israeli lobby.

Fake Facebook profile of a Reuters journalist.

Fake Facebook profile of a Reuters journalist.

Despite the Billions and Billions of dollars spent by the U.S. government to spy on all of us, the efforts by Iranian hackers to probe and network their way into the social media accounts of official Washington seemingly went undetected. (I guess the feds were too busy monitoring our IM texts and the stuff we buy online.)

I suppose the take-away is that some people still have much to learn about how vulnerable is social media. It’s always best to know who you associate with.