A NATO cyber “red team” decided to see if they could infiltrate their forces through social media accounts and learned it was far easier to get data, locations and to sway their troops’ behavior than they thought it would be.
“Overall we identified a significant amount of people taking part in the exercise and managed to identify all members of certain units, pinpoint the exact locations of several battalions, gain knowledge of troop movements to and from exercises and discover the dates of active phases of the exercises," the NATO report found. "The level of personal information we found was very detailed and enabled us to instill undesirable behavior during the exercise.”
The sudden removal of the account calls into question transparency concerns regarding the Corps’ combat missions overseas.
NATO embedded researchers within a red team already monitoring the exercise. The researchers, from NATO’s Strategic Communications Centre of Excellence, targeted troops participating in an exercise in an allied country to not only see how much data they could detect, but also to see “if we would be able to induce certain behaviors such as leaving their positions, not fulfilling duties, etc., using a range of influence activities based on the acquired data.”
They were able to do just that, however NATO did not specify what “undesirable behavior" they were able to generate.
NATO did find that Twitter was not very useful for infiltrating troops. But the researchers were able to mine significant amounts of information from Facebook and Instagram. Facebook also detected fake pages NATO established and shut down some of the false accounts it set up.
Facebook has been problematic for military forces, as hackers use personal data to set up spoofing pages impersonating military personnel, even up to current Chairman of the Joint Chiefs Marine Corps Gen. Joseph Dunford.