New playground to trap soldiers for information

Army veterans are now being targeted on social media by hackers of the ‘enemy’ countries, reports SANJIB SINHA

Slow down a bit. There’s a trap somewhere along here. Using subterfuge to gain entry is not a new trick. It has been done before through various forms in the past. Now, the social media is the new playground for trapping old guys, especially army veterans who want to connect to their former colleagues through Facebook pages. The findings and the report is mind boggling.

Using this trick is super easy in a country like India which has recently beaten countries like the US, UK and China in the race of gaining the top post on the chart of ‘Internet Addiction’. Now, 82 percent of Indian Internet users cannot live without the Internet as per the data collated by Statista, the survey was conducted by IPSOS. Old and young alike, people are connected now; in countries such as India, where the net-addiction rate is so high, old people could easily fall prey to the trap laid by the hackers hired by the enemy country. They are lured to the misinformation and junk news about military affairs.

Last year, an Oxford study revealed this truth first: military veterans are ripe targets for such exploitation by enemy countries. Why they are targeted? According to the report, veterans are more likely than the average person to be community leaders and they participate in community culture more actively than average citizens; it is also true that their political opinions are momentous determiner on those around them.

Sensing that, foreign powers, impersonating individuals and organisations, target the veterans and try to gain their trust. What the hackers are doing now is not a very advanced level of breach of trust or spoofing; the method is simple: gain the trust by impersonating organizations that veterans rely on. Bombarding them with misinformation, conspiracy theories, and other forms of junk news about military affairs and national security issues. Recently the same thing happened in the US where through Facebook and Twitter, a broad network of extremists has targeted the veterans the same way. Researchers have found the persistent interactions between current and former military personnel and the impersonators hired by the foreign enemy country. In Facebook, the researchers have experienced the same thing: there are pages dedicated to the military and veterans that have significant and persistent interactions with the subgroups dedicated to the political conspiracy theories.

To the researchers’ astonishment, it has been found that many subgroups spend quality time consuming the fake and junk news targeting the democracy and the veterans suddenly begin to suffer from such wrong, misinformation. It has also been found that the military and the veterans are among the most sophisticated news consumers and as they play the community roles effectively, it is easier to convince them with the misinformation.

While targeting the veterans enemy hackers do some kind of reconnaissance using search engine giants such as Google. And that is also not a very difficult task, indeed. How do the hackers often use Google for reconnaissance? For information gathering anyone can use his simple technique which sometimes could bear lots of fruits.

Though it seems trivial at first glance, hackers generally use search engines to collect huge information about the target veterans before launching any direct attack. Common people don’t know and even don’t have any faint idea of how a hacker uses this skill for gathering passive information about any target. Refining web searches can be made easy with the help of Google search. Hackers can use symbols or words in their searches to make the search results more precise.

When someone uses these techniques, “Google Search” usually takes no notice of punctuation, which isn’t part of a search operator so better one omits it in the very beginning. The hacker does not include spaces between the symbols or words and the search terms. In the course of time, if one writes “site:xyz.com”, then this will work. However, if any space is given between them like this – “site: xyz.com” then it will not work.

There are many common search techniques through Google search that can be used to gather passive information to gather information about the target. Suppose the hacker wants to search the social media about a person or organization. In that case, one can place ‘@’ sign in front of a word to search social media. If you want to get information about a veteran like “Sanjib Sinha” in social media then just writing @sanjibsinha will give tons of information.

For social media, “hashtags” are popular to find out your favorite words that are trending at present. In Google search, you may write the word like this: #word.

Making the search more specific and pinpointed is a real challenge. To do that one may need to omit few words. There are lots of words that have similarity and it’s impossible for Google algorithm to make a differentiation between them. Suppose you want to know the speed of a tiger. Now there might be a brand of car that has also been called ‘tiger’. In such cases, Google brings all the relevant measurement – the speed of the animal alongside the speed of the car. If you don’t want the speed of car then you can place ‘-’ before the word ‘car’. So finally the search phrase will stand like this:
‘tiger speed –car’.

You may want to search for an exact match of any word like ‘Sanjib Sinha army infantry’. In that case, your search must be double quoted: “Sanjib Sinha army infantry”.

You may want to search wildcards of an unknown word with star sign “*” like this: “Sanjib Sinha * air force”.

Sometimes searching within a range of numbers is necessary. Suppose you’re looking for a mobile within price range 50 and 100 dollars. In that case, you may zero down your hunt this way: mobile $50..$100. Using two dots like this “..” will help you to find mobile prices ranging from 50 to 100 dollars only.

Combining searches is another option where you may want to compare between two closely related words like ‘army’ and ‘navy’. To narrow down your chase write “OR” between these two words — army OR navy.

By now you have probably known that extensions are generally used for domain specifications like “.gov” usually stands for government sites. In such cases simply put “site:” before a site or domain like this: ‘site:xyz.com’ or ‘site:.gov’, or ‘site:.mil’.

There are other sites that are related to one specific site and the hacker may need to get results about them also. In such cases, you can use the term “related”. Write “related:xyz.com”. Other sites associated with ‘xyz.com’ will automatically fall prey to the hunting spree.

Want more information and go deep into the details of any site? Just put “info:” in front of the site address like this — info:xyz.com.

Usually, Google keeps the cached version of many sites those do not exist anymore. You may want to check whether such cached versions exist or not. Put “cache:” before the site address — cache:xyz.com or about someone like this — cache:sanjibsinha.

Particularly in a country like India the challenge is immense. The low tech-literacy and ailing health can create vulnerabilities for old veterans, in the US we saw in 2015 a massive OPM data-breach took place where the cyber-attack compromised background check information for nearly every soldier who had received a security clearance since the Iraq war began. In our country we need to be aware of these facts and take suitable actions if needed.

 

—The writer is an author and ethical hacker. As a published author, Microsoft’s community contributor award winner, Sanjib Sinha has written several books, including the best selling security book “Beginning Ethical Hacking with Python” for Apress.

letters@tehelka.com