A NATO-accredited research group, the Strategic Communications Center of Excellence (StratCom COE), was able to manipulate NATO forces during an experiment intended to test the security of sensitive information.
Researchers ultimately found that NATO forces could be identified, located and tracked by enemy forces, and even persuaded to disobey orders or engage in other “undesirable behaviors,” thanks to $60 open source software that allowed them to do just that, according to Business Insider and Wired.
NATO StratCom COE released a report on its findings and explained the experiment, which used a combination of impersonation, honeypot pages, social engineering, monitoring and befriending of accounts, people, search engines and open source databases.
NATO Group Catfished Soldiers to Prove a Point About Privacy https://t.co/ku6KkrgCzQ pic.twitter.com/xqiq9E0lQZ
— AntiCorruptionDigest (@anti_digest) March 19, 2019
In the experiment, the researchers were named the “red team” and they looked up information about service members that could exploit them. The researchers created bogus Facebook military support groups and drew service members in to spark up conversations.
Researchers “managed to identify all members of certain units, pinpoint the exact locations of several battalions, gain knowledge of troop movement to and from exercises, and discover dates of the active phases of the exercise,” the report said. “The level of personal information we found was very detailed and enabled us to instill undesirable behavior during the exercise.”
“Social media gives users the power to spread and receive contaminated information,” the report said.
Nora Biteniece, a researcher behind the project, said they looked for “valuable information, particularly exploitable information, like a serviceman having a wife and also being on dating apps.”
Janis Sarts, the director of NATO’s StratCom Center of Excellence, said, “Every person has a button. For somebody there’s a financial issue, for somebody it’s a very appealing date, for somebody it’s a family thing. It’s varied, but everybody has a button. The point is what’s openly available online is sufficient to know what that is.”
Russia is very good at being able to locate the kind of information obtained in the study.
U.S. Army Col. Liam Collins said, “The Russians are adept at identifying Ukrainian positions by their electrometric signatures.”
He added, “In one tactic, soldiers receive texts telling them they are ‘surrounded and abandoned.’ Minutes later, their families receive a text stating, ‘Your son is killed in action,’ which often prompts a call or text to the soldiers. Minutes later, soldiers receive another message telling them to ‘retreat and live,’ followed by an artillery strike to the location where a large group of cellphones was detected.”
In 2017, the Wall Street Journal revealed that cellphones of NATO troops were being hacked by the Russians “to gain operational information, gauge troop strength and intimidate soldiers.”
Russia has been trying to thwart their troops from becoming prey to this type of social media espionage. In fact, they are working to completely ban troops from disclosing any information at all online after social media revealed sensitive information pertaining to Russia’s activities in Syria.
Editor’s Note: This headline and story have been edited to reflect that the NATO Strategic Communications Center of Excellence (NATO StratCom COE) is a NATO-accredited research group, and that NATO itself did not conduct the study. It has also been edited to reflect that the study was conducted on NATO troops, and not just U.S. troops.