Robin Sage is a fictional American cyber threat analyst. She was created in December 2009 by Thomas Ryan, a security specialist and white hat hacker from New York City. Her name was taken from a training exercise of United States Army Special Forces. [1]
According to Sage's social networking profiles, she is a 25-year-old "cyber threat analyst" at the Naval Network Warfare Command in Norfolk, Virginia. She graduated from MIT and had allegedly 10 years of work experience, despite her young age. [2] Ryan created several accounts under the name Sage on popular social networks like Facebook, LinkedIn, Twitter etc. and used those profiles to contact nearly 300 people, most of them security specialists, military personnel, staff at intelligence agencies and defense contractors. [1] Her pictures were taken from a pornography-related website in order to attract more attention. [2]
Despite the fake profile and no other real-life information, Sage was offered consulting work with notable companies Google and Lockheed Martin. [2] She also received dinner invitations from several male contacts. [1]
Not everyone was fooled by Sage's profiles, and Ryan admitted that his cover was already blown on the second day, when several of those Sage tried to befriend attempted to verify her identity using the phone number he provided, checking email addresses outside the social networking sites or using the MIT alumni network to find her. Others recognized the fake identity of Sage based on her implausible profiles. Yet no central warning was issued about the profile, and users continued to connect with Sage despite warnings not to do so. [1]
Using those contacts, Ryan befriended men and women of all ages during a short time period between December 2009 and January 2010. Almost all of them were working for the United States military, government or companies (amongst the only organizations that did not befriend Sage were the CIA and the FBI [1] ). Using these contacts, Ryan gained access to email addresses and bank accounts as well as learning the location of secret military units based on soldiers' Facebook photos and connections between different people and organizations. [2] She was also given private documents for review and was invited to speak at several conferences. [3]
Ryan presented his findings [4] as a speaker at the "Black Hat" conference in Las Vegas with a presentation he called "Getting in bed with Robin Sage". [2] [3] He explained that his short experiment proves that seemingly harmless details shared via social networking pages can be harmful but also that many people entrusted with vital and sensitive information would share this information readily with third parties, provided they managed to capture their interest. He concluded that his findings could have compromised national security if a terrorist organization had employed similar tactics. [5]
Computer security, cybersecurity, digital security or information technology security is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.
Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.
Phishing is a form of social engineering and scam where attackers deceive people into revealing sensitive information or installing malware such as ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim. As of 2020, it is the most common type of cybercrime, with the FBI's Internet Crime Complaint Center reporting more incidents of phishing than any other type of computer crime.
Internet fraud is a type of cybercrime fraud or deception which makes use of the Internet and could involve hiding of information or providing incorrect information for the purpose of tricking victims out of money, property, and inheritance. Internet fraud is not considered a single, distinctive crime but covers a range of illegal and illicit actions that are committed in cyberspace. It is, however, differentiated from theft since, in this case, the victim voluntarily and knowingly provides the information, money or property to the perpetrator. It is also distinguished by the way it involves temporally and spatially separated offenders.
LinkedIn is a business and employment-focused social media platform that works through websites and mobile apps. It was launched on May 5, 2003 by Reid Hoffman and Eric Ly. Since December 2016, LinkedIn has been a wholly owned subsidiary of Microsoft. The platform is primarily used for professional networking and career development, and allows jobseekers to post their CVs and employers to post jobs. From 2015, most of the company's revenue came from selling access to information about its members to recruiters and sales professionals. LinkedIn has more than 1 billion registered members from over 200 countries and territories.
Email spoofing is the creation of email messages with a forged sender address. The term applies to email purporting to be from an address which is not actually the sender's; mail sent in reply to that address may bounce or be delivered to an unrelated party whose identity has been faked. Disposable email address or "masked" email is a different topic, providing a masked email address that is not the user's normal address, which is not disclosed, but forwards mail sent to it to the user's real address.
Rogue security software is a form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. It is a form of scareware that manipulates users through fear, and a form of ransomware. Rogue security software has been a serious security threat in desktop computing since 2008. An early example that gained infamy was SpySheriff and its clones, such as Nava Shield.
Joseph Anthony Cafasso Jr. is an American former Fox News consultant on military and counterterrorism issues who left the network in 2002 after it was discovered he was a military imposter. Cafasso claimed to have been a retired Special Forces lieutenant colonel who was a Vietnam War veteran and recipient of the Silver Star, but his official service records showed he had been administratively separated in 1976 during basic training after 44 days.
Facebook has been the subject of criticism and legal action since it was founded in 2004. Criticisms include the outsize influence Facebook has on the lives and health of its users and employees, as well as Facebook's influence on the way media, specifically news, is reported and distributed. Notable issues include Internet privacy, such as use of a widespread "like" button on third-party websites tracking users, possible indefinite records of user information, automatic facial recognition software, and its role in the workplace, including employer-employee account disclosure. The use of Facebook can have negative psychological and physiological effects that include feelings of sexual jealousy, stress, lack of attention, and social media addiction that in some cases is comparable to drug addiction.
Koobface is a network worm that attacks Microsoft Windows, Mac OS X, and Linux platforms. This worm originally targeted users of networking websites like Facebook, Skype, Yahoo Messenger, and email websites such as GMail, Yahoo Mail, and AOL Mail. It also targets other networking websites, such as MySpace, Twitter, and it can infect other devices on the same local network. Technical support scammers also fraudulently claim to their intended victims that they have a Koobface infection on their computer by using fake popups and using built-in Windows programs.
Social hacking describes the act of attempting to manipulate outcomes of social behaviour through orchestrated actions. The general function of social hacking is to gain access to restricted information or to a physical space without proper permission. Most often, social hacking attacks are achieved by impersonating an individual or group who is directly or indirectly known to the victims or by representing an individual or group in a position of authority. This is done through pre-meditated research and planning to gain victims’ confidence. Social hackers take great measures to present overtones of familiarity and trustworthiness to elicit confidential or personal information. Social hacking is most commonly associated as a component of “social engineering”.
Cyberwarfare is a part of Iran's "soft war" military strategy. Being both a victim and wager of cyberwarfare, Iran is considered an emerging military power in the field.
"Operation Newscaster", as labelled by American firm iSIGHT Partners in 2014, is a cyber espionage covert operation directed at military and political figures using social networking, allegedly done by Iran. The operation has been described as "creative", "long-term" and "unprecedented". According to iSIGHT Partners, it is "the most elaborate cyber espionage campaign using social engineering that has been uncovered to date from any nation".
Fancy Bear, also known as APT28, Pawn Storm, Sofacy Group, Sednit, Tsar Team and STRONTIUM or Forest Blizzard, is a Russian cyber espionage group. Cybersecurity firm CrowdStrike has said with a medium level of confidence that it is associated with the Russian military intelligence agency GRU. The UK's Foreign and Commonwealth Office as well as security firms SecureWorks, ThreatConnect, and Mandiant, have also said the group is sponsored by the Russian government. In 2018, an indictment by the United States Special Counsel identified Fancy Bear as GRU Unit 26165. This refers to its unified Military Unit Number of the Russian army regiments. The headquarters of Fancy Bear and the entire military unit, which reportedly specializes in state-sponsored cyberattacks and decryption of hacked data, were targeted by Ukrainian drones on July 24, 2023, the rooftop on one of the buildings collapsed as a result of the explosion.
Chris Kubecka is an American computer security researcher and cyberwarfare specialist. In 2012, Kubecka was responsible for getting the Saudi Aramco network back up and running after it was hit by one of the world's most devastating Shamoon cyberattacks. Kubecka also helped halt a second wave of July 2009 cyberattacks against South Korea. Kubecka has worked for the US Air Force as a Loadmaster, the United States Space Command and is now CEO of HypaSec, a security firm she founded in 2015. She lives and works in the Netherlands.
Charming Kitten, also called APT35, Phosphorus or Mint Sandstorm, Ajax Security, and NewsBeef, is an Iranian government cyberwarfare group, described by several companies and government officials as an advanced persistent threat.
Internet security awareness or Cyber security awareness refers to how much end-users know about the cyber security threats their networks face, the risks they introduce and mitigating security best practices to guide their behavior. End users are considered the weakest link and the primary vulnerability within a network. Since end-users are a major vulnerability, technical means to improve security are not enough. Organizations could also seek to reduce the risk of the human element. This could be accomplished by providing security best practice guidance for end users' awareness of cyber security. Employees could be taught about common threats and how to avoid or mitigate them.
James Linton is a social engineer and email prankster known for duping high-profile celebrities and politicians. For five months in 2016 through to 2017, the "lazy anarchist" known by the Twitter alias SINON_REBORN created over 150 look-alike email accounts and emailed high-profile individuals in the political, financial, and entertainment industries from his iPhone 7.
Kimberly Zenz is a cybersecurity research with an emphasis on the RuNet. Her work experience includes RuNet researcher at Verisign iDefense and Head of Threat Intelligence at the Deutsche Cyber-Sicherheitsorganisation. In 2019, a Moscow court reportedly accused her of passing along information of interest to the Russian government to U.S. intelligence officials. Zenz refuted these accusations and repeatedly requested to testify. The court ignored her request and did not permit her to testify.
The Cyber Scouts is a Thai state-sponsored youth-based online vigilante network that German academic Wolfram Schaffar has characterised as 'reminiscent of fascist vigilante groups'. It was founded in 2010 and currently operates under the Ministry of Digital Economy and Society. The program trains high school and university students nationally in ultra-royalist ideology via workshops. Its two main objectives are indoctrinating Thai youth with ultra-royalist values and creating a youth-based nationwide network dedicated to detecting and reporting lèse-majesté violations through online surveillance.