http://www.washingtontimes.com/news/2010/jul/18/fictitious-femme-fatale-fooled-cybersecurity/ By Shaun Waterman The Washington Times July 18, 2010 Call her the Mata Hari of cyberspace. Robin Sage, according to her profiles on Facebook and other social-networking websites, was an attractive, flirtatious 25-year-old woman working as a "cyber threat analyst" at the U.S. Navy's Network Warfare Command. Within less than a month, she amassed nearly 300 social-network connections among security specialists, military personnel and staff at intelligence agencies and defense contractors. A handful of pictures on her Facebook page included one of her at a party posing in thigh-high knee socks and a skull-and-crossbones bikini captioned, "doing what I do best." "Sorry to say, I'm not a Green Beret! Just a cute girl stopping by to say hey!" she rhymingly proclaimed on her Twitter page, concluding, "My life is about info sec [information security] all the way!" And so it apparently was. She was an avid user of LinkedIn - a social-networking site for professionals sometimes described as "Facebook for grown-ups." Her connections on it included men working for the nation's most senior military officer, the chairman of the Joint Chiefs of Staff, and for one of the most secret government agencies of all, the National Reconnaissance Office (NRO), which builds, launches and runs U.S. spy satellites. Others included a senior intelligence official in the U.S. Marine Corps, the chief of staff for a U.S. congressman, and several senior executives at defense contractors, including Lockheed Martin Corp. and Northrop Grumman Corp. Almost all were seasoned security professionals. But Robin Sage did not exist. Her profile was a ruse set up by security consultant Thomas Ryan as part of an effort to expose weaknesses in the nation's defense and intelligence communities - what Mr. Ryan calls "an independent 'red team' exercise." [...] _________________________________________________________________ Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada July 24-29th, offering over 60 training sessions and 11 tracks of Briefings from security industry elite. To sign up visit http://www.blackhat.comReceived on Sun Jul 18 2010 - 22:25:14 PDT
This archive was generated by hypermail 2.2.0 : Sun Jul 18 2010 - 22:39:03 PDT