US prosecutors have indicted a former US Air Force officer of spying for Iran in a scheme which targeted specific former colleagues in order to gain covert access to their computers. The cyber attack was aimed at tricking intelligence officers into clicking links or opening files which contained malware.
Monica Elfriede Witt, 39, and four Iranian citizens allegedly tried to install spyware on computers of intelligence officers, which included some of Ms Witt’s high-ranking former colleagues. One element of the scam involved creating a fake Facebook account in the name of a real intelligence officer using photos and information scraped from that officer’s actual Facebook account. The fake profile was so realistic that several of Ms Witt’s former colleagues accepted “friend” requests from it.
While the popular imagination assumes hacking and malware is spread aimlessly, this indictment highlights that sophisticated hackers working for governments or organized crime prefer to target known individuals. These tailored attacks are aimed at specific employees who have access to sensitive systems, confidential information, or control company accounts. A key element is careful planning and using personal contacts to trick staff into believing that they are receiving a message from a trusted source. Sloppy use of social media in the wider community already provides hackers with ample opportunities to build up a rounded picture of their potential victims.