Chinese Cyber Spies Look to Buddy up with Nato
Image Credit: Reuters

Suspicions have again fallen on China after reports emerged suggesting Nato's most senior military official was the subject of a coordinated cyber scam.

The Observer reported on Sunday that cyber criminals had created a number of fake Facebook accounts masquerading as Supreme Allied Commander Europe (SACEUR) Admiral James Stavridis.

The fake accounts attempted to trick Nato employees into revealing personal details about Stavridis and his friends and family.

Theoretically, if the information was valid, the Facebook cyber scam could be the first step in an advanced persistent threat (APT) assault on Nato's networks - with the information gained potentially granting the hackers clues that could help them guess Stavridis's Nato passwords.

Speaking to the International Business Times UK, a Facebook spokesperson confirmed that the company was aware of the scam and had removed the fake accounts. "We removed the profile for violating our terms within a business day of receiving a report," said the spokesperson in an emailed statement.

Though Nato had not responded to the IBTimes UK's requests for comment, citing a number of unnamed sources,The Observer reported that Nato was aware of the attack and suspected China as being responsible.

Though China has become something of a cyber scapegoat, analysts have been quick to note it's likely most governments are all involved in some form of cyber espionage.

"Yes, I'm sure most countries around the world are using a variety of tricks to steal information," said Sophos security expert Graham Cluley on the attack.

Moving on, Cluley reported his belief that such attacks are not uncommon and showcase a problem with Facebook, rather than an inherent security flaw in Nato.

"This false Facebook friend trick is one of the most rudimentary, and underlines an issue with the site - you don't know that it's 'Fred' you're speaking to and sharing information with, just that its an account with Fred's name. You should always be very careful what information you share online - even more so if you have a sensitive job or position," commented Cluley.