Russian spies pose as 'attractive girls' in Facebook honeytraps to snoop on US soldiers

Kremlin-linked hackers are feared around the world for their sophisticated methods of breaking into the networks of military and government officials, but not every tactic needs to be tech-savvy. Indeed, some say old school tricks like the 'honeytrap' have simply moved to the web.

This tried-and-tested technique – using attractive men and women to persuade targets to reveal secret or personal information – has been adapted by Moscow's spies for the digital age, moving to social media platforms such as Facebook and Twitter to 'friend' and 'follow' US personnel.

"Some [tactics] are quite unsophisticated, attractive women sending friend requests," John Bambenek, a threat intelligence expert at Fidelis Cybersecurity told Politico. "Spies understand that a great deal can be discerned about what militaries are up to based on the unclassified behaviour of soldiers."

Officials are reportedly concerned Russian agents who "friend" US soldiers online will be able to share propaganda into their news feeds or even communicate directly. Of course, Russia is not the only country using the technique and it has long been rumoured North Korea uses honeytraps.

Fidelis was one of the many cybersecurity firms who analysed the "APT28" state hacking team following the breach at the Democratic National Committee (DNC) last year. The group has been assigned a slew of titles and codenames over the years, including Sofacy, Pawn Storm and Fancy Bear.

Social media is only one fork of the multi-faceted campaign against US military, government personnel and corporations, officials believe. For months, the nation's intelligence community has warned about a spike in cyber-aggression and so-called "active measures" from Russia.

Linda Roja, the US defence department's spokesperson told Politico she would not comment on specific online activities but confirmed that new technology has made keeping the movements, activities and day-to-day behaviour of military staffers more difficult to keep under wraps.

"The proliferation of internet-based communications and social media applications has elevated the potential for nefarious use that could affect our personnel," she said.

"We make every effort to educate and inform DoD personnel of these threats, while bolstering our network defense capabilities to protect IT infrastructure from outside intrusions."

Over the past year, Russian cyberespionage and leaking tactics have been under-the-spotlight due to their sheer brashness.

Multiple cybersecurity firms, including ThreatConnect, SecureWorks, Crowdstrike and Fidelis, have exposed various cases of misinformation, email phishing, hacking, leaking and surveillance.

"The Russian leadership invests significant resources in both foreign and domestic propaganda and places a premium on transmitting what it views as consistent, self-reinforcing narratives regarding its desires and redlines," the US government warned in a report from January this year.

According to the Financial Times, citing Russia's Kommersant newspaper, the Kremlin spends up to $300 million every year on its "cyber army". Russian defence minister, Sergei Shoigu, previously admitted the use of "information troops", saying: "Propaganda must be smart, literate and effective."

In a report released this week (13 June), Trend Micro, a cybersecurity firm, analysed the impact of fake news and propaganda spread via social channels.

"By now it should be very clear that social media has very strong effects on the real world," the firm warned. "It can no longer be dismissed as 'things that happen on the internet'. What goes on inside Facebook, Twitter, and other social media platforms can change the course of nations."