Proxy Service Opens Hole for Spies to Slip Through
A number of organizations, both in government and the private sectors, restrict the use of social networking sites by employees at work stations, generally by employing a firewall filter. However, it appears that employees at some of these organizations are not exactly following company (or agency) policy.
In a recent blog post, author and researcher Jeff Carr writes that some employees at these organizations use free proxy servers “to get their daily SNS fix on Twitter, Facebook, YouTube, etc.”
A Swiss researcher who operates Abuse.ch recently studied proxy servers and was able to capture the log files. While the majority are school or home IPs, some are IPs of government agencies, which raises concerns over the possibility of cyber espionage.
As Carr points out, “If this were an intelligence collection operation, you’d now have the identity of a government or military employee, the name of his agency, all of his personal information that’s been shared online plus his entire social network. It doesn’t get much better than this in the world of Open Source Intelligence (OSINT).”
The list of agencies that were on the list of IPs in the log files are from the U.S., as well as other nations.
They include: Ministry of Foreign Affairs, Ministry of Finance, Ministry of Economy, Department of Defense, Department of Atomic Energy, Department of Science and Technology, National Police Service, Atomic Energy Commission, Centre for Atomic Research and a number of other agencies.
Related posts:
