Cyber spies targeting companies with sophisticated “long cons”

ByCraig Haley

State-sponsored cyber spies are stepping up the espionage game with increasingly intricate social engineering scams targeting company employees that could play out for months, even years, a security firm has discovered.

If her Facebook and LinkedIn profiles are to be believed, Mia Ash is a pretty 30 year old photographer from Staffordshire, England with a master’s degree from the University of London. She has been on social media for some time, with plenty of friends and regularly updates her profiles, including the odd selfie. She can be contacted using any of her available email address and she even has WhatsApp.

Nothing about Mia or her online profiles particularly stands out as odd, or suspicious.

Nevertheless, she isn’t real. She’s nothing more than an online persona that does not exist outside of her accounts. The digital successor to Andy Dufresne’s Randall Stevens. Her information is pure fabrication and her photos stolen from someone else. A figment of the imagination of someone you don’t know.


Sponsored Content. Continued below...




Not only that, but security firm SecureWorks have linked those who created Mia and her online persona to a hacking group called OilRig who they believe are working on behalf of the Iranian government in a widespread, long term espionage campaign aimed at befriending employees of high profile companies in order to infiltrate their respective company networks.

Earlier this year, SecureWorks had helped a Middle Eastern company attempt to discover the source of an attempted spyware infection. During their investigation, the security firm had discovered that one of the company employees had been friends with Ms. Mia Ash for over a month. That friendship had begun on LinkedIn over innocent photography related questions, but soon expanded over other social networks and topics.

The company employee was soon asked by Mia to open a photography related questionnaire sent over email to his work computer, in the form of a Microsoft Excel document. When opened, that document launched malicious script onto the employee’s computer which subsequently attempted to download and install malware onto the company network. Luckily the security software on the network prevented the infection from taking hold.


Sponsored Content. Continued below...




Analysis of the social networks belonging to Mia Ash turned up a number of different friends, mostly from the Middle East, as well as a number of employees of other companies including many from the United States. Mia Ash had been busy befriending people, it would seem.

The case highlights that hackers in the espionage game are more than capable of playing the so-called “long con”, exploiting what will always be the weak point in a company’s cyber defenses – the employees themselves – by developing friendships and building trust over time with the long term objective of infiltrating their networks. In this example it was malware, but hackers can also glean sensitive information from employee social media profiles as well as by simply asking seemingly innocuous questions.

The accounts belonging to Mia Ash have now been removed, but Mia is almost certainly only one of a high number of fake online personas, out there in the wild right now with the sole aim of befriending employees of specifically selected companies, with the intention of exploiting those friendships in the name of the espionage game.

That should be enough to keep any company director up at night.

Keep up-to-date with all our latest articles. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)