Social Media IO Roundup
This project is focused on identifying possible State-Sponsored Information Operations (IO) across various Social Media platforms.
Man is least himself when he talks in his own person. Give him a mask, and he will tell you the truth.
- Oscar Wilde
——
Review:
Social Media IO: Behavioral Characteristics: Analysis of potential Actor(s) Part 1
Wrap up:
For this release we will cover the following:
Introduction to User Behavioral Analysis(UBA) and Social Networking Analysis(SNA).
Overview of Behavior Analysis.
Social Network Analysis fundamentals.
Data visualization Examples (Russian disinformation).
Network visualizations (how to look at the data)
Social Media IO: A Look at Edward Bernays (The father of Public Relations)
Wrap up:
For this release we will cover the following:
What are Public Relations?
What is Strategic Communication?
What is Propaganda?
Who is Sigmund Freud?
What is herd instinct?
What is crowd psychology?
What is psychological warfare?
What is mass psychology?
——
Watch First:
We need to define what a cyber-persona/pseudonym/alias is and then discuss how we can leverage it.
A cyber-persona/pseudonym/alias is what will be interacting with other users on the network. The Cyber personas interface with other online users - they emulate an actual person or entity. A persona must have an established background with biographical or corporate data, email and Internet protocol (IP) address(es), web pages, phone numbers that fit the narrative of the profile - this allows, However, one individual may have multiple cyber personas, which vary in the degree to which they are factually accurate. A single cyber persona can characterize multiple users. Any persona needs to be developed and protected.
Rob Braxman reveals below what he feels are some of the big dangers of mainstream tech to our personal freedom. What are the initial steps we can take to protect ourselves? We will go through just the initial steps needed as a beginner.
In general, a digital footprint needs to be managed - this requires awareness. First off what is a digital footprint? One definition is the information about a particular person that exists on the internet as a result of their online activity - that will be the definition we use here.
The below video tutorial will introduce topics such as passwords, 2FA, digital footprints, social media, VPNs, proxies, Tor, encrypted communication & messaging, web browsing, smartphones, computers, data privacy, real-world privacy/security, FOSS (open source) and anonymous shopping. These technologies allow for the opportunity to manage and or maintain a digital footprint.
Character creation:
How to create a persona that fits the environment that it’s operating in is a skill. Writers craft characters creating in-depth biographs, this method can be utilized for the forming of a passable persona history.
What is in a name? How in-depth does your identity need to go? This video will complement the above character development content above.
“Choosing a pen name can be a useful tool and also a strong metaphor for writers. It can help change the voice of your writing; disguise your presence as the author; shield you from attacks or criticism; allow you to publish more successfully in various genres; distinguish you from similarly named individuals, and even piggyback off the success of others. So, why are you choosing this pen name? Is it for fun? For inspiration? Are you choosing this name because you don't associate strongly with your given name? Is it because it is part of a cultural tradition? All of these questions will inform your choice of name. As writers, however, I feel it is most important to discuss the ways that our pen names can change the reception and understanding of our writing.” [https://www.servicescape.com/blog/how-to-choose-a-pen-name-that-is-right-for-you]
MEAT & POTATOES:
Social Media IO: Persona 101
Goal:
For this release we will cover the following:
Why would you use a Pen name?
What is a digital footprint?
What is a VPN?
What is a VPS?
What is a proxy?
What is TOR?
What is 2FA?
What is a Character?
Where to buy social media accounts?
Terms, Video reference of definitions and their function:
Definitions are necessary - yet we need to understand how it/things work.
Pen Name: Also called a nom de plume (French: [nɔ̃ də plym]) or a literary double, is a pseudonym (or, in some cases, a variant form of a real name) adopted by an author and printed on the title page or by-line of their works in place of their real name.
A pen name may be used to make the author's name more distinctive, to disguise the author's gender, to distance the author from their other works, to protect the author from retribution for their writings, to merge multiple persons into a single identifiable author, or for any of a number of reasons related to the marketing or aesthetic presentation of the work.. [https://en.wikipedia.org/wiki/Pen_name]
Digital Footprint: Refers to one's unique set of traceable digital activities, actions, contributions, and communications manifested on the Internet or digital devices. Digital footprints can be classified as either passive or active. The former is composed of a user's web-browsing activity and information stored as cookies. The latter is often released deliberately by a user to share information on websites or social media. While the term usually applies to a person, a digital footprint can also refer to a business, organization, or corporation. [https://en.wikipedia.org/wiki/Digital_footprint]
VPN: The term virtual private network (abbreviated VPN) describes any technology that can encapsulate and transmit network data, typically Internet Protocol data, over another network. Such a system enables users to access network resources that may otherwise be inaccessible from the public internet. VPNs are frequently used in the information technology sector to provide access to resources for users that are not physically connected to an organization's network, such as telecommuting workers. VPNs are so named because they may be used to provide virtual (as opposed to physical) access to a private network. [https://en.wikipedia.org/wiki/Virtual_private_network]
VPS: A virtual private server runs its own copy of an operating system (OS), and customers may have superuser-level access to that operating system instance, so they can install almost any software that runs on that OS. For many purposes, they are functionally equivalent to a dedicated physical server, and being software-defined, are able to be much more easily created and configured. They are priced much lower than an equivalent physical server. However, as they share the underlying physical hardware with other VPSes, performance may be lower, depending on the workload of any other executing virtual machines. [https://en.wikipedia.org/wiki/Virtual_private_server]
Proxy: This is a server application or appliance that acts as an intermediary for requests from clients seeking resources from servers that provide those resources. A proxy server thus functions on behalf of the client when requesting service, potentially masking the true origin of the request to the resource server.
Instead of connecting directly to a server that can fulfill a requested resource, such as a file or web page, the client directs the request to the proxy server, which evaluates the request and performs the required network transactions. This serves as a method to simplify or control the complexity of the request,[2] or provide additional benefits such as load balancing, privacy, or security. Proxies were devised to add structure and encapsulation to distributed systems. [https://en.wikipedia.org/wiki/Proxy_server#Open_proxies]
TOR: A free and open-source software for enabling anonymous communication by directing Internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays in order to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace the Internet activity to the user: this includes "visits to Web sites, online posts, instant messages, and other communication forms". Tor's intended use is to protect the personal privacy of its users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities unmonitored.[https://en.wikipedia.org/wiki/Tor_(anonymity_network)]
2FA: (MFA; encompassing Two-factor authentication or 2FA, along with similar terms) is an electronic authentication method in which a device user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something only the user knows), possession (something only the user has), and inherence (something only the user is). MFA protects the user from an unknown person trying to access their data such as personal ID details or financial assets. [https://en.wikipedia.org/wiki/Multi-factor_authentication]
Character Development: What does character mean? Why is it important?
Characters for our purposes refers to the role (online) and characteristics that differentiate him/her from others. The key here is that this persona actually blends into the environment in which you are trying to operate. [https://www.managementstudyguide.com/importance-of-character-in-personality-development.htm]
——
Online Anonymity (Methods to blend in):
“I don't know why people are so keen to put the details of their private life in public; they forget that invisibility is a superpower.”
― Banksy
Online Anonymity: Basics
Watch first:
All operations should be conducted in a VM.
Introduction to several security heavy concepts and tools.
This introduces concepts to pseudo anonymously browsing online.
A look behind the current:
An Evening With The Puppet Masters: A discussion on alternate social media accounts. This Trace Labs video is hosted by Tom Hocker (humanDecoded). The panel forum focuses on introducing you to sock puppets. The panelists include industry experts such as Jake Crebs, Weiliang Zhuang, Alethe Denis, and Trace Labs own Alex Minster and of course Tom Hocker.
Sock Puppets 101 Part 1
Nick L from Ulta Beauty talks about creating Sock Puppets in threat intelligence hunting and learn the beginning steps of creating Facebook accounts, email addresses, and social media profiles.
Sock Puppets 101 Part 2
——
Read of the Week:
CYBERSPACE: THE FIFTH DIMENSION OF WARFARE – PART I
Abstract:
The dimensions of warfare have evolved over the centuries from Land and Sea to encompass Air and Outer Space in the 20th Century. While the land is integral to a nation, occupied and defended, sea and air are common-pool resources that are sought to be dominated even beyond their own territory. The decade of the sixties saw the emergence of space as the new arena of competition, with the proliferation of satellites and missiles driving the cold war. Technological developments have driven lethality, range, and speed in all four domains to their maximum limits. With the heavy dependence on networks in the 21st Century, Cyberspace is emerging as an increasingly contested domain, with critical importance for the projection of military force. In fact, Cyberspace has been formally designated by many nations in their respective military doctrines as the fifth dimension of warfare. This emergence is arguably the most important and fundamental change in the nature of warfare over the past several decades. Networks are emerging as future battlefields, where cyber weapons will attack and defend at electronic speeds, using strategies and tactics which are still evolving. An earlier post, “From Battlefield to Battlespace,” dwells upon the multi-dimensional nature of the global arena of conflict in current times. [Cyberspace the 5th domain]
——
Feedback:
Social Media IO Roundup is an effort charged with educating and bringing attention to the murky world of cyber information operations. Highlighting tradecraft, concerns trends, techniques, and raising questions to a sector many don’t see. I’m not all-knowing and want to improve the content, so I need you the readers to interact.
Drop a line:
Email: dominanceinformation@gmail.com Instagram @informationdominance
——
Closing:
Not all accounts are created equal. The art of sock puppet creation and management takes years to master. Be careful and aware of potential risks you are accepting when partaking in these activities.
Standby for more at a later date.
-Bob aka INFODOM