Skip to content

The Robin Sage Experiment: Fake Profile Fooled Military Intelligence, IT Security Pros

Robin Sage

An experiment that called for creating a fake social networking personality managed to snare even seasoned security veterans

By the end of the 28-day experiment, Robin finished the month having accumulated hundreds of connections through various social networking sites. Contacts included executives at government entities such as the NSA, DOD and Military Intelligence groups. Other friends came from Global 500 corporations. Throughout the experiment Robin was offered gifts, government and corporate jobs, and options to speak at a variety of security conferences

By Joan Goodchild 

Despite the warnings security professionals preach about the dangers of social networking, it appears many aren’t taking their own advice. That’s one of the messages behind a talk at Black Hat later this month called “Getting in bed with Robin Sage” (Read about another social engineering experiment being presented at DefCon).

The Robin Sage experiment was conducted by Thomas Ryan, the co-founder and Managing Partner of Cyber Operations and Threat Intelligence for Provide Security. The project entailed creating a blatantly false identity of a woman claiming to work for in military intelligence and then enrolling on various social networking websites.

See also Social engineering: The basics

“By joining networks, registering on mailing lists, and listing false credentials, the conditions were then met to research people’s decisions to trust and share information with the false identity,” according to the description of the session. Ryan deliberately chose an attractive young female’s picture to prove that sex and appearance plays in trust and people’s eagerness to connect with someone.

By the end of the 28-day experiment, Robin finished the month having accumulated hundreds of connections through various social networking sites. Contacts included executives at government entities such as the NSA, DOD and Military Intelligence groups. Other friends came from Global 500 corporations. Throughout the experiment Robin was offered gifts, government and corporate jobs, and options to speak at a variety of security conferences, said Ryan.

What’s even more startling: much of the information revealed to Robin Sage violated OPSEC procedures. Ryan spoke to CSO about his mission for the experiment, and what he hopes to teach people when he reveals the results at Black Hat.

Did you conduct this experiment on your own time or through your work with Provide Security? It was something I did on my own and as a concept for the company because my company does cyber security and executive protection. The concept was “What happens when a threat comes to an executive via email or something like that. How easy is it to track a person down?”

What were you trying to prove?

The first thing was the issue of trust and how easily it is given. The second thing was to show how much different information gets leaked out through various networks.

How did you first get connections for Robin?

I started by friending people in the security industry. Once that started it began to propagate. The methodology at first was to go after the most media-driven people in the security community. Dan Kaminsky and Jeremiah Grossman for example, because they are media driven and will always click yes to a request. So if someone sees that you are friends with them, then it begins to build a trust level.

How many connections did she get?

It went on for 28 days and she had close to 300 across several social networks. It began to drop some once people caught on. But ever since the profile went up, because it keeps suggesting friends, she still gets requests every day.

Linked In seems to get the least criticism for security issues, yet you say this experiment yielded the most sensitive information from that network.

The most vital information was leaked out through Linked In. You got home phone numbers, you could see if the person used their personal email address. Linked in does show more information but they have a lot more security controls in place.

When you present this to attendees of Black Hat, what are they supposed to learn from it?

What they are supposed to learn is that you don’t just click yes. If you don’t know the person maybe you should do some investigation on your own, especially if something seems not so straightforward. If you looked at the Robin Sage profile, it blatantly said it was phony. There were no females in the U.S. named Robin Sage. Second it was named after a military exercise. Third you just look at her pictures and you can tell the ways she is dressed she is not the type of person who would be working in a government office. But people still clicked yes. And there were several offers for jobs, several offers for dinner to go out and discuss working for a company, different things like that.

The takeaway is: Be careful who you choose as your friends. There are patterns people can use to follow you. For instance, on Linked In, what makes it insecure are some of the apps, like Trip Advisor. It will say when you are going away or not at home. That poses a potential threat, especially if you have a key role in a government organization. If someone knows you aren’t home, they can potentially do something to your home, like they can tap a phone, for instance. And it doesn’t take much to figure out a home address. Once you have a rough idea where they live, if you have a personal email or cell number, you can find out where they live and put their address into, say, Microsoft Bing and do a virtual reconnaissance of their home

Robin Sage is the name of the culmination exercise at the US Army  Special forces Qualification Course.  Most should have recognized it as a fake.

View the original article at Veterans Today

Related Posts with Thumbnails

Posted in Politics.

Tagged with , , , , .

Support #altnews & keep Dark Politricks alive

Remember I told you over 5 years ago that they would be trying to shut down sites and YouTube channels that are not promoting the "Official" view. Well it's happening big time. Peoples Channels get no money from YouTube any more and Google is being fishy with their AdSense giving money for some clicks but not others. The time is here, it's not "Obama's Internet Cut Off Switch" it's "Trumps Sell Everyones Internet Dirty Laundry Garage Sale".

It's not just Google/YouTube defunding altenative chanels (mine was shut), but Facebook is also removing content, shutting pages, profiles and groups and removing funds from #altnews that way as well. I was recently kicked off FB and had a page "unpublished" with no reason given. If you don't know already all Facebooks Private Messages and Secret Groups are still analysed and checked for words related to drugs, sex, war etc against their own TOS. Personally IU know there are undercover Irish police moving from group to group cloning peoples accounts and getting people booted. Worse than that I know people in court at the moment for the content they had on their secret private group. Use Telegrams secret chat mode to chat on, or if you prefer Wickr. Or if you need to, buy a dumb phone with nothing for the NSA to hack into if you are that paranoid. Ensure it has no GPS tracking on it and the battery can be removed. These are usually built for old people to get used to technology storing only a set of numbers to call. However they have no games, applications to install and other ways people can exploit the computer tracking device you carry round with you most of the day.

So if your not supporting this site already which brings you news from the Left to the Right (really the same war mongering bollox) then I could REALLY do with some..

Even if it's just £5 or tick the monthly subscription box and throw a few pound my way each month, it will be much appreciated. Read on to find out why.


Any support to keep this site would be appreciated. You could set up a monthly subscription for £2 like some people do or you could pay a one off donation as a gift.
I am not asking you to pay me for other people's articles, this is a clearing house as well as place to put my own views out into the world. I am asking for help to write more articles like my recent false flag gas attack to get WWIII started in Syria, and Trump away from Putin. Hopefully a few missiles won't mean a WikiLeaks release of that infamous video Trump apparently made in a Russian bedroom with Prostitutes. Also please note that this article was written just an hour after the papers came out, and I always come back and update them.

If you want to read JUST my own articles then use the top menu I have written hundreds of articles for this site and I host numerous amounts of material that has seen me the victim of hacks, DOS plus I have been kicked off multiple hosting companies, free blogging sites, and I have even had threats to cease and desist from the US armed forces. Therefore I have to pay for my own server which is NOT cheap. The more people who read these article on this site the more it costs me so some support would be much appreciated.

I have backups of removed reports shown, then taken down after pressure, that show collusion between nations and the media. I have the full redacted 28/29 pages from the 9.11 commission on the site which seems to have been forgotten about as we help Saudi Arabia bomb Yemeni kids hiding in the rubble with white phosphorus, an illegal weaapon. One that the Israeli's even used when they bombed the UN compound in Gaza during Operation Cast Lead. We complain about Syrian troops (US Controlled ISIS) using chemical weapons to kill "beautiful babies". I suppose all those babies we kill in Iraq, Yemen, Somalia and Syria are just not beautiful enough for Trumps beautiful baby ratio. Plus we kill about 100 times as many as ISIS or the Syrian army have managed by a factor of about 1000 to 1.

I also have a backup of the FOX News series that looked into Israeli connections to 9.11. Obviously FOX removed that as soon as AIPAC, ADL and the rest of the Hasbra brigade protested.

I also have a copy of the the original Liberal Democrats Freedom Bill which was quickly and quietly removed from their site once they enacted and replaced with some watered down rubbish instead once they got into power. No change to police tactics, protesting or our unfair extradition treaty with the USA but we did get a stop to being clamped on private land instead of the mny great ideas in the original.

So ANY support to keep this site running would be much appreciated! I don't have much money after leaving my job and it is a choice between shutting the server or selling the domain or paying a lot of money just so I can show this material.

Material like the FSB Bombings that put Putin in power or the Google no 1 spot when you search for protecting yourself from UK Police with "how to give a no comment interview". If you see any adverts that interest you then please visit them as it helps me without you even needing to give me any money. A few clicks per visit is all it takes to help keep the servers running and tag any tweets with alternative news from the mainstream with the #altnews hashtag I created to keep it alive!

However if you don't want to use the very obvious and cost free ways (to you) to help the site and keep me writing for it then please consider making a small donation. Especially if you have a few quid sitting in your PayPal account doing nothing useful. Why not do a monthly subscription for less money instead. Will you really notice £5 a month?

0 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

Some HTML is OK

or, reply to this post via trackback.