Spies Use Tinder

Surveillance and infiltration are not new tactics and collecting data from social media reminds us that the internet is bringing it to whole new levels.

Recently a group of young activists planned to attend a demonstration against Interim President Michel Temer in the city center of São Paulo. They never made it. Their group had been infiltrated by an Army Captain Willian Pina Botelho, via Tinder.

Surveillance and infiltration are not new tactics, but the ACLU revelation last month that Twitter, Instagram, and Facebook had been sharing data with surveillance service Geofeedia reminds us that the internet is bringing it to whole new levels. The story of the “Tinder infiltrator” serves as a reminder for a generation of young activists who are organising online: don't stop organizing, but be vigilant.

In 2013, thousands of Brazilians took their myriad frustrations with the government to the streets. The police and military met these demonstrations with severe violence. Political repression in Brazil has only gotten worse since then.

Botelho was a part of the Brazilian Army's intelligence service during these demonstrations. In December 2014, he created a Facebook profile using the name Baltazar Nunes. He also created Instagram and Tinder profiles, adorned with features such as fake Karl Marx quotes and images of him playing guitar.

“Balta” wasn't just a lurker. He chatted up activists, many of whom were doing a significant portion of their organizing online. On Tinder he told women that he was looking for “leftists” who he could relate to. In fact, it was a woman he had been flirting with who led him to the group of activists arrested on the 4th. The group planned to meet in person before heading to the demonstration together.

That meeting landed 21 young people in jail. They were supposedly arrested because they “looked suspicious,” and later the police claimed they intended to commit vandalism. They didn't have anything truly incriminating with them, although the arrestees allege that the police planted items such as an iron bar on one person. 

As one member told the Brazilian website Ponte.org, the police said “it was one of the members who did not even have backpack. Who would take the subway or bus with a blue iron bar?” Botelho specifically suggested the meeting place, and the arrestees believe that he reported it to the police.

After the arrests, the activists were taken to a special investigations unit, where they were held without attorneys or contact with the outside until a judge ordered them released in a strongly-worded decision that condemned the arrests. Only “Balta” was freed right away. He claimed on social media that he paid a bribe, but just days later he was publicly uncovered as an army officer by Ponte.org.

Despite continuing denials from the government, the Brazilin Army has confirmed that Balta was working with knowledge and cooperation from the São Paulo state government.

This type of infiltration and manipulation is not new. Secret police and social manipulation have been used, as former FBI Director J Edgar Hoover put it, to “expose, disrupt, misdirect, discredit, or otherwise neutralize” political dissent for most of the 20th century, from Syria to South Africa.

Hoover reigned over the FBI's infamous COINTELPRO, short for Counter Intelligence Program. COINTELPRO, started in 1956 and “ended” in 1971, serves as a useful example because it was well documented. Using tactics of infiltration and manipulation of social movements and surveillance of activists, it left no movement untouched. The FBI's main focus was the civil rights movement and the Black Panther Party.

COINTELPRO tactics included infiltration with informants, sending anonymous letters encouraging violence between street gangs and the Panthers and sowing internal dissension in the Party, working with police departments to harass local branches of the Party through raids and vehicle stops, and propaganda. The FBI even created fake Black Panther Party propaganda, a coloring book that emphasized armed resistance:

One particularly well-known COINTELPRO action was the infamous “suicide letter” sent to Martin Luther King The FBI saw Dr. King as threat to national security, and subjected him to comprehensive surveillance and harassment. The anonymous letter encouraged Dr. King to kill himself.

Current Surveillance 

"I didn't believe that they would sink so low, I didn't believe that anything I was doing would be interesting enough, so I think people need to know that this happens to real people.”

These are the words of Kate Wilson, when she came out publicly as a survivor of political infiltration at Chaos Communication Camp in 2015. She spent two years living with a man named Mark Kennedy. In 2010, she learned that he was a cop who had infiltrated and disrupted the UK environmental movement.

Wilson said of Mark, “He was charming and disarming and he shared my interests and he shared my passion for the political things we were doing.” Her story exemplifies how the government uses romantic connections for infiltration. As she has pointed out, it's especially disturbing when one remembers that it is agencies dominated by men who are manipulating women and arranging sex under false pretenses—something that amounts to assault, as the Metropolitan Police admitted when they withdrew their defense in Wilson's legal case against them.

And that's where modern surveillance makes things so much more dangerous, especially when the online and offline meet. As any fan of “social engineering” will tell you, the more background information you have, the easier manipulation is.

Snowden

It's easier for a police officer to both make connections and gather information in the online world, and this is certainly happening. For example, a 2012 slide show from British spy agency GCHQ, leaked by Edward Snowden, describes how a special division of the agency “infiltrated chat rooms known as IRCs and identified individual hackers.” There's also the kind of social media surveillance uncovered by ACLU, which appears to focus on real-time monitoring.

But what's equally concerning is how the government could use surveillance to inform its offline manipulation of social movements. The government can obtain an incredible amount of detail by combing through one person's Facebook posts, which is unsurprising, since movements like the fight against the Dakota Access Pipeline rely on social media to get the word out. But people post about not just their political messages and their plans, but also their hopes, desires, and fears. This is all material that a government informant could use, either to get close to a target or to publicly embarrass or blackmail them.

It's not just oversharing that makes these kinds of tactics more potent, either. Today's version of fake letters could easily be spoofed text messages or emails. Instead of microphones in a hotel room, police today could have access to myriad street-level surveillance technologies. Facial-recognition ready images collected by ubiquitous surveillance cameras, automated license plate readers, and cell phone tracking could easily provide details about an individual's life that could be used to both track and manipulate them.

The worst thing about these tactics is that, regardless of whether infiltration or provocation is actually successful, they have a chilling effect. One of the young people who was arrested in São Paulo wrote that, after his arrest and detention, he had no cell phone. He stayed at the house of a friend, and didn't use the Internet at all. 

And this is perhaps the most important thing to take away from the Tinder infiltrator. As Kate Wilson put it, “this stuff happened to us because we were doing something right. Don't be scared by what we're saying. Be aware.”

Motherboard:             Now Surveillance 'aggressive-invasive': Snowden:  
 

« Three Step Pogram: Pre-Breach Remedies To Contain The Costs Of A Cyber Attack
Google & Facebook Ban Fake News Sites »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: Learn how SOAR helps you streamline security

ON-DEMAND WEBINAR: Learn how SOAR helps you streamline security

Watch this webinar to explore the Security orchestration, automation, and response (SOAR) paradigm, its relationship with organization IT practices, and its role in your security strategy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DriveLock

DriveLock

Our security solution is designed to prevent external attacks, which are evermore sophisticated as well as monitor, document and even prevent internal incidents.

Logicworks

Logicworks

Logicworks is a leader in cloud security and compliance with 20+ years of experience in infrastructure management for healthcare, financial services, and public sector clients.

Retail & Hospitality Information Sharing & Analysis Center (RH-ISAC)

Retail & Hospitality Information Sharing & Analysis Center (RH-ISAC)

Retail & Hospitality ISAC operates as a central hub for sharing sector-specific cyber security information and intelligence.

IT2Trust

IT2Trust

IT2Trust is one of Scandinavia’s leading value-added distributors of business-critical IT solutions within IT security and networking.

CyberESI

CyberESI

CyberESI is a Managed Security Service Provider providing 24x7 remote security monitoring and management of your mission-critical networks.

Cobalt Strike

Cobalt Strike

Cobalt Strike is penetration testing software designed to execute targeted attacks.

Wireless Logic

Wireless Logic

Wireless Logic delivers a range of secure and resilient value-added M2M/IoT managed services that empower remote devices to communicate cost-effectively, two ways.

Ergon Informatik

Ergon Informatik

Ergon Informatik AG is Switzerland's leading provider of customised software solutions and software products including fraud detection and the Airlock web security suite.

Recruit.net

Recruit.net

Recruit.net allows job seekers to instantly find millions of jobs from thousands of web sites with a single search.

Strike Graph

Strike Graph

The Strike Graph GRC platform enables Security Audits & Certifications.

Atakama

Atakama

With Atakama, data remains encrypted until the very moment it is used, and the ability to decrypt is based on zero trust architecture.

Orbus Software

Orbus Software

Orbus develops, markets and sells enterprise software which helps large, blue chip and government organisations across the globe to achieve digital transformation outcomes.

TwoThreeFour

TwoThreeFour

ThreeTwoFour provide tailored cyber security solutions, delivered by highly-skilled, experienced consultants who respond to the real needs of you and your business.

Protelion

Protelion

The Protelion Security Platform is uniquely architected to deliver security solutions that combine greater protection, flexibility, and performance.

Core to Cloud

Core to Cloud

Core to Cloud provide consultancy and technical support for the planning and implementation of sustainable security strategies.

Verizon

Verizon

Verizon is a leader in IT technology solutions - Verizon Cloud, Networking, Security, Mobility, Machine-to-Machine (M2M), Advanced Communications and Professional Services.