Does Your Group Facebook?

If you and your group are social butterflies on Facebook, here are some things you might want to think about.

_________________________________________________________________

Is the Patriot Movement Helping With Its Own Demise on Facebook?

People in the patriot movement spend a lot of time talking about their patriot activities on social media.  I’ve covered why this is a bad idea over and over, and will continue to do so. In the midst of the meme-sharing, ranting and planning various activities, however, there’s something else going on every day: Social engineering.

Social engineering is defined as “an attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures.”  For people in the movement, that breaks down to “an attack that tricks you into giving up critical information.” There is almost no easier way to trick patriots into giving up information than Facebook.  It’s a tactic used by federal agents and assets, but in many cases they don’t even need to engage in social engineering because patriots are doing it to themselves and each other without even realizing it—and with the best of intentions. In these cases, someone merely needs to swing by and collect the information left out for them to find by careless people. While I won’t use names of individual people or groups, I’ll paste some actual comments from real-life examples.  If you recognize one of these comments as your own, then I encourage you to take the energy you want to spend trashing me, and use it to think about what I’m saying. Let’s get started.

Roll Calls

How It Works: The Commander or Member of Random Patriot Group posts a roll call thread, and asks members who are active to post a comment, and calls for each of the other members to report in by codename. Members respond with that codename or callsign in their comments.  The commander goes on to announce that he wants people to think about a face to face meeting with the following:

We all need to get together real soon. Hell boy. Ogre, reaper,widow maker, pharaoh, sasquatch, loonatic, watchtower. You all down for a get together?

What just happened? What can be linked together? In the 20 comments on that particular thread, ten of the members of that group are now identified by name and matched to their callsign/codename. From there it’s a simple exercise to go to their pages and start collecting more information about their schedules, personalities, and more—all of which can be used for further engineering attempts.

Another party in another thread asks for people to comment with “name and zone.” People respond—130 comments worth—with names, locations, and positions. Some of them give extra information, such as what they’re trained in.  Within the thread, some post a comment saying their location is “classified,” and are promptly chastised by the leadership for not following the directive. Perhaps the most disturbing part is when the leadership denigrates those who choose not to comment as being “inactive” or “not dedicated.” Anyone can simply take the state map, thoughtfully provided by the leadership so members can figure out what zone they belong to, and start making notes. How many people are in each zone? Where are the leadership of that group located? What is the group’s response capability to a specific area in the state?

Many argue that, “We only do that in our closed/private FB groups.” Two things you need to be aware of: 1) If it’s on Facebook in any capacity, it is NOT private. 2) If your vetting process for allowing members into your closed and “private” groups is checking out their Facebook page, you are failing.

Planning Threads

How It Works: Someone in Random Facebook Group posted a thread like the following: “We’ve got an FTX this weekend and here are the coordinates. Who’s in?” The problem is that people love to talk about what they’re doing, because within the movement people feel the need to justify themselves as “real patriots” by openly discussing their activities–because if you’re not doing things where everyone can see, you must not be doing them at all. It sounds almost ridiculous but that’s often the mindset. In this article we’re only concerned with the second type of comment: the one where they outline in detail their patriot activities for the weekend, in which they either announce their plan to go to the FTX, or they defend why they are not going. Here are a few of the comments:

I’m going out to _______ to test my new ______ rifle. If anyone wants to come, the GPS coordinates of the pit are ________.

I’m getting together with [five tagged friends] to do patriot sh*t.

I’m working on my preps. I have almost a whole year of food now!

In this case, the original thread was posted by a prominent member of a group, who most of them know personally. However, it could have just as easily been posted by an asset or someone looking to collect information. No matter who posted it, now the information is there for anyone to pick up and use. And what information did we glean just from these comments?  Keep in mind that all of these comments had real names attached, with profiles behind them chock full of more information to use.

Surveys and Advice Threads

How It Works: Someone posted a thread asking about what method of communication patriots choose to use with each other.  People fell all over themselves answering. They talked about exactly what they use: Wickr, Signal, Telegram, whatever. Some of them put up their various usernames and encouraged people to contact them.  What just happened here? What was openly laid out for all to see, on an open FB thread? One of the most powerful ways to get people to give you information is to simply ask them for advice, such as “What do you suggest?”

Think about what you could glean with the following threads in various types of groups:

Medical – “I’m trying to set up a unit level medical kit. What do I need? What do you suggest?”

Tactical – “What firearms are the best for keeping in my vehicle? How much ammo should I have? How often should we train? What should we be focusing on?”

Communications – “I’m trying to get my group set up on solid comms. What should we be using?”

Security – “What vetting process do you guys use?”

Support – “We’re trying to set up safehouses and supply caches so we’re looking for ways to get started. Can anyone help point us in the right direction?”

What do all of these threads have in common? How would people respond? Is it a logical conclusion to think that people would respond with what they and their groups are doing, out of a desire to share information in a helpful way? What are the odds that the people who answer can be cross-checked against the information you received in other threads to pinpoint who a unit or group’s area focal is and how prepared/trained/supplied he is? How many people would put that information out on the thread? How many would take it to Facebook messages in an effort to be “secret?”

 

Here’s the thing. Most groups have not even sat down to consider what their critical information is, who is trying to get it, and what the effects of them getting it are. The amount of information that can be gleaned just from the three types of fishing expeditions above is staggering, and those are just three of the myriad of tactics available to a skilled social engineer. Put together with basic profiling techniques, statement analysis, OSINT research, and a little bit of cross-referencing, and you can flesh out an incredible picture of any given group, including:

  • Group hierarchies and identification of leadership.
  • Exploitable weaknesses and points of failure both on a group and individual level.
  • Tactical capabilities and training locations and schedule
  • Medical capabilities and level of personnel training
  • Ability to respond to a given threat
  • Member mindset.
  • Communications savvy and capability
  • Vetting procedures and security protocols
  • Cohesiveness of the group
  • Future plans for activities and training
  • Level of gear and supplies
  • SHTF fallback positions

The list goes on and on. The sad thing is, this doesn’t even take into account the posts that people make on their own pages; selfies at various locations (“Here’s me and my team at our last training!”), videos (anyone with a camera phone has become a talking head without regard for the greater message), and much more. 99% of these threads are started by what are probably very well-meaning, solid folks. The problem is that intent does not matter when the results are the same. Ask yourself: How can the above information be leveraged? Is it critical for you to keep that under wraps?

Information is power, as the saying goes. So why does the movement give away that power so easily? Assets and federal agents don’t even need to put traps out there; the movement makes its own traps and people walk right in. The amount of information (and disinformation) on Facebook alone during Malheur was mind-blowing. In an effort to be “part of it,” people claimed to be privy to secret information, posted dissertations of their viewpoints, and engaged in enough infighting to turn social media into a battleground all its own—which, by the way, is its own kind of negative propaganda.

We need to control the message; more importantly, we need to control the information flow. Stop laying traps and springing them yourselves. Stop using Facebook as a networking tool. Stop giving away your own critical information so easily. Learn from the movement’s past mistakes; blind allegiance to any and all ‘leaders’ regardless of failed tactics or bad planning is stupid and dangerous. We all make mistakes; we should be trying a lot harder, however, not to.

_________________________________________________________________

JCD

American by BIRTH, Infidel by CHOICE

Advertisements

9 thoughts on “Does Your Group Facebook?

  1. Nicely put, I believe the same thing, diarrhea of the mouth as one might say. I seen map of states with pin point locations and BN numbers posted on FB, and countless photos of groups in battle ready gear.
    I can say I am guilty of the same sins once upon a time, but recent events have changed my way of thinking. Pride & egos play a strong part in the type of behavior, look at me look at us see what we have, look at how we train.
    That is a real problem I agree but what is the answer, how do you coordinate with groups out of state or even across the same state when your trying to set up the event? Unfortunately FB solves that problem easily because almost everyone uses it as a means of communication, discussions, events, disputes, and recruiting. That brings me full circle, what is the alternate means of communication, telephone call, cell phone text, email, instance messaging, snail mail. I understand the problem but I’m not sure I can think my way out of the box to figure out a viable option.

    Sent from my Verizon Wireless 4G LTE DROID

    • FWIW, I’ve found that when using any sort of public (technological) communication, it’s best to operate as if you had a person/entity that didn’t wish you well listening/reading everything you say/write.

      Or, go ‘old school.’

      I think the article is a great ‘wake up’ call to the folks who use FB like it’s the latest cryptologically advanced method of communication……at least, for those who are paying attention.

  2. Don’t network. All civilian electronic communication FORBIDDEN at any time for any reason. No face book, no twitter , no E-mail , No land line No Message boards. No “tacticool” radio comms net in the field. In fact only 1 “team” radio PER TEAM.(PRC -77 type) To only be TURNED ON by the RTO or team leader, and only at prearranged times or in “contact”/ combat ALL cell phones GPS and “devices” to be left at home.( BY LAW they have built in trackers and camera’s that cannot be turned off). Day codes (funny book) in the hands of CO and RTO ONLY. NO UNIT PHOTOS. NO UNIT ROSTERS. Act like you are already at war, or you soon will be. These are just my observations on how successful Gurrilla(spell) units have survived contact with first world army’s.

  3. This is a huge red flag for those who want to see it for what it is. Fundamentally, it is a lack of discipline, and if an individual cannot be counted on to use discipline and discretion now, when it costs nothing, then why would I ever fight beside that person? I doubt very much can be kept from the fusion centers if they really are looking for the information. That being said, your local LEO (correct me if I’m wrong JCD) does not have the manpower and resources in most cases to be electronically eavesdropping on the locals unless there is some kind of reason for it, more than a hunch of vague militia types. My issue is with optics and what it says about the judgment of the person. It shows immaturity and carelessness. I’ve read somewhere about ” When I was a child, I spake as a child, I understood as a child, I thought as a child: but when I became a man, I put away childish things.” Actions like this also speak to a lack of organization and leadership within the group. People either willingly or unknowingly eating crayons and playing checkers rather than playing chess. I don’t care which, since the result is generally the same. I gather a lot of free and easy info via social media on who some of the movers and shakers in the local community are among various social cliques. Names, faces, thoughts, where they meet and how militant they are. You’d be surprised what’s in your community. In a small city we’ve got militant African Nationalists/NPP guys, a Muslim compound (guard shack included, no batteries required!) and your usual composition of fun loving gangs. Point is, if I’m doing it, what’s to say they aren’t? The half-life for human flares is quite short.

    • I agree JJ. Unless you are the local “nail that sticks up”, the usual suspects checking into your activities are Fed entities. Locals usually get involved when Fed or State entities ask them to “Check it out and get back to us”.

  4. Pingback: Remember… | The Sun Also Rises

  5. Many years ago I ran a WWIV BBS on an old 286 with 640 kb RAM, 2-60MB RLL HDD’s and a 2400 baud modem. All the guys I trained with would dial in with a QWK reader to download their messages, and be on and then off in less than 5 minutes and would read their messages offline.

    Someone could get an old laptop with a built in modem and a 40-125 MB HDD and setup a BBS with QWK access and do the same. As long as the bbs computer isn’t networked in anyway and only the Comms/Sysop has KB access, it would be hard for anyone NOT in the group to get access.

    You can still get various free BBS software and old laptops for under $100.00. And with some BBS Software like WWIV you can build your own network to have messages transferred between groups, but ONLY the messages designated for that group.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s