General security

Increasing Concerns on Social Media Monitoring, from Governments to Private Businesses

November 6, 2012 by Pierluigi Paganini

Warning: Illegal string offset 'crop_image' in /www/resourcesinfosecinstitute_601/public/wp-content/plugins/wp-media-folder/class/class-display-gallery.php on line 300

Whenever we surf on the web we disseminate a large amount of information that could be used for different purposes. Contrary to what you might believe, this information is very precious for private businesses and government agencies. The first group uses them mainly for commercial analysis; the second for monitoring and surveillance.

The user has the wrong perception that vast majority of web services are offered free of charge. Facebook, Twitter, and YouTube increase the number of their users every day, and collect an incredible amount of data to be used for analysis of various types.

New horizons of intelligence are in the social media and in the ability to control them. Governments are more careful on the analysis of communication platforms and the vast amount of information which they hold. Intelligence agencies have understood that social media represent a privileged instruments for information gathering and mass-conditioning.

The social media are vital component in today’s intelligence analysis, but if it is quite simple for governments to acquire a huge quantity of data, their elaboration is not so simple. We must consider that due to the possibility of pollution of the sources by the same intelligence agencies, the information might not have the proper level of reliability.

The principal factors that complicate the research of specific contents inside the ocean of information are:

  • dimension of the data acquired.
  • ability to correlate correctly the information.
  • avoiding of poisoned information. The information extracted could produce wrong analysis due intentionally, or not, to manipulation of data that causes the loss of consistence of results.
  • great dynamism of social media users; each individual usually goes to several networks, and different profile makes the cross analysis more difficult.
  • increasing awareness of users in the monitoring activities.

Governments, between monitoring and control

Recently the news has published that the German government is using an eavesdropping tool to intercept Skype calls, violating the country’s law establishment.

Three years ago, WikiLeaks proposed a documentation related to an offer of Bavarian company DigiTask, to the German government, for the development of a similar tool.

These events are a demonstration of the great importance of social media, in particular as a communication vector. Let’s think of their role in the organization of protests during the Arab spring. This means that by analyzing social network platforms, it’s possible to deduce the political and social state of a region of the planet.

The intent to monitor is a shared habit. The FBI for example has created, according to many security experts, a special unit for Internet monitoring and surveillance with the primary purpose to prevent and fight cyber crimes. The Bureau has recently promoted different projects for the development of tools and applications for web monitoring. The FBI is considered one of the most active agencies in this sense. Earlier this year it publicly requested the design of a real time monitor of social networks for the identification of suspect behaviors that could be interpreted as indicators of presence of an ongoing crime.

But consider that the commitment of governments in monitoring activities could also need the help of private businesses. The FBI for example has been lobbying top Internet companies like Yahoo and Google to support a proposal that would force them to provide backdoors for government surveillance, according to CNET.

The final purpose of the collaboration is the implementation of backdoor stubs inside their products with intent to make them wiretap-friendly. The request is related to all those communication platforms, including social networks, email providers, chat rooms and instant messagers.

The governments are facing serious difficulties related to monitoring new media. According to CALEA, (Communications Assistance for Law Enforcement Act) passed in 1994, every communication provider must make their system  wiretap-friendly, but today the scenario of communication is totally changed. The majority of communications are digital transmissions that make large use of the Internet. Despite this consideration in 2004, the intents of the act have been extended also to ISP by the Federal Communications Commission. The situation is very complex; the implementation of a wiretapping system by ISP hasn’t found an application de facto.

Figure 1 – Wiretapping

The FBI is one of the agencies most interested to extend the CALEA regulation to any kind of communication made on with a direct impact on VoIP communication implemented by famous platforms Skype and Xbox Live.

Regarding the Xbox, let me remind you that US Government has already committed a project to spy on the communication made through gaming platforms, confirming the great interest of the administration to monitor any kind of networks and any kind of information circulating on it.

The FBI has kept secret the creation of the unit called the Domestic Communications Assistance Center, for which the Senate committee has already allocated $54 million and is responsible for the creation of technologies for law enforcement to intercept and analyze communications data.

The power conferred to the unit is wide. Every single communication through social networks and over the Internet in general should be intercepted by the hardware platforms and software applications that the unit has the task to implement.

The engagement of the FBI is in line with policies followed by US government agencies such as DARPA (Defense Advanced Research Projects Agency) as understandable by the following statement released by its representative:

“Social media have evolved from a platform that provides infrastructure that supports maintaining connections between friends to a platform that supports recruiting, collaborating, organizing and competing for resources… Among these communities and teams are terrorist and other criminal organizations,”

“The impact of these teams on the social landscape, their interactions with other teams, the evolution of network state over time, and competition with other teams and communities has not been adequately researched. Due to the overwhelming deluge of data generated by users across social media platforms, this analysis cannot be done manually.”

“While collaborations in social media have been researched extensively, little attention has been paid to how the groups compete with each other for members and influence on opinions of other teams and communities,”

“Understanding what affects such online behavior is needed for trend forecasting.”

Early last year the web site CNET reported that then-FBI general counsel Valerie Caproni was planning to warn Congress of what the bureau calls its “Going Dark” problem, illustrating how the wiretapping capabilities were being reduced with the progress of technology.

Caproni singled out “Web-based e-mail, social-networking sites, and peer-to-peer communications” as problems that have left the FBI “increasingly unable” to conduct the same kind of wiretapping it could in the past.

What is the “Going Dark” project?

“Going Dark” is a federal massive surveillance project for real time wiretap communications. It originated inside the bureau, employing 107 full-time expert in 2009.

Which are the real intelligence agencies’ capabilities in surveillance?

According to the declaration of Electronic Frontier Foundation attorney Kevin Bankston, the FBI already can intercept messages on social-networking sites and Web-based e-mail services. The system used is known as Carnivore, later renamed DCS1000.

The NSA has also demonstrated a great interest in surveillance. Let’s consider that the agency some months ago has started the building of the country’s biggest Spy Center in the city of Bluffdale. The center, named Utah Data Center, is under construction by contractors with top-secret clearances.


Its purpose is to intercept, decipher, and analyze every world’s communications under investigation using every kind of transmission. The center will have a final cost of $2 billion and should be operative in September 2013. Any kind of communication will be traced and stored in its database, including the complete private emails, cell phone calls, search engine researches and every kind of digital data related to every individual.

Of course US and Western countries aren’t the only ones to push the development of monitoring systems. Russia, China, Syria and Iran are also investing in surveillance technologies.

What is really concerning is that monitoring technologies in these countries are used by regimes to harass and spy dissidents and representatives of oppositions, and who is providing the surveillance systems to countries such as Iran despite technological embargo end international penalties?

The response is simple: the same Western companies are the main providers for monitoring technologies and avoiding international sanctions. Last year the news of the sale of an Internet traffic monitoring system sold by an Israeli company to the Iranian government made a sensation. Curious if we think that those governments are close to a conflict. The sold system is the “NetEnforcer” and was sold through the intermediary of a Danish company.

NetEnforcer bandwidth management devices provide the granular visibility and policy enforcement that network operators need to optimize the delivery, performance and profitability of WAN and broadband services. NetEnforcer devices are deployed in thousands of installations the world over, where they monitor, identify, classify, prioritize, and shape network traffic per application and per user. But we know Israel banned this kind of commercial business with the government in Tehran. According to news agency Bloomberg, the company Allot Communications Ltd. Hod-Hasharon-based would be successful in sales, shipping the goods to Danish RanTek A / S for transit, that after removing the original labels would in turn be sent to Iran.

But why would the system be purchased? According to some former employees of Allot, from a Bloomberg source, the system is in use to monitor Internet traffic to intercept any kind of communication, from email to SMS, and the second needs to edit the contents of expressing dissent. The purpose is to identify dissidents and Internet users to allow their arrest.

“Such technologies have been used to trace and torturing dissidents in countries like Iran, Bahrain, Syria and Tunisia,” recalls Bloomberg but without specifying who has purchased the product in Iran. The Allot declares itself alien to each other freed from any liability, arguing that the sale is one of many made to its distributors. Executive Director of the Allot company Rami Hadar, has declared that its systems would not be “designated for intrusive surveillance purposes,” but for “the optimization of Internet traffic.”

The authorities in Copenhagen would be in possession of evidence of transactions with Iran, creating irritation until the Israeli Minister of Defense decided to launch an investigation into the facts.

Again, in Bahrain, authorities used European equipment to intercept phone calls and text messages of activists, who were confronted with details of their communications while being arrested and tortured. Amid Syria’s uprising, construction moved forward on a $17 million Internet surveillance system built with U.S., French, German and Italian technology.

What are the dimensions of this dirty growing business?

It has been estimated that the sales are at $3 billion to $5 billion; that is the price that we are giving to human dignity, all over the world, from Middle East to North Africa.

It matters little if there are human victims at stake, but at this point it is questionable whether or not to tolerate such attitudes of some companies that can avoid control and the international laws using what I define squalid scams to elude technological embargoes.
Do not enter into the merits of the single event, but consider the damages caused by those Western companies that make profit with governments officially considered hostile.

Is the monitoring of social media an exclusive government affair?

Obviously not only governments are interested in social media and data they hold. Private companies demonstrate the same attention to the information obtainable by the monitoring of these new platforms.

I call it the “war of privacy“, the intentional actions of many companies that are trying to collect the maximum number of information violating user’s right, and the phenomenon is in dramatic increase.

Why do so many companies provide free services and what is their real gain? Are they only creating advertising revenue or we are facing with an impressive market of the information?

The information acquired in a user’s habit has an enormous value. Let’s consider that it could be used for complex analysis and could also be sold to third party companies that elaborate reports for enterprises and governments.

Information gathering is becoming day by day increasingly easy. Let’s think to the improper use of social networks and of mobile platforms. Through the offer of attractive and free apps for iPhone or Android, it is possible to follow a user’s movements, collect his data, and gather information on his experience on the web.

The number of companies that work in the profitable market of information is surprising. An increasing number of companies collect our data:

  • Acerno
  • Adara Media
  • Adblade
  • Adbrite
  • ADC Onion
  • Adchemy
  • ADiFY
  • AdMeld
  • Adtech
  • Aggregate Knowledge
  • AlmondNet

An interesting article published on The Atlantic web site counted at least 105 companies, and contrary to what one might expect, there are a multitude of small companies alongside the names of well-known giants like Facebook and Google.

The technological push of the last decade has influenced, as never before, the experience of every human being in the cyberspace. It’s constantly under observation; every visited site, every query submitted is collected.

Many software make it possible to discover who is following us. Collusion plugin remains one of the most famous. Collusion is an experimental add-on for Firefox and allows users to see all the third parties that are tracking their movements across the Web. It provides real time information on how that data are managed by a spider-web of interaction between companies and other trackers.

It’s clear that the huge investments mentioned are a blatant invasion of privacy in the name of security, but the scope of the projects suggests that no law or constitution can oppose.


The monitoring is a profitable business for governments and private businesses. Malware, network appliances and software flaws daily expose millions of internet users to serious risks. In many cases the exposure is the cause of fierce persecutions all over the world and today regulatory agencies appear unable to arrest the phenomena; the line between monitoring and censorship is thin.

The events and situations described raise several answers related to the compromise between security and privacy.

Are we willing to tolerate increasingly intrusions in our digital identity in the name of security?

Who and how is managing the acquired data?

What would happen if a hostile government or group of cyber criminals could disclose the collected data?

I am afraid of possible answers!


Posted: November 6, 2012
Pierluigi Paganini
View Profile

Pierluigi is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group, member of Cyber G7 Workgroup of the Italian Ministry of Foreign Affairs and International Cooperation, Professor and Director of the Master in Cyber Security at the Link Campus University. He is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.

2 responses to “Increasing Concerns on Social Media Monitoring, from Governments to Private Businesses”

  1. Larue says:

    Remarkable job on the articles; you seem to know your stuff.
    My question is slightly off of subject, but I would like to ask anyways.
    .. where did you obtain this theme from? I’d personally love to utilize it on my blog if possible. Thx!

  2. Would it be ok if I repost a few of your articles so long as I give credit and sources back to infosecinstitute.

    com? My blog is in the exact same niche as yours and my visitors could certainly benefit from some of the info you provide here.
    Please let me know if this is okay with you.

Leave a Reply

Your email address will not be published.