CactusCon

CactusCon13
February 14-15, 2025
Mesa, AZ

The Spy Who Liked Me: Grooming and Recruiting Assets in the Age of Social Media

We've all seen really cool OSINT talks, folks can grab basically all the details of your life and lay it out for the world to see, but what's often missing from these talks is the why? So many times when speaking on this topic I hear people say "So what?" I don't care if people know my birthday, or my address...the threat isn't real. This talk draws on my experience at NATO Counterintelligence where we used similar training to help soldiers and families resist nation-state grooming and protect their families.

In this talk I'll walk you through creating a dossier on a random public person (don't worry obfuscated because duh), how I learned where his kids went to school, where his class reunion was, where his wife worked and how I would use that information to approach him to be an asset for foreign intelligence.

Next I'll walk through how seemingly trivial information shared in Facebook Groups, Meetups and other public forums helps to gain access to restricted areas, classified information and work against national interests.

Finally, we'll walk through some common sense precautions you can take to avoid these types of attacks and protect your identity online.

Tracie Martin

Tracie Martin is a Staff Technical Program Manager at Twitter. Her previous roles included working on Android Security for Google and running the Information Security section of Allied Command Counterintelligence (NATO) and incident response for Microsoft Security Response Center.