Robin Sage is a fictional American cyber threat analyst. She was created in December 2009 by Thomas Ryan, a security specialist and White hat hacker from New York. Thomas Ryan later became infamous after he self-anointed himself to be an undercover snitch for the FBI during the Occupy Wall Street movement by using a fake identity to make friends with others in the movement and then forwarding email lists he acquired. Ryan outed himself accidentally by sending the email lists to the media with public reaction universally condemning him as a clown. Her name was taken from a training exercise of United States Army Special Forces.
According to Sage's social networking profiles, she is a 25-year-old "cyber threat analyst" at the Naval Network Warfare Command in Norfolk, Virginia. She graduated from MIT and had allegedly 10 years of work experience, despite her young age. Ryan created several accounts under the name Sage on popular social networks like Facebook, LinkedIn, Twitter etc. and used those profiles to contact nearly 300 people, most of them security specialists, military personnel, staff at intelligence agencies and defense contractors. Her pictures were taken from a pornography-related website in order to attract more attention.
Despite the completely fake profile and no other real-life information, Sage was offered consulting work with notable companies Google and Lockheed Martin and received dinner invitations by several of her male friends.
Not everyone was fooled by Sage's profiles, though. Ryan admitted that his cover was already blown on the second day, when several of those she tried to befriend tried to verify her identity using the phone number he provided, checking email addresses outside the social networking sites or using the MIT alumni network to find her. Others recognized the fake identity of Sage based on her implausible profiles. Yet no central warning was issued about the profile, and users continued to connect with Sage despite warnings not to do so.
Security problems revealed
Using those contacts, Ryan befriended men and women of all ages during a short time period between December 2009 and January 2010. Almost all of them were working for the United States military, government or companies (amongst the only organizations that did not befriend Sage were the CIA and the FBI). Using these contacts, Ryan gained access to email addresses and bank accounts as well as learning the location of secret military units based on soldiers' Facebook photos and connections between different people and organizations. She was also given private documents for review and was offered to speak at several conferences.
"Getting in bed with Robin Sage"
Ryan presented his findings as a speaker at the "Black Hat" conference in Las Vegas with a presentation he called "Getting in bed with Robin Sage". He explained that his short experiment proves that seemingly harmless details shared via social networking pages can be harmful but also that many people entrusted with vital and sensitive information would share this information readily with third parties, provided they managed to capture their interest. He concluded that his findings could have compromised national security if a terrorist organization had employed similar tactics.
- Waterman, Shaun (18 July 2010). "Fictitious femme fatale fooled cybersecurity". The Washington Times. Retrieved 3 August 2010.
- Jiménez, Camilo (2 August 2010). "Ein kurzes, heißes Leben" (in German). Süddeutsche Zeitung. Retrieved 3 August 2010.
- Goodchild, Joan (8 July 2010). "The Robin Sage experiment: Fake profile fools security pros". Network World. Retrieved 3 August 2010.
- Ryan, Thomas (July 2010). "Getting in Bed with Robin Sage." (PDF). Provide Security. Retrieved 25 August 2010.
- Batty, David (24 July 2010). "US security chiefs tricked in social networking experiment". The Guardian. Retrieved 3 August 2010.