A recent study has shown that Facebook is the second-most used social platform by world leaders, with 169 governments having set up official pages. However, leaders have on average twice as many followers on their Facebook pages as followers on Twitter.
Over the past five years, Twitter has become the ultimate channel for digital diplomacy for world leaders and governments. It is the prime social network used by heads of state and government in 173 countries, representing 90 percent of all United Nations (UN) member states, according to Burson-Marsteller’s Twiplomacy study, an annual global survey of world leaders on social media. Facebook is the second-most used social platform by world leaders, with 169 governments having set up official pages. However, leaders have on average twice as many followers on their Facebook pages as followers on Twitter.
YouTube ranks third among social sharing platforms, used by 78 percent of all UN member states, ahead of Instagram which is used by 70 percent. While Twitter communication is mainly text-based including visuals, Instagram is picture-driven with minimal text and more behind-the-scenes pictures. Governments with larger social media teams also have been exploring more visual communications with Vine and Snapchat, both of which target a younger audience of Millennials. Governments that do not have full broadcasting capabilities, mainly in Latin America, are embracing Periscope and Facebook Live to broadcast their press conferences.
The 2016 edition of Twiplomacy, which previously focused solely on Twitter, has been expanded to examine the use of other social media platforms including Facebook, Instagram, YouTube and more niche digital diplomacy platforms such as Snapchat, LinkedIn, Google+, Periscope and Vine. The Twiplomacy website includes live rankings and the first ever social media atlas for each country studied.
“Our Twiplomacy study shows people in positions of power are increasingly tapping social media platforms to connect with the audiences most important to them,” said Don Baer, Worldwide Chair and CEO, Burson-Marsteller. “As engagement becomes one of the critical measures of social media influence, our Twiplomacy study shows which political communicators are most successful on which social platforms and what we can learn from them.”
This final installment of Twiplomacy 2016 provides lessons for communicators on creating successful social media accounts and driving online engagement. Based on combining data from the different profiles with an in-depth analyses of the content, the most notable findings include the importance of being visual and creative, tailoring content to the specific platform, projecting a human face and timeliness. The world leaders using social media with the most success are U.S. President Barack Obama and his White House team, Mauricio Macri (Argentinian President) and Justin Trudeau (Canadian Prime Minster), among others found in the study.
“This cross-platform study shows that world leaders are increasingly taking an integrated approach across several social media channels, an indication of where more and more business leaders are likely to move as well,” said Jeremy Galbraith, CEO of Burson-Marsteller Europe, Middle East and Africa and Global Chief Strategy Officer. “We are seeing that world leaders are allowing people to ‘meet’ the personality behind the official title – and that today, much more than words, creative or personal images get messages across most powerfully, a tactic that corporate leaders can use just as effectively.”
The latest installment of the 2016 Twiplomacy study analysed 793 Twitter accounts of heads of states and governments in 173 countries with a combined total audience of 324 million followers.
This year’s U.S. elections will not only signal the end of Obama’s presidency, but the loss of the uncontested leader of the digital diplomatic world. With the largest following of all world leaders combined, the man who has most successfully managed to communicate his personal image through his online profile will retire with an audience of 137 million followers, fans and subscribers. The Barack Obama Twitter account following alone numbers 74 million, well ahead of Pope Francis in second position, with 28 million, and Indian Prime Minister Narendra Modi in third with 19 million followers.
However, Burson-Marsteller’s Twitter study revealed that a massive following does not always translate into influence. The official presidential @POTUS Twitter account, set up in May 2015, has become the seventh most followed account with 7.6 million followers, and it is by far the most effective account considering it averages 12,350 retweets per tweet. In comparison, the tweets sent by the @BarackObama account, which has ten times as many followers as @POTUS, are only retweeted on average 1,572 times.
Foreign ministries tend to use Twitter to establish mutual relations. In May 2015, the U.S. State Department used Twitter to re-establish ties with its Cuban counterpart, months before the official re-establishment of diplomatic relations. The State Department also tried to connect with Iran’s President Hassan Rouhani and Foreign Minister Javad Zarif, but has unfollowed both men who had not reciprocated.
The EU External Action Service is the best connected foreign office, mutually connected to 122 peers. Russia’s Foreign Ministry is in second position, maintaining mutual Twitter relations with 111 other world leaders, and the Norwegian Foreign Ministry is in third place with 100 mutual connections.
The most followed non-government account is the United Nations Twitter account @UN, which is followed by 296 of the 793 world leaders’ Twitter accounts; The New York Times (@NYTimes) is the most followed news organisation, and @UNICEF is the second most followed international organisation. The @Twiplomacy Twitter account is the fourth-most followed non-governmental account by world leaders, with a following of 162 heads of state and government, ahead of The Economist, the BBC, Reuters and CNN, respectively.
“Twitter facilitates relations between world leaders in today’s online world,” said Matthias Lüfkens, Managing Director, Digital, at Burson-Marsteller EMEA. “I am especially honored to see our @Twiplomacy Twitter account among the most followed accounts by heads of state and government.”
Other key findings include:
– The UK Prime Minister @Number10gov is the most followed European Union leader with more than 4.4 million followers, ahead of Italy’s @MatteoRenzi and the British @RoyalFamily with 2.3 million and 2.2 million followers, respectively.
– Kenya’s Uhuru Kenyatta @UKenyatta has become Sub-Saharan Africa’s most followed leader with 1.4 million followers, closely followed by Rwanda’s @PaulKagame ahead of South Africa’s presidential administration (@PresidencyZA), with 673,000 followers.
– In Latin America, Mexico’s President Enrique Peña Nieto @EPN has 5.2 million followers, far ahead of Colombia’s President @JuanManSantos, Venezuela’s @NicolasMaduro and Argentina’s @MauricioMacri, with well over 2.8 million followers each.
– Sheikh Mohammed bin Rashid Al Maktoum @HHShkMohd is the most followed Arab leader with 6 million, followed by Saudi Arabia’s @KingSalman with 5 million, Jordan’s @QueenRania and Abdullah Bin Zayed (@ABZayed), the Foreign Minister of the United Arab Emirates, with 3 million followers.
– Among the foreign ministries, the U.S. State Department (@StateDept) is the most followed with 2.6 million followers ahead of the Turkish (@TC_Disisleri) and the Russian (@MID_RF) foreign ministries with more than one million followers each.
More than 5,000 embassies and ambassadors are now active on Twitter; it has become the voice of diplomatic missions in New York, Washington, London and Brussels.
Cons exploit Telegram ICO
Kaspersky Lab researchers have uncovered dozens of highly convincing fake websites claiming to be investment sites for an initial coin offering (ICO) by the Telegram messaging service. Many of these websites appear to belong to the same group. In one case alone, tens of thousands of US dollars’ worth of cryptocurrency were stolen from victims believing they were investing in ‘Grams’, Telegram’s rumoured new currency. Telegram has not officially confirmed an ICO and has warned people about fraudulent investor sites.
In late 2017, stories started to circulate that the Telegram messaging service was launching an initial coin offering (ICO) to finance a blockchain platform based on its TON (Telegram Open Network) technology. Unverified technical documentation was posted online, but there appears to have been no confirmation from Telegram itself. The resulting confusion seems to have allowed fraudsters to capitalise on investor interest by creating fake sites and stealing vast sums of money.
Kaspersky Lab researchers have discovered dozens of such sites, possibly belonging to the same group, claiming to sell tokens for ‘Grams’ and inviting investors to pay with cryptocurrencies including Bitcoin, Ethereum, lice litecoin, dash and Bitcoin dash. A record of transactions on one site revealed that the scammers were able to steal at least $35,000 US dollars’ worth of Ethereum from investors.
The researchers found that some of the websites were so convincing that even after Telegram and others began to issue warnings, they were still able to recruit potential investors. Most use a secure connection, require registration and generate a unique online wallet for each new victim, making it harder to track the money.
Judging by the content of the fake websites, it appears they may have common ownership. For example, several have the exactly the same ‘Our Team’ section.
“ICOs are a fairly risky investment and many people don’t yet fully understand how they work, so it is not surprising that high quality fake websites, with seemingly reassuring features such as a secure connection and registration are successful at luring people in. People wishing to invest in an ICO would do well to check with the company behind it and make sure they know exactly who they are giving their money to, or they may never see it again,” said Nadezhda Demidova, Lead Web-Content Analyst, Kaspersky Lab.
Kaspersky Lab offers the following advice for users considering investing in an ICO:
- Check for warning signs: for example, some of the fake Telegram ICO websites had the same wrong image next to the name of Telegram’s Chief Product Officer.
- Do your homework: always check with the brand’s official site to verify the legitimacy of the investment site and, if necessary contact the company’s ICO teams before investing any money or currency.
- Use reliable security solutions such as Kaspersky Internet Security and Kaspersky Internet Security for Android, which will warn you if you try to visit fake internet pages.
Crouching Yeti strikes
Kaspersky Lab has uncovered infrastructure used by the Russian-speaking APT group Crouching Yeti, also known as Energetic Bear, which includes compromised servers across the world.
According to the research, numerous servers in different countries were hit since 2016, sometimes in order to gain access to other resources. Others, including those hosting Russian websites, were used as watering holes.
Crouching Yeti is a Russian-speaking advanced persistent threat (APT) group that Kaspersky Lab has been tracking since 2010. It is best known for targeting industrial sectors around the world, with a primary focus on energy facilities, for the main purpose of stealing valuable data from victim systems. One of the techniques the group has been widely using is through watering hole attacks: the attackers injected websites with a link redirecting visitors to a malicious server.
Recently Kaspersky Lab has discovered a number of servers, compromised by the group, belonging to different organisations based in Russia, the U.S., Turkey and European countries, and not limited to industrial companies. According to researchers, they were hit in 2016 and 2017 with different purposes. Thus, besides watering hole, in some cases they were used as intermediaries to conduct attacks on other resources.
In the process of analysing infected servers, researchers identified numerous websites and servers used by organisations in Russia, U.S., Europe, Asia and Latin America that the attackers had scanned with various tools, possibly to find a server that could be used to establish a foothold for hosting the attackers’ tools and to subsequently develop an attack. Some of the sites scanned may have been of interest to the attackers as candidates for waterhole. The range of websites and servers that captured the attention of the intruders is extensive. Kaspersky Lab researchers found that the attackers had scanned numerous websites of different types, including online stores and services, public organisations, NGOs, manufacturing, etc.
Also, experts found that the group used publicly available malicious tools, designed for analyzing servers, and for seeking out and collecting information. In addition, a modified sshd file with a preinstalled backdoor was discovered. This was used to replace the original file and could be authorised with a ‘master password’.
“Crouching Yeti is a notorious Russian-speaking group that has been active for many years and is still successfully targeting industrial organisations through watering hole attacks, among other techniques. Our findings show that the group compromised servers not only for establishing watering holes, but also for further scanning, and they actively used open-sourced tools that made it much harder to identify them afterwards,” said Vladimir Dashchenko, Head of Vulnerability Research Group at Kaspersky Lab ICS CERT.
“The group’s activities, such as initial data collection, the theft of authentication data, and the scanning of resources, are used to launch further attacks. The diversity of infected servers and scanned resources suggests the group may operate in the interests of the third parties,” he added.
Kaspersky Lab recommends that organisations implement a comprehensive framework against advanced threats comprising of dedicated security solutions for targeted attack detection and incident response, along with expert services and threat intelligence. As a part of Kaspersky Threat Management and Defense, our anti-targeted attack platform detects an attack at early stages by analysing suspicious network activity, while Kaspersky EDR brings improved endpoint visibility, investigation capabilities and response automation. These are enhanced with global threat intelligence and Kaspersky Lab’s expert services with specialisation in threat hunting and incident response.
More details on this recent Crouching Yeti activity can be found on the Kaspersky Lab ICS CERT website.