Are you an avid LinkedIn user? If the answer is “yes”, you are likely to be a target for espionage by foreign spies. William Evanina, the U.S. Counter-Intelligence Chief, said that Chinese are using “super aggressive” campaigns to contract thousands of LinkedIn members for espionage.
According to Reuters, the Microsoft owned LinkedIn indicated that it was talking with the U.S. law federal officers about the problem. “We are doing everything to identify and stop this activity,” Rockwell, LinkedIn head of trust and safety explained. This affirms the fear that no social-media platform is safe anymore.
Why Espionage on Social Media?
From Germany to the U.S., the story is the same; spies on social media. Therefore, why social media? Why LinkedIn? This represents a change of tact by foreign administrations and security authorities to gain access to targeted information on entities such as companies, security organizations, institutions, lobby organizations, high profile individuals and political parties.
LinkedIn is an Easy Target Because of its Operational Culture
According to Evanina, foreign spies are finding it easy to sit behind computers and recruit targets instead of dispatching spies to the targeted countries. LinkedIn is considered an easy hunting ground because it is inclined towards people having the following profiles that spies find easy to take advantage of:
1) Jobseekers and headhunters.
2) Personalities who regularly fire out resumes.
3) Entities who build multiple networks of contacts.
4) Users who pitch projects to strangers.
The nature of LinkedIn that makes it the perfect platform for those with above personalities is what has been worrying about the security agents. Indeed, anyone can be a target. It happed to Paul Winfree, the former Deputy Director of Domestic Policy in the U.S. “I literally accept every friend request I get,” said Winfree.
If you are an ardent user of LinkedIn and associate with any of the above profiles, the chances of getting ensnared by foreign spies are high. Take a look at how the espionage works.
How is Espionage on LinkedIn Done?
The process starts with the creation of fake LinkedIn profiles that boasts of top-notch credentials alongside artificial intelligence generated images. Then, these profiles send connection requests to thousands of LinkedIn users including academics, politicians, individuals, and think tank staff. These requests are carefully designed and moderated to make them look real.
When one of the targeted persons (especially the high profile individuals) accepts the request, the fake accounts’ credibility is bolstered. Therefore, other targets are likely to easily accept the requests too. Then, the spy engages the contacts in a friendly and seemingly professional way to make the subjects progressively reveal the targeted information.
Kate Jones Profile: A Perfect Case of LinkedIn Espionage
Katie Jones was no doubt well plugged into the U.S. political scene. Indeed, she was well connected to Winfree, the Deputy Assistant Director of State. But Katie Jones is nonexistent! Rather, she was part of fake profiles luring professionals on LinkedIn. Her image profile, which looked very natural to the naked eye, was indeed created through artificial intelligence
The photo was carefully designed by a tech expert who cropped the portrait of a lady with blue eyes, enigmatic smile, and copper-colored hair using programs such as GANs. The program is at times referred to as a type of artificial intelligence because it can create realistic pictures. The image below shows an analysis of the fake image that was used on the Katie Jones profile.
Katie Jones claimed to have worked for years as a “Russia and Eurasia fellow” in the Center for Strategic and International Studies in Washington. The profile had 52 connections with influential people who unknowingly made Katie Jones profile to look real.
Katie Jones profile operated until the account was flagged as suspicious by Keir Giles, a Russian expert working with Chatham House think tank after getting its invitation. The account was deleted by LinkedIn when questions about its authenticity and use for spying emerged.
Other LinkedIn profiles that have been associated with foreign espionage include:
Alex Li profile: The owner posed as a ‘project manager at the Center for Sino-Europe Development Studies.’
Rachael Li. Li claimed he was a ‘headhunter at RiseHR.’
Laeticia Chen: In this case, Chen posed as a manager at the ‘China Center of International Politics and Economy.’
Ex-CIA Senior Agent Trapped in LinkedIn Espionage
When Evanina spoke out about LinkedIn espionage, he emphasized it because of the case of Kevin Mallory, a CIA senior officer, charged for conspiring to commit espionage for China. Mallory was contacted via a fake LinkedIn account message in 2017 by a person (using the name Richard Yang) who posed to be a Chinese national.
Richard Yang arranged a telephone call between Mallory and another man (who claimed to work at Shanghai Think Tank). During their conversations, Mallory agreed to travel to China and sell U.S. defense secrets using a special cellular device that was provided to him. Mallory will be sentenced in September and could face life in prison.
With the LinkedIn espionage ensnaring even the people at intelligence institutions who are expected to easily detect such traps, experts are raising concerns that others are likely to be swept off their feet with ease. These include staff in leading companies and individuals working in political offices being persuaded to share sensitive information without realizing they are victims.
How to Stay Free from Spying Dragnet
With the rise in tech-based espionage emerging as a new norm, is it possible to stay free from spying dragnet? When social media companies such as LinkedIn note a malicious account, it is deleted. However, the damage has already been done. In the case of Katie Jones, LinkedIn only deleted the fake account when questions about it were raised. But the owner of the account had already acquired the information of interest.
On a personal level, you cannot wait until you become the victim. Experts at Naked Security indicate that individual users can use three methods to stay free from spies on LinkedIn.
(i) Avoid being friends to strangers: If you do not know a person well, avoid accepting requests to connect.
(ii) Take care of what you share on LinkedIn. Maintain social media for general talks as opposed to work-related details. Info about your company is seen as a goldmine for spies.
(iii) Report profiles you think are imposters: If you note a LinkedIn profile to be suspicious, make sure to share the information with authorities for immediate actions.
The Final Take
The emergence of social media espionage as a new method of gathering foreign information from unsuspecting individuals has affirmed that they are no longer secure. From the top leaders to intelligence officers, no one appears to be safe from foreign espionage, especially on LinkedIn. If you are also on LinkedIn, it is time to start avoiding connecting to strangers because you could be the next target!
