It always pays to be vigilant in cyber space, no matter how comfortable you are with the site, no matter how mainstream and popular. This technique is nothing new, but the targets are becoming more aware of the operation and are now warning others that foreign spies are using LinkedIn to “befriend” British civil servants with the goal of extracting secrets from them:
In the elaborate scam – that wouldn’t be out of place in a James Bond novel – enemy spies are using bogus accounts on the website, described as like Facebook but for business professionals, to try and ‘find, connect with, cultivate and recruit’ current and former Government employees.
Instead of a trusting civil servant connecting with a potential business partner, they are unwittingly tricked by a foreign agent into exposing a treasure trove of personal details, including pictures, phone numbers, email addresses and information about their work in Whitehall.
Security experts have said that even current members of Britain’s spy agencies – MI5, MI6 and GCHQ – have put potentially risky information in LinkedIn profiles.
Others on the website work, or were previously employed, in departments which deal with highly-sensitive intelligence such as the Foreign Office, Home Office or Ministry of Defence.
Now spy chiefs have launched a crackdown to minimise the threat of enemy agents coaxing out secrets.
In a document sent by email on July 24, MI5 announced a ‘Security Service Espionage Alert’. Containing the MI5 logo, the missive identifies a string of ‘key points’.
Teaching the masses to have good operational security – aka OPSEC – is a tough job. It is far to easy for single individuals to discuss small pieces of a much larger puzzle without realizing they are being played. Then the actors take these small, bite sized tidbits of information, and piece them together to develop the narrative.
It is a difficult task but since social engineering is relatively easy and inexpensive, it is a technique malicious actors like employing because the risk is so low.
Bottom line: be vigilant.