Spy Agencies Go Recruiting on LinkedIn

talent-src LinkedIn fake recruiters 2

 F-Secure analysed bogus LinkedIn accounts to discover that they belong to individuals supposedly working for Talent Src (Talent Sources).

MI5 have warned that ‘hostile intelligence services’ are clandestinely targeting Government employees through the popular online CV website. Secret agents working for malign foreign powers, including Russia and China, have created fake profiles on the social networking service to lure unsuspecting victims.

In the elaborate scam, that wouldn’t be out of place in a James Bond novel, enemy spies are using bogus accounts on the website, described as like Facebook but for business professionals, to try and ‘find, connect with, cultivate and recruit’ current and former Government employees. Instead of a trusting civil servant connecting with a potential business partner, they are unwittingly tricked by a foreign agent into exposing a treasure trove of personal details, including pictures, phone numbers, email addresses and information about their work in Whitehall.

Security experts have said that even current members of Britain’s spy agencies, MI5, MI6 and GCHQ, have put potentially risky information in LinkedIn profiles. Others on the website work, or were previously employed, in departments which deal with highly-sensitive intelligence such as the Foreign Office, Home Office or Ministry of Defence. Now spy chiefs have launched a crackdown to minimise the threat of enemy agents coaxing out secrets.

In a document sent by email on July 24, MI5 announced a ‘Security Service Espionage Alert’. Containing the MI5 logo, the missive identifies a string of ‘key points’. In July 2009, the new head of MI6 Sir John Sawers’ personal details were plastered over Facebook. These include the warning that ‘Hostile foreign intelligence services are increasingly using LinkedIn to find, connect with and begin cultivation and recruitment of current and former HMG [Her Majesty’s Government] employees.’

It adds: ‘MI5 investigations have identified a large number of HMG employees connected to known hostile foreign intelligence service cover profiles.’
The document, circulated in Whitehall, provides ‘advice to help you protect yourself online and what to do if you think you may have been the subject of an approach.’

LinkedIn, which was founded in December 2002, has more than 364million users in 200-plus countries.
Professor Anthony Glees, of the University of Buckingham’s Centre for Security and Intelligence Studies, said last night: ‘An enemy agent who might know he is a spy would be able make deductions from that about what our intelligence agencies are interested in at the moment.
‘What people don’t understand is that social media is used as a tool for intelligence gathering not just by us but by other countries who are hostile to us.' 
Russia, along with China, has been accused of mobilising a huge cyber-spying operation targeting the UK and other nations. Security sources have warned that Moscow and Beijing routinely seek to steal military secrets from government and major defence contractors.

MI5 has repeatedly warned that it is tackling ‘industrial-scale’ cyber-attacks from both hostile countries, terrorists and organised gangs.

In March 2013, NATO’s most senior commander was embroiled in a major security alert after a fake Facebook account was set up in his name by suspected Chinese spies. Senior British military officers and Ministry of Defence staff are understood to have accepted ‘friend requests’ from a bogus account for Nato’s then Supreme Allied Commander James Stavridis.
In the mistaken belief they had linked up with the American admiral on social media, they then unwittingly provided a vast trove of personal details. And in July 2009, the new head of MI6 Sir John Sawers’ personal details were plastered over Facebook.

Shortly after being appointed, his own security was breached when his wife posted photographs on Facebook showing him in tight fitting swimming trunks, along with details about where Sir John’s family live and work, and where they spend their holidays. In an embarrassing blunder for MI6, millions of people could have gained access to compromising photographs of Sir John Sawers and his family on the social networking website.

Mail: http://dailym.ai/1FX1CNL
 

« Iran and Saudi Marching To Cyber War!
What Does Facebook Want With AI? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Continuity Shop

Continuity Shop

Continuity Shop provides training and consultancy in Business Continuity and Information Security to some of the world's biggest organisations.

GigaOm

GigaOm

GigaOm's mission is to provide enterprises with information and analysis to help them make better decisions about technology.

Owl Cyber Defense

Owl Cyber Defense

Owl patented DualDiode Technology enables hardware-enforced network segmentation and deterministic, one-way transfer of all data types and file sizes.

Cybernetica

Cybernetica

Cybernetica is an ICT company with activities in e-government, marine comms, data analysis and research in information security technologies.

TeachPrivacy

TeachPrivacy

TeachPrivacy provides computer-based privacy and data security training that is engaging, memorable, and understandable.

GovCERT Austria

GovCERT Austria

GovCERT Austria is the Austrian Government Computer Emergency Response Team. Its constituency consists of Austria's public administration.

Stratus Cyber

Stratus Cyber

Stratus Cyber is a premier Cyber Security company specializing in Managed Security Services. Our services include Blockchain Security, Pentesting, and Compliance Assessments.

Elevate Security

Elevate Security

Elevate is the leading Security Behavior Platform, changing employee security habits while giving security teams unprecedented visibility.

Vijilan Security

Vijilan Security

Vijilan provides 24/7 SOC services to MSPs/VARs. Our Security Operations Center is global, and our services are exclusive to the Channel.

ClearVector

ClearVector

ClearVector is a leading provider of realtime, identity-driven security for the cloud.

Sectyne

Sectyne

Sectyne is a full-stack cyber consultancy committed to providing tailored services, advisory consultations, and training.

Harbottle & Lewis

Harbottle & Lewis

Harbottle & Lewis is a leading UK-based law firm focused on the Private Client and Technology, Media and Entertainment sectors.

Radius Technologies

Radius Technologies

Radius Technologies is trusted by progressive SMEs to deliver world-class cloud, IT solutions, IT and data security, and telecoms systems.

Diversified Search Group - Alta Associates

Diversified Search Group - Alta Associates

Diversified Search Group is an industry leader in recruiting diverse, inclusive and transformational leadership for clients.

Myrror Security

Myrror Security

Myrror Security is a software supply chain security solution that aids lean security teams in safeguarding their software against breaches.