Spy Agencies Go Recruiting on LinkedIn

Uploaded on 2015-09-21 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW

talent-src LinkedIn fake recruiters 2

 F-Secure analysed bogus LinkedIn accounts to discover that they belong to individuals supposedly working for Talent Src (Talent Sources).

MI5 have warned that ‘hostile intelligence services’ are clandestinely targeting Government employees through the popular online CV website. Secret agents working for malign foreign powers, including Russia and China, have created fake profiles on the social networking service to lure unsuspecting victims.

In the elaborate scam, that wouldn’t be out of place in a James Bond novel, enemy spies are using bogus accounts on the website, described as like Facebook but for business professionals, to try and ‘find, connect with, cultivate and recruit’ current and former Government employees. Instead of a trusting civil servant connecting with a potential business partner, they are unwittingly tricked by a foreign agent into exposing a treasure trove of personal details, including pictures, phone numbers, email addresses and information about their work in Whitehall.

Security experts have said that even current members of Britain’s spy agencies, MI5, MI6 and GCHQ, have put potentially risky information in LinkedIn profiles. Others on the website work, or were previously employed, in departments which deal with highly-sensitive intelligence such as the Foreign Office, Home Office or Ministry of Defence. Now spy chiefs have launched a crackdown to minimise the threat of enemy agents coaxing out secrets.

In a document sent by email on July 24, MI5 announced a ‘Security Service Espionage Alert’. Containing the MI5 logo, the missive identifies a string of ‘key points’. In July 2009, the new head of MI6 Sir John Sawers’ personal details were plastered over Facebook. These include the warning that ‘Hostile foreign intelligence services are increasingly using LinkedIn to find, connect with and begin cultivation and recruitment of current and former HMG [Her Majesty’s Government] employees.’

It adds: ‘MI5 investigations have identified a large number of HMG employees connected to known hostile foreign intelligence service cover profiles.’
The document, circulated in Whitehall, provides ‘advice to help you protect yourself online and what to do if you think you may have been the subject of an approach.’

LinkedIn, which was founded in December 2002, has more than 364million users in 200-plus countries.
Professor Anthony Glees, of the University of Buckingham’s Centre for Security and Intelligence Studies, said last night: ‘An enemy agent who might know he is a spy would be able make deductions from that about what our intelligence agencies are interested in at the moment.
‘What people don’t understand is that social media is used as a tool for intelligence gathering not just by us but by other countries who are hostile to us.' 
Russia, along with China, has been accused of mobilising a huge cyber-spying operation targeting the UK and other nations. Security sources have warned that Moscow and Beijing routinely seek to steal military secrets from government and major defence contractors.

MI5 has repeatedly warned that it is tackling ‘industrial-scale’ cyber-attacks from both hostile countries, terrorists and organised gangs.

In March 2013, NATO’s most senior commander was embroiled in a major security alert after a fake Facebook account was set up in his name by suspected Chinese spies. Senior British military officers and Ministry of Defence staff are understood to have accepted ‘friend requests’ from a bogus account for Nato’s then Supreme Allied Commander James Stavridis.
In the mistaken belief they had linked up with the American admiral on social media, they then unwittingly provided a vast trove of personal details. And in July 2009, the new head of MI6 Sir John Sawers’ personal details were plastered over Facebook.

Shortly after being appointed, his own security was breached when his wife posted photographs on Facebook showing him in tight fitting swimming trunks, along with details about where Sir John’s family live and work, and where they spend their holidays. In an embarrassing blunder for MI6, millions of people could have gained access to compromising photographs of Sir John Sawers and his family on the social networking website.

Mail: http://dailym.ai/1FX1CNL
 

« Iran and Saudi Marching To Cyber War!
What Does Facebook Want With AI? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CyberSecurityJobsite.com

CyberSecurityJobsite.com

CyberSecurityJobsite.com is a specialist job board designed to attract candidates working within Cyber Security, Information Security or Information Assurance.

Avatu

Avatu

Avatu specialise in providing clients the advice, technology and tools they need to fight cyber and insider threats.

mmCERT

mmCERT

mmCERT is the national Computer Emergency Response Team for Myanmar.

International Computer Science Institute (ICSI)

International Computer Science Institute (ICSI)

ICSI is a leading independent, nonprofit center for research in computer science. Research areas include network security and privacy.

CyberDef

CyberDef

CyberDef is a consulting company specialising in cyber defence services for small and medium enterprises.

Athena Dynamics

Athena Dynamics

Athena Dynamics focuses on Cyber Security, especially in Critical Information Infra-structure Protection and Enterprise IT Operation Management products and Services.

Greenwave Systems

Greenwave Systems

Greenwave's AXON Platform enables IoT and M2M network service providers to address security, interoperability, flexibility and scalability from a single IoT platform.

OwnZap Infosec

OwnZap Infosec

OwnZap Infosec aims to digitally shield the cyberspace by offering services like Penetration Testing and Red Teaming, Infrastructure Security Testing, and Vulnerability Assessments.

Salt Cybersecurity

Salt Cybersecurity

Salt Cybersecurity offer a four-pronged approach to information security that includes Custom Security Policy, Vulnerability Assessment, Threat Detection, and Security Awareness Training.

Defscope

Defscope

Defscope is an Azerbaijani company entirely focused on cybersecurity offering training, security consulting, and other professional services.

Titan Labs

Titan Labs

Titan Labs is a Cyber Security Consultancy that provides advice and technical expertise to government, international finance and telecommunications providers.

Guernsey

Guernsey

Guernsey provides a wide range of engineering, architecture and consulting services to multiple markets, including cybersecurity consulting and CMMC certification.

LimaCharlie

LimaCharlie

LimaCharlie gives security teams full control over how they manage their security infrastructure. Get full visibility, build what you want, control your data, get the security capabilities you need.

PROW Information Technology

PROW Information Technology

PROW is at the forefront of the technology and digital revolution with a focus and mastery in the cybersecurity, information security and data management realms.

CyberTest

CyberTest

CyberTest offers cybersecurity consulting and penetration testing services that helps organizations and businesses securing their assets.

Cyphershield

Cyphershield

Cypershield is a Security and Smart Contract audit company providing professional smart contract auditing services for varied Crypto projects.