LinkedIn has been used by “criminal and hostile actors” to approach at least 10,000 people over the past five years, according to British intelligence agency MI5. These anonymous “actors,” masquerading as recruiters, often connect with people in possession of or with access to valuable and sensitive information. They then present such individuals with lucrative opportunities, but the real intention is to collect as much information from the target, stated the Centre for the Protection of National Infrastructure (CPNI), MI5's arm that advises government and business on protective security. The CPNI has now launched a campaign — Think Before You Link — to spread awareness among government officials about this threat.
CPNI said that engaging with such profiles online may damage individual careers, the interests of the organisation, and can compromise UK national security and prosperity. CPNI added that sometimes these handles approach the target with “unique” business opportunities too. Besides the government employees, people who work in private sector and the academia with access to classified or commercially sensitive technology or research may also be approached by such elements, CPNI has warned.
The campaign asks government staff or officials to focus on several factors with regard to their engagements with anyone online. It is important that the staff recognise if a profile is “malicious” and the “potential threat” it may pose, CPNI says. It has also asked employees to report suspicious profiles to a security manager and then remove it from their list.
The UK is not the only country to have faced such an issue. In May 2019, a former CIA officer was sentenced to 20 years in prison following his conviction in an espionage case. Sixty-two-year-old Kevin Mallory was convicted of selling classified US “defence information” to a Chinese intelligence agent for $25,000 (roughly Rs. 18 lakhs) during his trips to Shanghai in 2017.
Even though neither the intelligence agency nor CPNI named any social media platform, BBC reported that it was LinkedIn, where these handles approached people in possession of sensitive information.
Welcoming CPNI's efforts, LinkedIn said its teams work to keep the platform a safe place for real people to connect with professionals they know and trust.
“We actively seek out signs of state-sponsored activity on the platform and quickly take action against bad actors in order to protect our members,” it said in a statement. The platform further said that its Threat Intelligence team removes fake accounts with the help of information it uncovers and intelligence from a variety of sources, including government agencies.
“And we enforce our policies, which are very clear: fraudulent activity with an intent to mislead or lie to our members is a violation of our terms of service,” it concluded.
Is OnePlus 9R old wine in a new bottle — or something more? We discussed this on Orbital, the Gadgets 360 podcast. Later (starting at 23:00), we talk about the new OnePlus Watch. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, and wherever you get your podcasts.