Blog

Unmasking the Spies: From LinkedIn to Leaks: The Espionage Modus Operandi in the Digital Age

Introduction

Needless to say, when I began my career in diplomatic security intelligence, I always kept in mind who was watching me, who was reading my body language, and whether I was expressing myself without causing or attracting the interests of third parties (foreign intelligence agencies, etc.).

Then, I discovered that most corporations in the West, in reality, have little or no interest in protecting the most valuable commodity in business: information.

Each piece of information has a human source. We can rewire the human brain to produce more tangible intelligence, making it less demanding than any other method.

In the article “ASIO warns foreign spies trying to recruit people via social media” published on November 17, 2020, Anthony Galloway explains how foreign intelligence agencies are using LinkedIn to recruit informants.

Are you a member of the LinkedIn network? Do you have a profile?

LinkedIn was likely introduced to most of you as another social media platform.

LinkedIn

LinkedIn is a professional social networking site that connects people in the business world.

LinkedIn is a popular tool for job seekers.

Anyone interested in taking a serious step towards finding new possibilities to enhance their profession, whether they are a student trying to explore future job opportunities or a business owner running a small local store, can benefit from using LinkedIn, as well as collaborating with other experts through networking.

It resembles a conventional networking event in that you go meet other professionals, introduce yourself, and trade business cards.

This social network, however, is ideal for spies and their operations.

LinkedIn is a fantastic resource for job searching, networking, and research.

However, the amount of private data users share on LinkedIn makes it perfect for both bizarre marketing campaigns and state-sponsored spying.

Identity theft and cryptocurrency hacking frequently employ fake accounts.

For cybercriminals, LinkedIn doesn’t score very high when it comes to frauds, defrauding individuals, or framing them. People use Instagram, Telegram, and WhatsApp more frequently.

Nonetheless, a Chinese spy targeted thousands of British officials over a five-year period via LinkedIn.

Counterintelligence officials from various Western nations have been alerting people for years to beware of foreign agents using this business network as a recruiting tool.

According to reports, Chinese spies are the most active in this area, using LinkedIn to potentially recruit thousands of people at once.

Western intelligence officials believe that using LinkedIn to quickly connect with multiple targets at once and invite them to China under the pretence of a business trip is more effective than sending spies to the US to process each target one at a time and extract trade secrets, intellectual property, and research findings that can be profitably sold.

Counterintelligence officials from various Western nations have been alerting people for years to beware of foreign agents using this business network as a recruiting tool.

Fake profiles

According to reports, Chinese spies are the most active in this area, using LinkedIn to potentially recruit thousands of people at once.

Western intelligence officials believe that using LinkedIn to quickly connect with multiple targets at once and invite them to China under the pretence of a business trip is more effective than sending spies to the US to process each target one at a time and extract trade secrets, intellectual property, and research findings that can be profitably sold.

For a period of five years, a Chinese spy was active on LinkedIn, reaching out to scientists, politicians, and security officials in the United Kingdom in an attempt to obtain confidential information that China would find valuable.

Despite having open LinkedIn profiles under the following names,

  • Eric Chen Yixi,
  • Robin Cao,
  • Lincoln Lam,
  • John Lee, and
  • Eric Kim,

Robin Zhang was the most common name he used when contacting victims.

For his profile photos, he made up the names of the companies he worked for and used photographs he acquired from stock pages.

His approach was to approach people he thought fascinating by sending them a friend request first, and then over time, he would gradually develop a relationship with them in order to earn their confidence.

He would then offer them substantial sums of money in exchange for specific information when they got close.

As a result, he offered $10,000 to one recruiting consultant each time they provided information about potential intelligence service hires, while also offering other consultants free trips to China, speaking engagements at important conferences, and other benefits.

Western security services believe this to be one of the busiest spies operating against British interests.

Chinese spies have previously made their operations on LinkedIn public.

A few years back, a man came clean about using LinkedIn to find individuals from whom he could obtain critical information.

Active on LinkedIn as well, North Korean hackers pretended to be hiring agencies for US defence contractors. Once they contacted the victims, they would send them dangerous files through private messaging.

As far as is known, two European military companies lost their lives in that war.

British security agencies are aware of the risk that China’s intelligence services are exploiting LinkedIn and other social media platforms to target their nationals.

They expressly warn that Chinese spies target not only government workers but also businesses and their employees, scientists, and members of the academic community.

The British Ministry of Security vigorously combats such dangers and has initiated initiatives to alert residents about social media threats.

They also combat such threats on LinkedIn, where they state that creating false profiles is a violation of their terms of service and that they are always looking for evidence of harmful activity and actively trying to delete such phoney profiles.

Ex-CIA operative

Linkedin experienced this issue, which became public after Kevin Mallory, a retired CIA agent, was charged in 2018 for attempting to spy for China.

A Chinese national who claimed to be looking for new staff contacted Mallory, a fluent Mandarin speaker with financial problems, over LinkedIn.

Anguy, going by the name Richard Yang, organized a phone call between Mallory and a man who claimed to work at a Shanghai think tank.

On two more visits to that city, Mallory consented to offer US defence secrets.

During travels to Shanghai in March and April of 2017, Kevin Mallory sold sensitive US “defence information” to a Chinese intelligence agent for $25,000. The Espionage Act found him guilty.

In a message dated May 5, 2017, he stated, “Your object is to gain information, and my object is to be paid.”

After finding $16,500 in luggage, a US defence contractor faces accusations of spying for China.

Speaking Mandarin fluently, the former US army member had worked as a special agent for the State Department’s security division and later joined the CIA as a clandestine case officer.

Mallory is one of several high-level security-cleared US officials who were detained and charged with unauthorised interactions with Chinese intelligence.

Methods: lies or bribes.

Chinese intelligence agents try to entice them with bribes or fictitious business deals.

According to a US official, there is a connection between assaults in 2014 and 2015, which used data from the US agency that oversees public sector personnel, and the targeting of Americans on LinkedIn.

Subsequently, hackers obtained sensitive personal data from over 22 million Americans, including addresses, bank and medical records, work histories, and fingerprints.

China rejected the accusation as “absurd logic,” even though the USA continued to throw the finger at it.

How can one avoid being picked up by spies on LinkedIn?

Understanding the techniques used by intelligence services in recruitment activities is essential to countering the threat posed by the LinkedIn network.

Three fundamental steps make up the recruiting process:

  • To identify the target,
  • Setting the trap, and
  • Relationship evaluation and reinforcement.

Depending on the objective and the situation, these phases can be broken down into smaller steps, and the process can vary greatly.

The following are the recruitment stages:

  1. Identifying the target
    During this stage, intelligence officers compile a list of individuals with access to the needed data and categorise them based on the likelihood that they would be successful in obtaining it.Before the Internet, intelligence services had to follow certain procedures to obtain the identities of individuals working on a particular project within a corporation in order to identify a target within that organisation.

    They occasionally had to enlist the assistance of agents from the same company.

    All of this took a great deal of time and work, and if the operation was not completed properly, the targeted organisation might begin to suspect something was wrong.

    However, in the age of social media, intelligence officers can quickly obtain a list of personnel and their job titles at a certain company or agency using LinkedIn.

    While social media platforms are not a “guaranteed” way for intelligence officers to get a list of everyone with access to a program or piece of technology, they do assist them in their preliminary investigations.

    Intelligence officials can then add those who did not provide specific information on their LinkedIn accounts to a list of potential targets.

  2. Setting the trap
    The intelligence officer’s next step would be to decide which approach and recruitment strategies would be most effective in winning over the people on the list of possible targets.In this case, the LinkedIn network can also be helpful.

    Because this social network is meant for business networking, members typically disclose enough information to build traps and recruit the chosen person.

    Those who regret their lack of employment or underutilization of their abilities and skills may be susceptible to financial inducements, whereas those who are dissatisfied with their jobs may be receptive to hiring out of animosity.

    There are also people who post frequently, and in an effort to feed their curiosity and ego, they can give in to the pressures of the intelligence agencies.

  3. Relationship evaluation and reinforcement
    The agent recruiting process can go in a lot of different directions, depending on the ultimate objective.Building rapport and trust with the target individual is the ultimate aim of the development phase, which aims to enable the intelligence service to accomplish the intended objective.

    Intelligence agencies frequently pose as think tanks or academic institutions on LinkedIn to establish rapport with a target.

    They invite potential hires to visit, cover their travel expenses, present their completed research, and then pay them for writing an article on a completely innocent subject.

    When they reach the target nation, the intelligence service will continue to evaluate the individual’s characteristics and build rapport with him in an attempt to enlist him as a spy.

    The intelligence community may put pressure on a target to reveal even more sensitive information after formal recruitment.

    Based on my knowledge and expertise, I can state that the fundamental recruitment procedure is the same for all intelligence services.

    Use caution when using all social media platforms; don’t post too much personal information; be mindful of who you chat to and how much about yourself you share.

    My grandfather used to say to me, “Less sell, more buy,” meaning listen more, talk less.

This post was written by Mario Bekes