British officials have uncovered a ruse alleging Chinese spies are using LinkedIn to target and recruit those with access to confidential information, according to a recent BBC article. Leveraging LinkedIn for espionage has been an ongoing trend for several years.
In 2021, Britain’s domestic security service MI5 revealed that at least 10,000 UK nationals had been contacted by fake profiles linked to hostile states. The recent BBC article cited British sources have now doubled this estimate.
“We have seen a sustained campaign on a pretty epic scale,” Ken McCallum, Director General of MI5.
The calculus is simple. Spies are going to spy. If your organization is involved in technology, pharmaceuticals, and other strategic high-value operations, it is likely spies – internal or external – may come knocking.
It is unclear how information is gleaned and dispersed to bad actors. Most likely through digital transfer (email, messaging, voice/video calls), thumb drives, and physical documents. Regardless of the method, motivated participants will find a way, and likely the weakest link within your organization’s security apparatus.
Vetting employees, frequently communicating, and reviewing security policies, as well as continuously updating security procedures, in addition to utilizing trusted technology solutions will help mitigate the opportunity for sensitive data disclosure.