Sun Apr 25 2021
MI5 warn international spies are stealing secrets from UK workers on the platform
MI5 have warned that it’s possible over 10,000 UK nationals have been targeted by international spies, including security, civil service, pharmaceutical executives, defence contractors and military officials in attempts to steal classified data from them.
The UK agency have said cyber actors using fake LinkedIn profiles have approached over 10,000 British workers who have access to sensitive information as part of their job, over the last five years.
It’s though the majority of these are state sponsored cyber-criminals from China and Russia, utilising professional networking techniques to trick staff into revealing classified secrets.
The Centre for the Protection of National Infrastructure (CPNI), a subdivision of MI5, have said that figure of 10,000 could actually be a conservative one, with many more attempts being possible.
MI5 chief Karen McCallum has said this is now happening on an “industrial scale”.
The UK Government’s Chief Security officer, Dominic Fortescue, has already pointed out that civil servants have become more vulnerable to malicious tactics from hostile spy agencies during the various lockdowns COVID-19 has caused, with an increase in numbers of staff working remotely on private devices that may not be as secure.
All of this has led the CPNI to launch an awareness campaign they’re calling ‘Think Before You Link’ to try and alert Government staff and others that could be targeted about the scope and scale of malicious cyber activities from potentially hostile nations.
Part of this campaign will focus on teaching all British citizens about how to spot and report suspicious activity on their various social accounts, how to spot a fake profile and how to remove them from their networks.
The consequences of engaging with these profiles can damage individual careers, as well as the interests of your organisation, and the interests of UK national security and prosperity. This guidance provides practical advice on how to identify them, how to respond, and how to minimise the risk of being targeted in the first instance.
The CPNI have said they don’t want people to stop using social networks such as LinkedIn but instead want to raise awareness of individuals operating on them who may not be there to just connect professionally.
We welcome the online safety efforts of the Centre for the Protection of National Infrastructure and its work to expand their Think Before You Link campaign in the United Kingdom. Teams at LinkedIn work to keep LinkedIn a safe place where real people can connect with professionals they know and trust. We actively seek out signs of state sponsored activity on the platform and quickly take action against bad actors in order to protect our members. Our Threat Intelligence team removes fake accounts using information we uncover and intelligence from a variety of sources, including government agencies. Our teams utilize multiple automated techniques, coupled with human reviews and member reporting to maintain LinkedIn as a safe and trusted platform. And we enforce our policies, which are very clear: fraudulent activity with an intent to mislead or lie to our members is a violation of our terms of service.
Sun Apr 25 2021