ASIO calls out LinkedIn foreign espionage threat

It’s no secret that corporate headhunters and recruiters are heavily addicted to the prying power of Microsoft acquisition LinkedIn.

But Australia’s domestic spy service, the Australian Security Intelligence Organisation, has now revealed it recently issued a warning to business and government over the platform being used as a cultivation tool by hostile operatives.

In an awkward development for the professional marketing machine, ASIO’s annual report cites how the agency formulated and distributed advice to “stakeholders across government, business and industry, including to Business and Government Liaison Unit (BGLU) subscribers” to better manage security risks surrounding the popular platform.

The use of LinkedIn and other social media has been a mainstay of open source intelligence collection – in both corporate and security spheres –  since social media first emerged.

However the public disclosure of ASIO’s advisory confirms it now wants people in businesses it regards as targets – think critical infrastructure – to be far more judicious in what they reveal.

ASIO said it pushed out its advice about LinkedIn and other social media through select briefings and “in specific engagements with government, defence industry, and research institutions.”

“During the year, we developed advice describing how hostile intelligence services use LinkedIn and other social media platforms to target people in positions that could fulfil a wide range of intelligence objectives,” ASIO said.

“The report’s release generated awareness of this vector being used for hostile intelligence activity, led to action by stakeholders to better manage security risks, and provided some new intelligence back to ASIO.”

What is far less clear is the degree of access ASIO has to LinkedIn to help determine who is sniffing around government agencies and corporations, presumably in an effort to cultivate human sources or exfiltrate intelligence by building target lists for spearphishing operations to penetrate corporate and government systems.

While platforms like Facebook and Google have been a persistent target of government and political criticism over lip service to regulatory requirements, Microsoft has conversely made a point of conspicuously supporting the US military and national security establishment and its allies.

Microsoft’s patriotic overtures were clearly aimed at maintaining and growing government and enterprise accounts, not least via sovereign security rated instances of the Azure cloud platform which in Australia boasts an ASIO physical security rating.

However many recruiters believe Redmond will eventually blend its Teams collaboration suite with LinkedIn to try and dominate the human capital, recruitment services and HR software market.

Meanwhile, LinkedIn is already clipping the ticket on job placements, with many organisations using it as the default platform to post vacancies or new roles rather than going through job board aggregators.

At the same time, LinkedIn persistently pushes open roles to both passive and active candidates, charging a premium for competitive intelligence on people also applying for roles.

The platform has also become a major corporate content distribution network for presentations, speeches and articles that are ostensibly circulated within professional communities of interest but in reality are in the public domain.

LinkedIn has also been marketing itself to governments and their employees as the professional platform of choice, not just for recruitment but collaboration and building communities of interest.

ASIO reckons its cautionary advice on LinkedIn is hitting the mark, noting its stakeholder survey “highlighted users, including in defence industry, identifying this report as a good example of ASIO advice directly influencing management of security risks.”

“In a small number of organisations, security teams were considering making policy changes in response to receiving our advice; for example, to limit or restrict social media access on their corporate networks,” ASIO said.

Leaky plumbing: how ASIO sees tech threats. (Source: ASIO annual report).

But in the world of spying, challenges can also become opportunities, especially on the collection front.

“The report also generated some new intelligence back to ASIO by prompting clearance holders to report social media approaches, based on our advice of how hostile intelligence actors craft social media approaches,” ASIO said.

Mind you, ASIO appears to have a limited presence on LinkedIn with what appears to be an official profile listing its experience as “Technical Recruitment” for almost 60 years.

But attracting staff isn’t cheap.

The spy agency’s annual report also notes it “expended $975,556 towards marketing and advertising for recruitment activities and campaigns in the 2018–19 financial year.”

And it competes against banks and corporates for tech talent, ASIO is also going inside universities to shore-up talent IT talent supply.

“We continue to partner closely with universities in Science, Technology, Engineering and Mechanics (STEM)–related fields to increase our technical capability through our Future Technologist Graduate Program,” ASIO said.

“The entry-level Information Technology and Information Management traineeships provide an additional pathway for school leavers into the technology field in ASIO."

Just don’t expect an offer from them on LinkedIn.