Foreign intelligence services are drawn towards LinkedIn profiles that disclose defense work, according to a top spy, due to the apparent recklessness of the disclosure.

Foreign intelligence services are drawn towards LinkedIn profiles that disclose defense work, according to a top spy, due to the apparent recklessness of the disclosure.

In a speech delivered on Thursday, Director-General Mike Burgess of the Australian Security Intelligence Organization (ASIO) expressed concerns about the growing threat of foreign intelligence activities. Burgess highlighted the issue of sensitive defense information being shared publicly on LinkedIn, which makes it easier for adversaries to identify and exploit insiders, increasing the risk of cyber intrusions, intellectual property theft, and national security breaches.

According to a report published by the Australian Strategic Policy Institute (ASPI), titled "Match-fit for the global contest?", the Australian intelligence community has fallen behind in technology use, with a security-required lag in the take-up of technologies like generative AI. This has become more acute in the last 5-10 years with the rise of cloud computing, neural networks, and machine learning.

The report asserts that over 35,000 Australians' LinkedIn profiles indicate they have access to sensitive and potentially classified information. Among them, around 7,000 mention work in the defense sector, including specific projects, teams, and critical technologies. Over 400 of these profiles mention work on AUKUS, the US/UK/Australian defense pact.

Foreign intelligence services are proactive, creative, and opportunistic in their targeting of current and former defense employees. They pose as consultants, head-hunters, local government officials, academics, and think tank researchers on professional networking sites to identify, target, and cultivate Australians with access to privileged information.

One such campaign used a popular employment website and offered $500 for reports on international politics, targeting an Australian who was asked for information on AUKUS and the Indo-Pacific. In another instance, a foreign intelligence service expanded its operation to employment sites, creating fake online job ads for people with expertise in geopolitics or defense. ASIO learned of an effort where a contrator's staff had their system infected with malware after inserting a USB containing malicious content at a defense industry event overseas.

The concern is not just about the potential for cyber espionage. An Australian defense contractor's world-leading innovation experienced a sudden collapse due to the introduction of cheap and nasty knock-offs. Burgess urged organizations to pay more attention to their teams, continuously educate them, and stay alert to anomalous behavior.

Burgess emphasized that good security is achievable and that businesses and organizations don't need to be spy catchers but can make spying more difficult by addressing known vulnerabilities and addressing security issues when they are identified. He stated that most organizations can defend against espionage with the same techniques they use to manage other foreseeable organizational challenges like criminal theft, fraud, workplace accidents, and equipment failures.

In a worrying development, ASIO is seeing more Australians targeted than ever before. The applicant of one such campaign suspected something was amiss and reported it to ASIO, which found the consultancy was a cover company for a foreign intelligence service. ASIO found that an Australian company's expensive and highly sophisticated military capability had unmistakable similarities with another country's prototype.

In conclusion, the issue of sensitive defense-related details being shared on LinkedIn facilitates foreign espionage by making it easier for adversaries to identify and exploit insiders. To mitigate this risk, Burgess urges organizations to be vigilant, educate their teams, and address security vulnerabilities promptly.

1. The growing threat of foreign intelligence activities includes the potential for cyber intrusions, intellectual property theft, and national security breaches, as highlighted by Director-General Mike Burgess of ASIO.
2. The Australian intelligence community has fallen behind in technology use, particularly with the rise of cloud computing, neural networks, and machine learning, according to a report by the Australian Strategic Policy Institute.
3. Foreign intelligence services are increasingly targeting current and former defense employees, posing as consultants, head-hunters, and other professional personas on networking sites like LinkedIn.
4. AI and machine learning are essential in cybersecurity, as they can help organizations identify and address security vulnerabilities, making spying more difficult.
5. Burgess emphasized that organizations should be vigilant, educate their teams, and promptly address security issues to mitigate the risk of foreign espionage, particularly in the defense sector.

Read also: