The government of France has advised French civil servants via a DGSI & DGSE memorandum that several French businesses and government entities have been completely hoodwinked by Chinese manipulation of LinkedIn.
Over 4,000 individuals were targeted according to the French, with hundreds manipulated into “consulting contracts” and “fake interviews” where they shared both classified information, as well as corporate sensitive intellectual property.
Le Figaro describes how for the price of a “free diving holiday in Southeast Asia” an individual in France entered into a collaborative arrangement with his Chinese interlocutor.
Heed the Warning!
As we have said in the past, China uses LinkedIn for espionage.
Facility security officers (FSOs), put this line front and center in your insider threat counterintelligence training.
Every employee, not just those who enjoy the trust of the U.S. government by virtue of their security clearance, needs to be aware and cautioned on their use of social networks. There is an undeniable lack of knowledge of the power of information aggregation, which can and does occur by those targeting U.S. companies and government entities. Foreign intelligence services use social media to advance their knowledge through the theft of yours.
Theses warnings are not new, though there appears to have been a plethora of individuals in the U.S., UK, Germany, and France who haven’t been paying attention.
In 2015, we shared how the British counterintelligence entity, MI-5, cautioned it’s employees against the use of LinkedIn. In 2017 and again in 2018, the German BfV noted the use of LinkedIn, and other social networks, by the Chinese as a means to target German citizens. The number of Germans successfully contacted, according to the BfV, numbered more than 10,000.
Then in June 2018, we shared how U.S. defense contractors and U.S. intelligence were being successfully targeted by the Chinese Ministry of State Security (MSS) via LinkedIn. The MSS methods were highlighted in our piece on Ron Rockwell Hansen who not only was engaged by the MSS to engage in espionage via LinkedIn, but as a collaborative asset of the Chinese used his defense and intelligence background to engage with individuals via LinkedIn who Hansen thought may be of interest to his MSS handlers.
The Chinese method of operations has been laid bare. Just weeks ago, the indictment of a Chinese MSS officer for the attempted theft of sensitive and proprietary data from GE aviation detailed how the Chinese go about their business. (Read about the Chinese Modus Operandi.)
What can you do?
If your FSO isn’t providing the training, train yourself, and build your own insider threat defenses.
Understand your background check materials may have been compromised to the Chinese if you were processed for a security clearance prior to 2015.
You know what’s in your SF-86. If someone engages with you who seems to know more than you shared via social networks or employment applications or posted resumes, pay attention.
Be judicious in what you share.
Having a wide professional network is absolutely the norm. What you share within that network should always be filtered through the prism of ‘will this harm me, my employer or my country?’ To the best of your ability, validate with whom you are in contact. If the individual is a foreign national, and you have a U.S. security clearance, report the contact to your FSO, and ask them to inquire about the individual.
Remember, security is everyone’s responsibility, and no one is better prepared to protect the secrets you have access to than you.
