Manage your network

China is using popular professional networking website LinkedIn to recruit spies.

LinkedIn has 560 million active members from across the globe.

Background

LinkedIn is a business and employment-oriented service that operates via websites and mobile apps. employers posting jobs and job seekers posting their CVs. As of 2015, most of the company's revenue came from selling access to information about its members to recruiters and sales professionals.

LinkedIn has evolved to suit the growing need for reliable networking and it enables employers to approach potential employees with opportunities based on their public profile. Unlike Facebook or Twitter, there is no pre-condition for establishing a new “connection”, therefore it is easy to contact complete strangers.

LinkedIn has been alerted by the US government’s national counter-intelligence and security Centre about a “super aggressive” Chinese campaign to contact thousands of LinkedIn users who have access to confidential material. This is in addition to foreign hackers using Facebook, Google and Twitter during the 2016 US President elections to spread misinformation or “fake news”.

Read more about our extensive analysis on Facebook’s response to foreign intervention in the 2016 election here.

Analysis

The new US alert follows similar ones made by the German and British authorities. The German intelligence agency said late last year that Chinese spies had targeted 10,000 German LinkedIn users, and the UK’s MI5 drew attention to the practice in 2015. 

William Evanina, director of the US government’s national counter-intelligence and security centre said that LinkedIn should follow the examples of Google, Facebook and Twitter to crack down on fake accounts. A popular suggestion was LinkedIn should cancel fake accounts like Twitter has done this year.

LinkedIn confirmed it had been working with US law enforcement to tackle the Chinese campaign. Paul Rockwell, the company’s head of trust and safety, said it has a threat intelligence team that focuses on the prevention, detection and mitigation of “bad activity”. 

LinkedIn said it is seeing some cases of fraudulent activity by nation states. Earlier this month, it said it had taken down 40 accounts that appeared to be trying to connect with people involved in political organizations. LinkedIn is one of the only major US tech platforms to operate in China, where it has a joint venture.

However, the networking site said it has so far escaped being used for disinformation campaigns, like those thought to be conducted by Russia and Iran on Facebook, Google’s YouTube and Twitter.

LinkedIn does not have the same degree of virality as many other social networks. It is less effective at spreading misinformation or fake news quickly. However, it generates revenue by selling subscriptions to recruiters, making it easy to reach out to strangers with job offers. 

Google, Facebook and Twitter are all due to testify before the Senate Intelligence Committee next week. They will be quizzed on their efforts to combat manipulation campaigns designed to sow political division ahead of the US midterm elections in November.

LinkedIn has so far not been called to testify on problems related to fake accounts.

Assessment

Our assessment is that China’s continued use of American websites to recruit operatives is a serious threat to the security of the world, not just the US. The very nature of networking sites enables organizations to quickly spread misinformation. We feel that the Senate Intelligence Committee Hearing, scheduled for next week, will provide the US with a path to fixing such critical issues.