Sophos Cloud Optix
Belgium’s press and politicians are up in arms after members of the country’s state security agency were discovered promoting themselves, and their relationship to the agency, on LinkedIn and Facebook.
According to a report in Belgian publication De Standaard, searches on both LinkedIn and Facebook uncovered profiles belonging to employees for both the State Security Agency (Surete de l’Etat) and Belgium’s Coordinating Body for Threat Analysis (OCAM).
Naked Security was able to independently verify some of the article’s claims, finding two profiles on LinkedIn that appear to belong to analysts working for OCAM.
Here’s Pascale, for example:
The profiles appear identical to one mentioned in De Standaard, but give little information about the analysts beyond their name and professional affiliation.
“The online openness is…remarkable for employees of a service that depends on secrecy,” the article said.
Indeed. After all, you wouldn’t catch employees of the CIA promoting themselves over social networks!
Except that…you would. If you checked. In fact, LinkedIn lists a couple of hundred members who identify their employer as the Central Intelligence Agency. Now, for sure, some of those are suspect. Like the guy from Porto Area, Portugal, who claims to be Vice President of the Central Intelligence Agency.
Or “Jay H.” from Greater New York, a CIA “assassin” whose LinkedIn profile picture has him flashing the devil horns while standing next to a Ben Franklin impersonator.
I have my doubts about Jay. But others check out – like Karen M, Chief of the CIA’s Global Economic Security Group.
That’s a pretty public role there, but there are plenty of other LinkedIn members working at lower levels of the US spy agency – many of them as analysts – that aren’t afraid to wave their spook flag.
Frankly, by comparison, the OCAM analysts’ profiles on LinkedIn, like Pascale’s (above) and Frank’s (below) are pretty tame and give little information about the analysts beyond their name and professional affiliation.
The danger for organizations like the CIA, NSA and other intelligence services is that those members might become the targets of sophisticated phishing attacks by adversaries who use the publicly available information on LinkedIn and other social networks to learn more about the individuals and to construct a social graph of their professional and personal contacts.
That information might then be used to push malicious software or other attacks to the intelligence agency employee, potentially giving the attackers a foothold on agency systems.
We don’t know that any of the intelligence professionals have violated their employers’ policies by maintaining social media profiles that mention their professional affiliation.
Other branches of the military [PDF], as well as the FBI, are known to support employees’ use of social media.
But they also advise employees to be thoughtful of what information they post there and be wary of attacks that may come by way of social networks.
Spy image courtesy of Shutterstock
Analysts are not typically covert at the CIA.