Cybercriminals, Nation-State Hackers Use LinkedIn for Targeting

Cybercriminals and state-actor hackers increasingly are using LinkedIn as a source for company information and connections with diplomats and other officials, wrote chief technology officer Andy Kays in a commentary for the International Business Times on Feb. 2.

For example, in December the German Interior Ministry reported that Chinese intelligence services have been attempting to extract information and find intelligence sources by creating fake profiles on LinkedIn, Reuters reported.

Hackers can use LinkedIn’s “see all employees” feature to generate a target list for phishing attacks, wrote Kays, who works for UK threat and detection response company Redscan. Using LinkedIn to identify a company’s suppliers, technology providers and other connections, hackers can find potential ways into its systems. Information technology job ads on the site can reveal which databases, operating systems, storage and scripting languages a firm uses. Criminals also can place malware on their own profiles and then visit others’ to prompt visits that will spread viruses and other malicious software.

Kays doesn’t recommend that people and organizations stop using LinkedIn, but rather that they adjust their privacy settings and carefully consider how much and what type of information they share.

Read More at IBT.

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Counterterrorism

Go to Top