
Chief U.S. spy catcher says China using LinkedIn to recruit Americans - AnatMl2
https://www.reuters.com/article/us-linkedin-china-espionage-exclusive/exclusive-chief-u-s-spy-catcher-says-china-using-linkedin-to-recruit-americans-idUSKCN1LG15Y
======
faitswulff
I found it interesting that the espionage is largely aimed at the private
sector and not the government:

> About 70 percent of China’s overall espionage is aimed at the U.S. private
> sector, rather than the government, said Joshua Skule, the head of the FBI’s
> intelligence division, which is charged with countering foreign espionage in
> the United States.

> “They are conducting economic espionage at a rate that is unparalleled in
> our history,” he said.

~~~
dfsegoat
Think of a scenario where certain government employees have accounts on some
Private sector service: Maybe a Grindr or Tinder -- if they can work to obtain
any sort of compromising information from those services - they can then use
it to manipulate government employees ("Do what I say, or i'll out you")... In
fact, pretty sure a Chinese co. recently obtained controlling interest of
Grindr.

[https://www.nytimes.com/2016/01/12/technology/grindr-
sells-s...](https://www.nytimes.com/2016/01/12/technology/grindr-sells-stake-
to-chinese-company.html)

~~~
nostromo
We can inoculate ourselves to this threat by not caring about what
politicians, government workers, and other people in general do in their
private romantic lives.

~~~
x3n0ph3n3
Well, a think a spouse might justifiably care in the case of cheating.

~~~
scottlegrand2
At which point that's just the cycle of karma closing the loop, no?

~~~
394549
> At which point that's just the cycle of karma closing the loop, no?

You misunderstand. No one cares about Alice's personal life, karma, or
happiness. All they care about is manipulating Alice and what a manipulated
Alice might do. Alice's desire to hide her cheating from her spouse could lead
Bob's trade secrets to getting stolen. Bob did nothing wrong here to have his
"cycle of karma closing the loop."

~~~
scottlegrand2
Never give Alice your passwords and always have a lock code on your cell
phone. Anything else is a moral hazard in my opinion. Bob is complicit in this
case IMO.

If my spouse were to attempt to extract data from my work laptop she would run
smack-dab into my password. If on the other hand Bob has extracted highly
confidential data onto a freely available machine, then Bob is not only
complicit, Bob is culpable. Don't be Bob.

If we take this further and Bob's employer made it that easy to extract highly
confidential data then they are their own worst enemy.

For example, if a foolish Google employee attempts to stalk an ex-partners
confidential data from within Google, they will be terminated and escorted out
of the building within 60 minutes. Be like Google here.

~~~
394549
You misunderstand again. Bob isn't Alice's spouse, he's Alice's employer. Bob
legitimately gave Alice access to confidential information in order to do her
job. But, unknown to him (unless he intrusively investigated her personal
life), Alice could be blackmailed into abusing that access because she cheated
on her spouse.

Bob isn't "complicit" or "culpable" he's a victim.

I think you're overconfident in simple security measures and have a poor
understanding of human security threats.

------
imglorp
A company I worked for in a $hot_field had some dev servers breached from some
IPs in China; they got some of our app's buggy class files and not much more.
It's the kind of app you need a bunch of corporate culture to use effectively,
so the jars aren't much use.

Anyway, a few days later, a bunch of us in our R+D group got LI invites from
Chinese recruiters out of the blue. Because of the timing and supposed
motivation, we assumed we'd been approached for industrial espionage purposes,
but there's not much you can do aside from decline the invite.

~~~
craftyguy
You could troll them.

~~~
scrumper
Which would put you in the position of being a rank amateur playing against a
top pro.

~~~
craftyguy
Well you don't get to become a 'top pro' by doing nothing. Seriously though, I
doubt the recruiters are 'pro' by any stretch of the imagination.

------
rajathagasthya
This reminds of a story I read a while back about India's spy agency (RAW)
allegedly kidnapping a retired Lt. Colonel from Pakistan's spy agency (ISI) in
Nepal using his LinkedIn information as a 'job bait'. From [1]:

> _The complainant alleges that some months ago a person called Mark Thomas
> called his father on his phone number 0334344_ _43 from a number in the UK
> 0044-7451_ __722 and offered him a job at the Strategic Solutions
> Consultancy firm.

> _It now transpires that Lt Col Zahir had put up his bio-data on LinkedIn and
> some other websites seeking a job opportunity three years after he retired
> from the Pakistan army._

In short, LinkedIn's data is very, very valuable.

[1] - [https://www.indiatoday.in/mail-today/story/pakistan-media-
ra...](https://www.indiatoday.in/mail-today/story/pakistan-media-raw-
abudtucked-isi-man-avenge-kulbhushan-jadhav-970887-2017-04-12)

------
dqpb
> _" I recently saw that Twitter is cancelling, I don’t know, millions of fake
> accounts, and our request would be maybe LinkedIn could go ahead and be part
> of that"_

Wow. Strong language from the head of the U.S. National Counter-Intelligence
and Security Center

~~~
gurumeditations
Wow, the US security apparatus is truly pathetic and outdated. No wonder China
has pilfered trillions of dollars of IP from us and Russia is successfully
destabilizing our society. It reminds me of how big complacent corporations
from another era get overtaken by hungry young startups who are fluent in the
tools of today.

------
e40
There are so many unintended consequences of the internet as we know it today.
This, fake news, forums that close because their moderators don't want to cope
with the terrible stuff, and on and on.

When it was just computer science departments and a few tech companies, it was
mostly OK. With a good portion of humanity online... wow.

~~~
frockington
I remember the internet in 90s being full of spam, popups that would crash
your computer and viruses everywhere. Even before mass adoption it was still a
cesspool. I am envious of anyone who got to experience the internet in its
infancy

~~~
pixl97
Eh, until the very late 90s it wasn't that bad. After the dot com bust things
got especially bad.

------
projectramo
New jobs program: you pretend to have all kinds of heavy duty intel, let the
Chinese government hire you and then milk the new position for all it is
worth.

Could be a thriller, but I would pitch this one as a comedy.

~~~
godzillabrennus
All you need to make it happen is Seth Rogen and Roger Stone to collaborate.

~~~
projectramo
"WE got a good news bad news situation. The good news is, I convinced them
that we are working on a nano-AI-solar-blockchain-social-drone"

"And the bad news?"

"They gave me some funding. I have to hire people. What's your cousin doing
these days?"

------
ryanmarsh
Anyone contacted by China and considering an offer of money under the table
for a small "harmless" disclosure should remember that they killed at least 12
CIA sources between 2010 and 2012 [0]

State craft is not for amateurs and sources on both sides routinely get hung
out to dry. Think of your family. Do not play this game.

0: [https://www.nytimes.com/2017/05/20/world/asia/china-cia-
spie...](https://www.nytimes.com/2017/05/20/world/asia/china-cia-spies-
espionage.html)

~~~
rhizome
_they killed at least 12 CIA sources between 2010 and 2012_

Here and elsewhere in the comments, it's interesting that those stats are
always presented one-sided.

~~~
GW150914
That’s an odd thing to say in reply to someone who said, _State craft is not
for amateurs and sources on both sides routinely get hung out to dry._

------
mtgx
I'm sure the OPM hack through which they got all sorts of private blackmail-
worthy info on federal employees helped.

------
cpluspluss
this might sound really awkward but a few weeks ago two chinese linkedin
accounts approached me and asked me to attend a career fair based in nyc and
boston but i declined and said I don't understand/ can read Chinese. sorry.
And now this news comes out.

------
jorblumesea
The issue is that China has blurred lines between government and industry, and
industry often uses government resources to accomplish "private" goals.
Private defense companies use Chinese intelligence assets to gain access to IP
as part of a strategic technological transfer.

The US has no such system. Private companies are left to their own devices and
in some ways hostile to government help. On the government side, they are not
well equipped to understand or handle the needs of individual businesses.

If we want to combat this, we need to seriously change the way we approach the
problem. The reality is that private companies have immense long term
strategic value for the US and we need to protect that.

------
madengr
I’ve been saying this for years: Linked In is a spies dream. A data gold mine.

~~~
acct1771
Have you been saying similar things about any other companies for years?

~~~
madengr
Yes. Google scanning your gmail for targeted advertising. Seems Yahoo has at
least fessed up to it.

------
scottlegrand2
I think the bigger thing going on is Chinese companies setting up "AI labs" in
Silicon Valley to juice their valuation. I'm looking right at you JD.com...

------
subcosmos
If you really want to lose sleep at night .... consider the fact that foreign
intelligence agencies likely have EMPLOYEES at top tech companies....

~~~
vkou
American intelligence agencies likely have EMPLOYEES at top Chinese tech
companies.

Spies are going to spy. I'm far more concerned about my government spying on
me, then China spying on me.

------
RandomInteger4
Are they also requiring 5 years of experience for an entry level corporate
espionage gig?

------
desireco42
I wonder what is US using? I know CIA places ads for recruitment online.

~~~
rhizome
Probably LinkedIn, too.

------
Joe8Bit
New InMail

“Hi I saw your profile and it looked really interesting, have you considered a
new oppprtinity in espionage and treason? Can we setup a phone call to
discuss?”

~~~
acheron
Your colleagues have endorsed your skills in "Java", "Spring framework",
"proposal writing", and "violent overthrow of the United States government".

