Spies Use AI-Generated Faces To Connect With Targets

When you make a new connection with someone there is your implied endorsement that they are a real person. Katie Jones seemed very real and she seemed very plugged into Washington’s political scene. 

The 30-something redhead boasted a job at a top think tank and a who’s-who network of pundits and experts, from the Brookings InstitutionShe was connected to a deputy assistant secretary of state, a senior aide to a senator and the economist Paul Winfree, who is being considered for a seat on the Federal Reserve. But Katie Jones doesn't exist, The Associated Press has established. 

Instead, the persona was part of a vast army of phantom profiles lurking on the professional networking site LinkedIn. And several experts contacted by the AP said Jones' profile picture appeared to have been created by a computer program.

"I'm convinced that it's a fake face," said Mario Klingemann, a German artist who has been experimenting for years with artificially generated portraits and says he has reviewed tens of thousands of such images. "It has all the hallmarks."

Experts who reviewed the Jones profile's LinkedIn activity say it's typical of espionage efforts on the professional networking site, whose role as a global Rolodex has made it a powerful magnet for spies.

"It smells a lot like some sort of state-run operation," said Jonas Parello-Plesner, who serves as program director at the Denmark-based think tank Alliance of Democracies Foundation and was the target several years ago of an espionage operation that began over LinkedIn.

William Evanina, director of the US National Counterintelligence and Security Center, said foreign spies routinely use fake social media profiles to home in on American targets, and accused China in particular of waging "mass scale" spying on LinkedIn.

"Instead of dispatching spies to some parking garage in the U.S to recruit a target, it's more efficient to sit behind a computer in Shanghai and send out friend requests to 30,000 targets," he said in a written statement.

Last month, retired CIA officer Kevin Mallory was sentenced to 20 years in prison for passing details of top secret operations to Beijing, a relationship that began when a Chinese agent posing as a recruiter contacted him on LinkedIn. Unlike Facebook's friends-and-family focus, LinkedIn is oriented toward job seekers and headhunters, people who routinely fire out resumes, build vast webs of contacts and pitch projects to strangers. That connect-them-all approach helps fill the millions of job openings advertised on the site, but it also provides a rich hunting ground for spies. And that has Western intelligence agencies worried.

British, French and German officials have all issued warnings over the past few years detailing how thousands of people had been contacted by foreign spies over LinkedIn. In a statement, LinkedIn said it routinely took action against fake accounts, yanking thousands of them in the first three months of 2019. It also said "we recommend you connect with people you know and trust, not just anyone."

The Katie Jones profile was modest in scale, with 52 connections. But those connections had enough influence that they imbued the profile with credibility to some who accepted Jones' invites. 

The AP spoke to about 40 other people who connected with Jones between early March and early April of this year, many of whom said they routinely accept invitations from people they don't recognise.

C4ISRNet

You Might Also Read:

You Should Read LinkedIn's New Privacy Policy Carefully:

 

« Turning Amsterdam Into A Smart City
Cyber Criminals Have Created An Invisible Internet »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

it-sa 365

it-sa 365

it-sa 365 is a digital platform for connecting IT security vendors and experts with those who bear responsibility for IT security in management and technology.

OCERT

OCERT

OCERT is the National Computer Emergency Response Team of Oman.

Cavirin

Cavirin

Cavirin’s Automated Risk Analysis Platform reduces risk and automates security and compliance.

Onapsis

Onapsis

Onapsis is a pioneer in cybersecurity and compliance solutions for cloud and on-premise ERP and business-critical applications.

Sparta Consulting

Sparta Consulting

Sparta Consulting is an information management and business development full service provider.

Swiss Re

Swiss Re

Swiss Re Group is a leading wholesale provider of reinsurance, insurance and other insurance-based forms of risk transfer including cyber risk.

Nouveau

Nouveau

Nouveau Solutions is a specialist IT managed services company with a strategic focus on delivering cloud, infrastructure, compliance, network and security solutions.

Immersive

Immersive

Immersive unifies Cyber Drills, Exercises, Sims, Ranges, and Training into one single, adaptive platform. One Platform. Total Cyber Resilience.

Genians

Genians

Genians provides the industry’s leading Network Access Control (NAC) solution, which ensures full visibility of all IP-enabled devices regardless of whether they are wired, wireless, or virtual.

AFNOR Group

AFNOR Group

AFNOR Group designs and deploys solutions based on voluntary standards around the world and provides services including training, professional and technical information, assessment and certification.

AnzenSage

AnzenSage

AnzenSage is a cybersecurity advisory consultancy specializing in security risk resilience for the food sector: agriculture, food manufacturing, food supply chain, vineyards, and wineries.

Tidelift

Tidelift

Tidelift provides the tools, data, and strategies that help organizations assess risk and improve the health, security, and resilience of the open source used in their applications.

Sri Lanka CERT

Sri Lanka CERT

Sri Lanka CERT is the National Centre for Cyber Security, which has the national responsibility of protecting the nation’s cyberspace from cyber threats.

Trovent Security

Trovent Security

Trovent was founded with a clear goal: to support medium-sized companies in significantly increasing their IT security level.

ThreatView by Turaco Labs

ThreatView by Turaco Labs

ThreatView combines extensive experience in digital forensics with advanced analytics and threat detection capabilities to protect eCommerce websites.

DeepTempo

DeepTempo

At DeepTempo, we build AI models and related software that protect enterprises and service providers from sophisticated cyber threats.