LAST WEEK, THE DUTCH General Intelligence and Security Service (AIVD) launched an awareness campaign dubbed ‘Check before connecting’. The purpose of the campaign is to inform the Dutch public about risks of foreign actors using fake accounts on social media, in efforts to acquire sensitive business information.
According to the AIVD, such online campaigns frequently target and recruit employees of Dutch private sector companies. The
awareness campaign is
carried out
via Twitter, Instagram and LinkedIn. It is aimed at raising awareness
in society at-large. The AIVD will publish a number of fictitious
practical examples over time, in order to educate the public.
AIVD director-general Erik Akerboom told Dutch newspaper Het Financieele Dagblad
that Dutch and other Western secret services have been surprised by the
sheer number of cases in which private sector employees disclosed
sensitive information, after being blackmailed or enticed with money to
share information. After foreign intelligence operatives make initial
contact with their target via LinkedIn, the relationship quickly turns
more “personal”, according to Akerboom. The new contact acts
flatteringly about the unsuspecting target’s knowledge and competence.
“You are asked to translate something. This can be followed by a
physical meeting”, he says.
Potential targets are “ranked” by their
position in an organization, position in a business network, and level
of access to sensitive information. “The rankings determine which
persons are prioritized for recruitment attempts”, according to
Akerboom. This sometimes involves the creation of fake human resource
recruitment agencies, as British, Australian and American intelligence
agencies have warned about in the past.
While not a new phenomenon, the scope and
effectiveness of foreign infiltration attempts have now reached a scale
that has prompted the AIVD to warn the public. China and Russia have
made attempts to acquire advanced technology in Western countries,
including the Netherlands, via corporate takeovers, digital espionage,
and human intelligence operations. Last year, the Netherlands expelled
two Russian spies who successfully recruited employees at a number of
Dutch high-tech companies. One of the Russians created fake profiles
posing as a scientist, consultant and recruiter. The AIVD did not
disclose the names of these companies.
Former United States Department of
Defense and National Security Agency senior intelligence officer Cody
Barrow, now director of threat analysis at an Amsterdam-based cyber
security company, says
he estimates that “many thousands” of Dutch citizens have received
LinkedIn invites from Chinese spies. Invites are often accepted
carelessly, without checking the legitimacy of the profile who sends the
invite. If other persons in one’s social network are already connected
to that profile, a false sense of legitimacy can be created.
Cyber security expert Ronald Prins, who is a former technical member of the ex-ante
oversight committee on the exercise of hacking and interception powers
by Dutch intelligence services, thinks the awareness campaign is a good
move. He adds, however, that the AIVD should be “more proactive” to
detect attacks. He notes that the AIVD has no political mandate to act
on attacks against economic interests. “When will they put effort into
protecting the economic security of the Netherlands?”, Prins asks.
In 2021, Akerboom said
that “all crown jewels” of the Dutch economy are at risk. In its yearly
plan for 2022, the AIVD proposes to make “significant investments” into
helping protect commercial companies and the “earning strength of the
Netherlands”. In December 2021, the coalition agreement
of the newly formed Dutch cabinet showed a €300 million extra budget
for the intelligence services over the next five years. However, no
concrete spending plans exist at the moment.
The AIVD previously warned of the risks
that digital economic espionage poses to Dutch economic security in its
annual reports of 2014 [pdf] and 2017. In its annual report for 2020,
the AIVD noted that a data breach revealed that China kept an ‘overseas
key influential’ database, containing data about 2.4 million
influential persons abroad.