New app to help spot online spies
A new app has been launched by the UK government to prevent people falling victim to online approaches by foreign spies.
MI5 says it has seen 10,000 UK nationals targeted by fake social media profiles on sites like LinkedIn and Facebook.
The spies are seeking to lure people into passing on sensitive information.
The Think Before You Link app will help people spot suspicious approaches.
Spies have long approached people with access to sensitive information, but the online world has allowed this to happen at huge scale and at distance.
There is no longer a need to sidle up to someone at a conference or over a coffee when you can use a fake profile online to lure them into a conversation.
Initially those approached may be asked for less sensitive information before a line is crossed.
The government has released a series of case studies illustrating how people have been approached by spies seeking sensitive information.
In one, an unnamed former civil servant with security clearances was approached online over a professional networking site, and then travelled to a foreign country for meetings.
Over a six-month period, they were provided with a “covert communications system” and asked to provide sensitive government information.
That case is used as an example of the growing threat of online approaches by foreign spies.
In another example, a serving security-cleared civil servant was approached by someone pretending to be from a think tank.
Because they appeared to have a shared contact, the civil servant assumed the profile was genuine, despite some doubts. That led to a series of messages and the offer of a business consultancy.
The number of these approaches has increased significantly, officials say, with MI5 spotting 10,000 people across society being approached last year.
Ken McCallum, director general of MI5, said, “Foreign spies are actively working to build relationships with those working in government, in high-tech business and in academia.
“The Think Before You Link app supports those who may be receiving disguised approaches, helping them to conduct their own digital due diligence before accepting unknown contacts online.”
Although not mentioned directly, China is often described as being behind many of these campaigns.
The app is primarily aimed at government officials and those in sensitive industries, but everyone will be able to download it for free from today.
Flatter to deceive
Designed with the help of behavioural scientists, the app prompts users with a series of questions to help assess if someone who has approached them might be fake.
This includes being on the look-out for flattery or offers which appear too good to be true.
According to the app’s website, users will even be able to earn “trophies and certificates which can be shared with their security team”.
The app also includes an inbuilt reverse image search to spot pictures which may be re-used from other sites, since this is often a hallmark of fake identities.
The user’s responses will be analysed to say whether a profile is high, medium or low-risk.
If it is medium or high, they will be recommended to report it.
The app doesn’t access a database of spies and can’t provide a definitive answer, but is designed to highlight the risks. The app is unlikely to be effective against the most sophisticated spies who will use real rather than fake identities.
And in the future, the ability to spot fake spies may become harder, as states employ artificial intelligence and more effective “deep fakes” to manufacture identities.
The app is the latest move from the Centre for the Protection of National Infrastructure’s (CPNI) Think Before You Link campaign.
Fake profiles are being created on an “industrial scale”, according to Steve Barclay, lead Minister for Cyber Security: “It is therefore crucial that we do all we can to protect ourselves and our information, ensuring those who we connect with online are who they say they are. This new app will be an important tool in that endeavour.”