HUNDREDS of former and some present Australian spies have
posted information about their employment with intelligence agencies on the
internet in what security experts have called ''a gift for foreign espionage''.
A survey by Fairfax Media has discovered more than 200
former and present intelligence officers who have disclosed their classified
employment in profiles on LinkedIn, other professional networking sites and
social media including Facebook and Twitter.
While many former and present officers have disclosed only
the fact of their employment by agencies including the top secret Defence
Signals Directorate and the Defence Intelligence Organisation, some have
revealed significant details about their work.
These include employment at specific intelligence
facilities, overseas postings and liaison with allied intelligence agencies,
linguistic expertise indicating particular intelligence targets, and
involvement with specific issues and information technology systems.
One former officer of the Defence Signals Directorate has
illustrated close co-operation between DSD and allied signals intelligence agencies
by listing his service with the RAAF's No. 3 Telecommunications Unit at Pearce
in Western Australia; the Royal Australian Navy's Shoal Bay Receiving Station
near Darwin; postings to Britain's Government Communications Headquarters in
Gloucestershire and GCHQ's Composite Signals Station in Cornwall; another
posting to the US National Security Agency at Fort Meade, Maryland; and work at
the Australian Defence Satellite Communications Station in Geraldton, Western
Australia.
Other former Defence Signals Directorate and Defence
Intelligence officers have listed postings with counterpart agencies in Canada
and New Zealand.
Defence Intelligence Organisation officers have revealed
specialist knowledge of counter-terrorism, telecommunications and aerospace issues.
Information technology professionals are most common in disclosing their
involvement in classified intelligence work.
Former ASIO officers have disclosed their intelligence
employment by referring to the well-known cover designation for ASIO as "D
Branch, Attorney-General's Department".
A number of present staff at the Joint Defence Facility at
Pine Gap near Alice Springs, employees of aerospace giant Raytheon, have
revealed their involvement with the top secret intelligence base, including
their access to ''special compartmented intelligence'' programs.
Linguistic skills highlighted by former and present
Australian intelligence officers include Chinese, Japanese, Arabic, Farsi,
Pashtun, Hindi, Urdu, Bahasa Indonesia, Tetum and Pidgin (Tok Pisin).
Security experts described the freely available information
identifying past and present intelligence officers as ''surprising'' and said
it provided ''a gift for foreign espionage, especially through social
engineering''.
Social engineering is the art of manipulating people into
divulging confidential information, either through the introduction of malware
into computer systems through carefully crafted, personalised emails - spear
phishing, obtaining access to security codes - or by orchestrating social contact
with intelligence targets.
Melbourne computer forensics expert Kim Khor said the
abundance of personal and career information available on the internet posed a
clear security risk for both government and the corporate sector, especially
companies engaged in national security work or high technology activities.
''Bad guys would really appreciate this info being
available. It's a big advantage to easily identify people who have or have had
access to sensitive information,'' Mr Khor said.
''Potential adversaries would be very happy with what's
available.''
Robert Winkel, a former DSD officer and now an information
security consultant with the Canberra-based Saltbush Group, said Australian
intelligence collection agencies actively exploited social media and
professional networking sites to gather information on targets.
''ASIS does this, and foreign intelligence agencies are
looking for exactly the same sort of information about Australian targets,'' Mr
Winkel said.
''The Chinese tend to get a lot of information from open
sources, and that can lead to opening up contacts that provide high-level
access to classified information.''
Security and intelligence sources said social media had
emerged as ''a rich source of information'' to support intelligence operations.
''Once it could take months and laborious inquiries to collect very basic
personal information about a target, now so much of that, and much more, is
often available on the web,'' one government security source said.
''Former intelligence personnel are worthwhile targets as
they could be of direct interest, and may still be connected socially to other
people who still work in highly sensitive areas. Social media can reveal the
link, and further research may reveal opportunities such as financial issues,
gambling and marital problems.''
IT security specialist Chris Gatford said social engineering
was highly effective ''because the easiest methods of compromise are via
employees''.
Defence Department security instructions require that ''when
engaged in online forums … Defence personnel must exercise professional
judgment to ensure no information breaches operational security''.
No comments:
Post a Comment