In recent years, there has been increasing concern over the potential cybersecurity risks posed by using social media platforms like LinkedIn. LinkedIn has over 750 million members globally, with over 90 million in the United States alone. This makes LinkedIn a prime target for cybercriminals looking to exploit users’ personal and professional data. However, what exactly are the cybersecurity risks associated with LinkedIn, and how much of a threat does it really pose? Let’s take a closer look.
What kind of data does LinkedIn collect?
LinkedIn collects a significant amount of personal and professional data from its users in order to build detailed profiles and power its platform. This includes:
- Basic personal information – name, email, phone number, location, etc.
- Employment history – companies worked for, job titles, dates of employment
- Education history – schools attended, degrees obtained, dates attended
- Skills and expertise
- Accomplishments and awards
- Groups and affiliations
- Connections to other users
In addition, LinkedIn also collects more sensitive information like:
- Contact information for connections
- Birthdate
- Marital status
- Websites
- Instant messaging accounts
LinkedIn uses all this data to build a comprehensive professional profile and network for each user. However, in the wrong hands, all this personal and professional data could be exploited for cyberattacks.
What are the potential cybersecurity risks?
Here are some of the major cybersecurity risks associated with LinkedIn:
1. Profile scraping
Scraping tools can be used to harvest information from LinkedIn profiles en masse. This data could then be used for:
- Phishing attacks targeted at connections
- Business email compromise (BEC) scams impersonating employees
- Creating fake profiles for social engineering
- Building dossiers on targets for cyberespionage
2. Malware distribution
Fake LinkedIn messages containing malicious links or attachments could be used to distribute malware such as:
- Info-stealing Trojans
- Spyware
- Keyloggers
- Ransomware
Once installed, this malware could be used to compromise user accounts, networks, and data.
3. Account hijacking
Attackers may attempt to hijack LinkedIn accounts through:
- Password cracking using breached credentials
- Phishing pages mimicking LinkedIn login
- Credential stuffing using usernames/passwords from other breaches
Compromised accounts could then be used for spreading malware, business email compromise scams, or harvesting contacts’ data.
4. Network infiltration
By connecting with targets on LinkedIn, attackers could gain an initial foothold in an organization’s network. This access could then be leveraged to:
- Harvest credentials and data
- Deliver malware payloads
- Move laterally across the network
Essentially, compromised LinkedIn accounts give attackers a powerful launchpad for penetrating networks.
5. Sensitive data exposure
LinkedIn encourages users to add sensitive information to their profiles like:
- Employment history
- Skills/expertise
- Accomplishments
- Education history
This data could enable social engineering attacks or provide cybercriminals valuable intel on targets.
6. Insider threats
Disgruntled employees could abuse LinkedIn to:
- Connect with former coworkers to harvest data
- Recruit insiders at other companies as part of a cyberattack plot
- Sell sensitive company data obtained through their access
Essentially, LinkedIn empowers insider threats to more easily expand and exploit their access.
Notable LinkedIn cyber attacks
To illustrate the real-world impact of LinkedIn cybersecurity risks, here are two significant case studies:
Iranian hacking operation (2019)
In 2019, a threat group linked to Iranian intelligence services was found using fake LinkedIn profiles to build connections with targets before sending malware-laced phishing messages.
This demonstrates how LinkedIn profiling and network building can enable sophisticated, targeted cyberespionage campaigns.
92 million user credentials leaked (2016)
In 2016, a LinkedIn breach exposed over 92 million user credentials (emails and passwords), which were later leaked online.
This massive breach highlights how compromised LinkedIn credentials can be leveraged in credential stuffing attacks to takeover accounts.
Best practices for LinkedIn security
While LinkedIn does present cybersecurity risks, there are steps both individuals and organizations can take to minimize these threats:
For individuals:
- Use unique complex passwords for LinkedIn.
- Enable two-factor authentication.
- Be wary of messages containing links/attachments.
- Don’t accept invitations from people you don’t know.
- Limit sharing of sensitive personal information.
For organizations:
- Establish social media security policies.
- Educate employees on LinkedIn risks.
- Limit employee profile visibility settings.
- Monitor LinkedIn connections to employees.
- Use social media monitoring tools.
Conclusion
While LinkedIn provides valuable networking and career opportunities, it also introduces distinct cybersecurity risks. Scraping, phishing, account hijacking, malware, and insider threats are all enhanced through exploiting LinkedIn. However, with greater awareness and proper precautions, both individuals and organizations can take steps to securely leverage LinkedIn while minimizing their attack surface and risk. Ultimately, LinkedIn is likely here to stay as an important professional network, so focusing on safe usage is key.