Multiple LinkedIn Accounts Announce US Government Top=Secret Security Clearance
US federal employees and military personnel are using LinkedIn to publicize the fact that they can access top-secret government information, a move that experts say can “increase the risk of targeting” adversaries.
Last week, The Telegraph reports that the British Ministry of Defense had asked its employees to remove their security clearance information from their LinkedIn profiles, citing the growing threat of Chinese espionage.
“If individuals use social networking sites/apps and advertise their security clearance (e.g., what level of clearance they have), they put themselves [sic], colleagues and national security at risk,” the Department of Defense reportedly said in an internal memo. “Individuals should remove these details from their social media profiles immediately.”
Several people with high-level security clearance from the UK government, allowing them to access highly sensitive information, still post their level of security clearance on LinkedIn.
But the problem is not limited to the UK
Fortune found several LinkedIn accounts belonging to Americans who were using the platform to publicize the fact that they had access to top-secret information.
Publicize the “top secret” clearance
In US federal government jobs, including those in the military, there are three levels of national security clearance: confidential, secret and top secret.
A number of LinkedIn profiles Fortune found advertised a Top Secret/Sensitive Compartmented Information (TS/SCI) clearance, with people displaying their security clearance status working in a mix of private sector and government jobs.
A spokesperson for the National Counterintelligence and Security Center (NCSC) in the Office of the Director of National Intelligence said Fortune that people working for the US government were encouraged to take a series of “minimum” steps when it came to social media.
Those steps included being careful about what was posted on social media about their work, including security clearances, “because it might attract the attention of criminals or adversaries.”
Other steps federal agents have been advised to take include never accepting online invitations to hook up from people they don’t know, even if they are the friend of a friend, and to validate connection requests by other means before accepting them.
Staff were also encouraged to review their social media settings to control the amount of information they presented to the public, the NCSC spokesperson added.
Fortune sent connection requests to a handful of random LinkedIn users who publicly advertised their active TS/SCI status on their profiles. Almost all accepted, despite the request coming from a complete stranger.
None of the people who accepted a request responded to Fortune‘s questions about why they were making their national security clearance status public.
The Indeed Jobs site describes the TS/SCI clearance as “one of the highest levels of security clearance”, which means that anyone with this level of clearance has access to highly sensitive information.
“TS/SCI clearance allows you to access sensitive information that is not publicly available,” the Indeed team said in a statement. blog post in June.
“Sometimes this can mean access to data, information or even technology that is only available to those with the appropriate level of clearance. Often, the type of data a TS/SCI authorized person can access involves national security.
When a job or project requires access to classified national security information, the relevant level of security clearance may be granted by one of several government agencies, including the Department of Defense, Department of State and the CIA.
Security clearance is granted after a background check, which is carried out by the Diplomatic Security Service, with some agencies requiring applicants to take a polygraph test. More than 38,000 personnel background checks are conducted each year for federal agencies.
Stuart McKenzie, senior vice president of EMEA operations at defense and security analytics firm Mandiant Consulting, said Fortune that while the risk of security clearances being publicized on LinkedIn and other social media sites may not be the biggest threat, it could still pose a significant risk.
“Understanding who has what level of permission and has been exposed to what data through prior work experience will increase the risk of targeting,” he explained. “The [British Ministry of Defense] is right to say that you can endanger others in this way. Exposing that you have recently worked on sensitive projects will expose your former colleagues and also increase their risk.
McKenzie added that it is not necessary for individuals to advertise their security clearance level on social media.
“It will only increase the threat to the individual and their employers,” he said. Fortune.
Sign up for the Makeshift Features mailing list so you don’t miss our biggest features, exclusive interviews and surveys.