NSA contractors use LinkedIn profiles to cash in on national security

NSA 'incidentally collected' British citizens’ mobile phone and fax numbers, emails and IP addresses

NSA spies need jobs, too. And that is why many covert programs could be hiding in plain sight.

Job websites such as LinkedIn and Indeed.com contain hundreds of profiles that reference classified NSA efforts, posted by everyone from career government employees to low-level IT workers who served in Iraq or Afghanistan. They offer a rare glimpse into the intelligence community’s projects and how they operate. Now some researchers are using the same kinds of big-data tools employed by the NSA to scrape public LinkedIn profiles for classified programs. But the presence of so much classified information in public view raises serious concerns about security — and about the intelligence industry as a whole.

“I’ve spent the past couple of years searching LinkedIn profiles for NSA programs,” said Christopher Soghoian, the principal technologist with the American Civil Liberties Union’s Speech, Privacy and Technology Project.

After The Washington Post revealed details about the NSA’s Marina, Mainway and Nucleon databases on June 15, 2013, Soghoian tweeted out the results of one such LinkedIn search.

 […]

Many responses linked to profiles that listed ever more NSA programs. Soghoian’s tweet also prompted short posts at TechDirt, Gizmodo and Slashdot.

On Aug. 3, The Wall Street Journal published a story about the FBI’s growing use of hacking to monitor suspects, based on information Soghoian provided. The next day, Soghoian spoke at the Defcon hacking conference about how he uncovered the existence of the FBI’s hacking team, known as the Remote Operations Unit (ROU), using the LinkedIn profiles of two employees at James Bimen Associates, with which the FBI contracts for hacking operations.

“Had it not been for the sloppy actions of a few contractors updating their LinkedIn profiles, we would have never known about this,” Soghoian said in his Defcon talk. Those two contractors were not the only ones being sloppy.

The LinkedIn profile cited by Soghoian’s initial tweet mentions classified NSA programs like Nucleon, Dishfire, Octave,..

Read more: http://america.aljazeera.com/articles/2014/5/29/nsa-contractors-linkedinprofiles.html