NewsBite

Is LinkedIn the latest hacking hunting ground? Okta thinks it’s vulnerable

The great job relocation sweeping the country has created a security weakness being exploited by hackers entering via LinkedIn profiles, Okta warns.

Medibank hackers release more sensitive data

The chiefs of security company Okta say LinkedIn has become a hunting ground for bad-threat actors who target relatively new staff with phishing links amid onboarding processes.

The warnings arrive after the nation suffered two of its biggest data breaches in history when almost 20 million people’s data was exposed in separate Optus and Medibank attacks.

Ben Goodman, the company’s Asia Pacific managing director, said cyber criminals were intentionally trying to trick new hires within their first few months of work.

“Given we had the great resignation last year, we had people moving jobs, it became a really big factor that we had a demographic of people that are at their most susceptible,” he said.

“While there are lots of angles that cyber criminals are using to try and get in, that’s probably been the most prevalent one to look at where people have been compromised.

“You find things like LinkedIn become a really good tool in some cases for understanding people movement.”

Okta chief executive Todd McKinnon doubled down on Mr Goodman’s comments, noting that people would “naturally” fall for scams amid efforts to quickly adapt to their new company.

“I think people have a lot to do and they’re working very hard and they’re focused on their job. They’re naturally going to fall for things (when they’re) new to the company,” he said.

“(They) want to go the extra mile and if (they) get a text from their CEO, a fake text it turns out, of course (they’re) going to try to respond.”

Mr Goodman said many companies, especially larger firms, did not have the right infrastructure to deter bad actors from targeting new employees.

Okta Asia Pacific managing director Ben Goodman.
Okta Asia Pacific managing director Ben Goodman.

“A lot of companies don’t necessarily have the right technology ecosystem in place around trusted devices, email and efficient technology. That early to organisation stage is really a threat point that a lot of people are acting on,” he said.

Asked how it countered bad actors on its platform, a LinkedIn spokesman said the company said its strategy targeting “inauthentic activity” removed 96 per cent of fake accounts and 99.1 per cent of spam and scam accounts before users saw them.

“We combine technology and teams of experts to find and remove the vast majority of fake accounts and scams before you ever see them,” they said.

“We also encourage members to report if they see any suspicious message or a profile they believe is fake.”

Okta’s comments arrived during a recent round table where Mr Goodman and Mr McKinnon were joined by AFL chief technologist Rod Pickering.

Mr Pickering said the AFL now refused to work with vendors that didn’t use Okta’s verification service.

“Really importantly when we on-board new applications, whether that be for the customer or for workforce, the first question we ask is and one of our only non functional requirements is does it work with Okta. If it doesn’t, we don’t want it,” he said.

“It’s actually just that for us, really from a purely selfish perspective, it’s an ease of management.”

Accessing contact details on LinkedIn is big business for tech companies, with many developing browser extensions that can reveal the email addresses and mobile numbers user register on the platform with. Lusha is one such business.

Okta chief executive Todd McKinnon says it’s “natural” for busy staff to fall victim to phishing scams.
Okta chief executive Todd McKinnon says it’s “natural” for busy staff to fall victim to phishing scams.

“Lusha Extension lets you instantly reveal contact and company data on the right prospects, right where you work: LinkedIn, Gmail, Salesforce, or any company site,” the extension’s app store summary reads.

LinkedIn users with low security settings who allow their profiles to be “searchable” and visible to users who are not logged into the platform often include contact details in posts when starting a new position.

Asked who bad threat actors target most, Mr McKinnon said they often took a broad blast approach.

“They basically try them all until one works. Some of these phishing campaigns just go out to every user they see and if they don’t get a hit, they go to the next partner," he said.

Mr Goodman said much of what LinkedIn asks users to publicise on its platform is attractive to bad actors.

“There is no doubt that a user’s activity on LinkedIn, as with any social platform, could pose a potential threat to an organisation’s cyber security defences. Due to its focus on the business community, hackers can use LinkedIn profiles to create more targeted phishing attacks against corporations,” he said.

“With people profiling their education, work history, skills, and achievements, hackers can easily access the information needed to create personalised messages and then customise potential attacks designed to infiltrate a company’s systems.

“One common tactic involves sending targets a phishing email designed to convince them to click on a link that downloads malware or sends the individual to a fake website to capture his or her login credentials.”

Originally published as Is LinkedIn the latest hacking hunting ground? Okta thinks it’s vulnerable

Add your comment to this story

To join the conversation, please Don't have an account? Register

Join the conversation, you are commenting as Logout

Original URL: https://www.thechronicle.com.au/business/is-linkedin-the-latest-hacking-hunting-ground-okta-thinks-its-vulnerable/news-story/d09d26b2a81677108fcffecbe12c0fc3