Back
World News

Five Eyes Alliance Warns of Chinese Intelligence Recruitment via Job Platforms; ASIO Chief Highlights Cyber Sabotage Risk

View source

Five Eyes Warns of Chinese Intelligence Recruitment via Job Platforms

"Applicants beware!" — FBI warning on fake job ads used for espionage.

The Five Eyes intelligence alliance—comprising Australia, Canada, New Zealand, the United Kingdom, and the United States—has issued a joint bulletin warning that Chinese military intelligence services are using professional networking sites and online job platforms to recruit individuals with access to classified or sensitive information.

Separately, the head of the Australian Security Intelligence Organisation (ASIO) has warned of a growing risk of state-sponsored cyber sabotage targeting Australian critical infrastructure.

Joint Five Eyes Bulletin: Recruitment via Job Platforms

Summary of Allegations

The joint bulletin, titled "Safeguarding Our Secrets," alleges that operatives linked to Chinese military intelligence pose as employees of private consultancies, think tanks, or human resources firms. They post fictitious job advertisements for positions such as foreign policy or defense analysts on platforms including LinkedIn, Indeed, and Upwork.

Targeted Individuals

According to the Five Eyes agencies, the primary targets are:

  • Five Eyes nationals with security clearances.
  • Government and military personnel, particularly those in foreign affairs, security, intelligence, and defense roles.
  • Individuals with indirect access to government information, including academics, journalists, and think tank employees.

Recruitment Process

The bulletin describes a multi-stage recruitment process:

  1. Initial contact via fake job ads or direct outreach.
  2. Virtual interviews conducted with concealed identities.
  3. Requests for trial reports on topics including China's bilateral relations, defense, or trade.
  4. Escalating pressure to provide non-public or privileged information.
  5. Transitioning conversations to encrypted messaging platforms.
  6. Payment for reports via third-party platforms such as PayPal, Western Union, Wise, or cryptocurrency, ranging from a few hundred to several thousand dollars.

Consequences and Warnings

"Even unclassified information can be aggregated to form a comprehensive operational picture." — Five Eyes joint bulletin.

The Five Eyes agencies stated that some individuals who undertook these activities have faced criminal prosecutions, job losses, or revocation of security clearances. UK Security Minister Dan Jarvis advised potential targets to watch for "signs of online targeting and avoid inadvertently compromising our security."

Background and Reactions

The Five Eyes alliance has issued similar warnings individually in the past, but this joint bulletin is described as unprecedented. In November 2024, Britain's MI5 cautioned about Chinese spying on parliament. Australia has reported "unprecedented" levels of espionage, with ASIO officials stating that individuals with access to secrets are being actively targeted.

The Chinese embassy in the UK condemned the accusations as "entirely fabricated" and "malicious slander." A statement from the embassy noted that Five Eyes members engage in espionage globally.

Professor Clive Hamilton of Charles Sturt University commented that the method is not new but noted that people may be drawn in by money and flattery. He added that Australia's increased engagement in regional security makes more Australians vulnerable to such inducements, especially those recently leaving sensitive organizations.

ASIO Warning on Cyber Sabotage

Statement by ASIO Chief

"Australia faces a growing risk of cyber-enabled sabotage within the next five years." — Mike Burgess, ASIO Director-General.

Mike Burgess, Director-General of the Australian Security Intelligence Organisation (ASIO), stated on Wednesday in Melbourne that increased levels of espionage contribute to this threat.

Targeted Infrastructure and Attributed Groups

Burgess identified a specific nation-state as conducting multiple attempts to scan and penetrate critical infrastructure within Australia and its allies. Targets include water, transport, telecommunications, and energy networks. He referenced two hacking groups, Salt Typhoon and Volt Typhoon, which he stated operate for Chinese government intelligence and military.

  • Salt Typhoon has reportedly targeted telecommunications companies in the US and has probed Australian telecommunication networks for espionage purposes.
  • Volt Typhoon is described as having compromised critical infrastructure networks in the US for potential future sabotage, with similar probing observed in Australian critical infrastructure.

Potential Impacts

Burgess warned that authoritarian regimes are increasingly willing to sabotage critical infrastructure. Stated objectives include:

  • Impeding decision-making
  • Damaging economies
  • Undermining war-fighting capabilities
  • Generating social discord

He illustrated potential impacts by referencing brief telecommunication outages that caused widespread societal disruption and presented hypothetical scenarios such as the incapacitation of all telecommunication networks, power outages during heatwaves, contamination of drinking water, or the crippling of the financial system.

Economic Costs

Espionage activities are estimated to have cost Australia A$12.5 billion in 2023-24.

This figure includes approximately A$2 billion worth of trade secrets and intellectual property stolen from Australian companies in one year. Burgess noted that intelligence collection is broadening to target private sector projects, negotiations, and investments for commercial advantage, alongside customer data.

Hacker Capabilities

Burgess described the methods employed by these hackers as sophisticated. They involve identifying network vulnerabilities, penetrating systems, mapping infrastructure, and maintaining persistent, undetected access.

The Chinese embassy has been contacted for comment regarding these allegations.