The US Army reveals that foreign combatants are recruiting soldiers on LinkedIn, Reddit and Indeed for espionage, targeting young recruits in particular.
Summary
Foreign powers are using professional and social media platforms — LinkedIn, Reddit, Indeed — to identify, approach and recruit American soldiers in order to obtain sensitive information. At the AUSA 2025 conference, the US Army Counterintelligence Command warned that this threat is a daily occurrence, particularly for soldiers with additional income or publishing projects. Recent cases such as that of Taylor Adam Lee, arrested for attempting to transmit data from the M1A2 tank to Russia, illustrate the seriousness of the phenomenon. Faced with this digital recruitment of soldiers, the army is calling for vigilance on the part of local managers, careful scrutiny of secondary jobs, and cooperation with counter-espionage to identify weak signals before an individual turns to treason.
A targeted digital threat: mechanisms and scope
Key information reveals that foreign combatants are actively recruiting American military personnel online. They use platforms such as LinkedIn, Indeed, and Reddit as initial contact vectors. This strategy is part of a logic of espionage through indirect recruitment, targeting military personnel to obtain classified data.
According to Scott Grovatt, a regional counter-espionage agent, new army recruits in 2025 are using digital devices more than ever before. Many supplement their income with secondary jobs, exposing them to the risk of unwittingly collaborating with foreign entities under the guise of civilian missions. There is talk of rival civilisations using offers of ‘consultancy’, “specialist” or ‘technological research’ to attract the interest of soldiers. A simple research project or technical paper mentioned in a bar or a file could trigger surveillance, according to Grovatt.
To mitigate this vulnerability, the military is focusing on training local leaders (team leaders, non-commissioned officers) to identify warning signs. If a soldier mentions external research work or unverified contacts, these leaders are encouraged to engage in dialogue, escalate the matter to the counter-espionage unit or analyse requests for secondary employment. The aim is to act early and prevent operational radicalisation towards espionage.
Specific cases: internal espionage and arrests
The article mentions two recent cases to illustrate the seriousness of the threat.
The first is Taylor Adam Lee, aged 22, stationed at Fort Bliss, charged with attempting to transmit sensitive national defence information to Russia, including technical data on the M1A2 Abrams tank, via memory card or other media. Lee held a Top Secret/Sensitive Compartmented Information security clearance. This case highlights that even junior military personnel can have access to sensitive technical knowledge. The case dates back to August 2025.
Another case mentioned is that of Sgt Korbein Schultz, an intelligence analyst who admitted to selling documents relating to US military capabilities to entities linked to China from 2022 onwards. He was sentenced to 84 months in prison in 2025. His betrayal illustrates the risk for analysts with high-level access to become internal targets.
These examples highlight that the threat is not hypothetical: sensitive files — technical manuals, photos, plans — are already circulating beyond secure walls. The arsenal of internal data held by the armed forces is becoming a vulnerable area in the digital space.
Technical challenges: digital recruitment, collection and exploitation
The right profile and approach
Foreign recruiters target specific profiles: soldiers with security clearance, technicians, AI specialists, engineers, analysts. They exploit online professional data, technical interests or previous publications. The initial approach is often subtle: flattering comments, proposals for collaboration or external assignments. Over time, the relationship evolves into requests for operational intelligence.
The path to cognitive engagement
Rather than asking for secrets right from the start, the process is gradual. It begins with non-sensitive topics, builds trust, and then moves on to technically more compromising requests. This facilitates psychological penetration. The risk is heightened when the soldier agrees to produce writings or reports that appear harmless but deliver exploitable technical fragments.
Transition to operational espionage
Once the relationship is established, the adversary may request military system diagrams, information on exercises, technical capabilities, and weapon plans. This data is then used for vulnerability analyses, technological reproduction, or planning targeted actions. The ‘exported’ information may arrive via digital archives (cards, USB keys), encrypted exchanges, or fictitious contracts as a ‘technical consultant’.
Organisational impacts and internal security
The US military faces several institutional risks:
- Erosion of internal trust: if soldiers are suspected of espionage, it undermines cohesion, esprit de corps, and trust in clearance systems.
- Increased monitoring and screening burden: more checks, security audits, communications inspections, and reviews of secondary job applications.
- Dilution of counter-espionage resources: prioritising internal surveillance can divert counter-espionage forces away from external threats.
- Risk of technology or doctrine leakage: Information—even technical or software-related—can benefit a strategic adversary.
The military must raise awareness and implement stricter controls on soldiers’ online activities—without stifling freedom of expression or privacy. This requires a delicate balance.
Strategic countermeasures and recommendations
- Ongoing training on digital risks
Incorporate modules on digital espionage, online recruiters and manipulation techniques into initial training. Soldiers must recognise the signs (suspicious offers, unexpected requests) and know how to report them. - Supervision of secondary employment
Scrutinise all external paid activities, especially technical publications or consulting roles. Approvals must go through security or counter-espionage units. - Strengthening internal detection systems
Monitor internal communications, conduct behavioural analyses, and implement data exfiltration alert systems. Use artificial intelligence to identify anomalies in document requests or transfers. - Supervision of sensitive profiles
For personnel with high-level security clearances: periodic reviews, financial checks, psychological interviews, enhanced security audits. - Culture of preventive reporting
Encourage team leaders to discuss doubts openly, to raise the alarm without stigmatisation, and to involve counter-espionage before the matter escalates. - Exemplary sanctions
Publish court cases — such as those of Lee or Schultz — to deter such acts. Show that betraying one’s country is not a crime that can be forgotten.
This situation is not simply a problem of phishing: it reveals a structural flaw in the link between military personnel and the civilian digital world. As long as social and professional platforms remain open, soldiers are targets. The US military faces a cognitive vulnerability as much as a technical one.
The proliferation of small-scale espionage cases — often rewarded with a few thousand dollars — suggests that the amount of compromised intelligence could be vast, without each case attracting attention. A ‘modest’ soldier can deliver an exploitable fragment: a plan, an algorithm, a protocol.
At the same time, technological advances (AI, big data, profile recognition) are making the adversary’s task easier. American counter-espionage will have to modernise: not just armour plating, but adaptive intelligence and predictive detection.
Some in the hierarchy are calling for strict monitoring of soldiers’ online presence. Others fear a drift towards a society of permanent suspicion. The challenge is as much political as it is security-related: protecting without oppressing, monitoring without intimidating.
The question that remains on the table is: what proportion of personnel is actually targeted? The cases reported in the media are only the tip of the iceberg. What if a large part of the interior had already been recruited without our knowledge? The danger comes not only from foreign networks, but also from silent infiltration within the ranks.
War Wings Daily is an independant magazine.