UAE - The battery-sapping "performance patch" that Etisalat sent to its BlackBerry subscribers over the last few days was designed to give the UAE operator the ability to read its customers emails and text messages, a Qatar-based software expert told CommsMEA yesterday.
Last week, Etisalat told its 100,000 BlackBerry subscribers that a "performance enhancement patch" would be sent to them to "provide the best BlackBerry service and ultimate experience". But users who downloaded the software complained of dramatically reduced battery life and slower than usual performance of their devices.
Nigel Gourlay, a Doha-based Sun-certified Java programmer who has been developing open source software for 15 years, analysed the patch after it was posted on BlackBerry’s community support forum and he said that once installed, it potentially gives Etisalat the power to view all emails and text messages sent from the BlackBerry. (more)
FutureWatch - Governments may make the manufacturer or carrier pre-load this capability as a condition of doing business in that country.
Tuesday, July 14, 2009
What CEOs Don't Know About Cybersecurity
A new study hints at how often cyberthreats aren't communicated to the boss.
Being the chief executive has its privileges. And one of them may be a blissful ignorance of your company's data breach risks.
According to a study to be released Tuesday by the privacy-focused Ponemon Institute, companies' chief executives tend to value cybersecurity just as--if not more--highly than their executive colleagues. But compared to lower-level execs, CEOs also tend to underestimate the frequency of cyberthreats their organization faces. (more)
Having observed the scene for over 30 years, these findings may be extended to include any technical threat to information security.
Quote of the Day -- "We don't know how much filtering of bad news happens that keeps CEOs from hearing some of the darker secrets." ~ Dr. Larry Ponemon
Being the chief executive has its privileges. And one of them may be a blissful ignorance of your company's data breach risks.
According to a study to be released Tuesday by the privacy-focused Ponemon Institute, companies' chief executives tend to value cybersecurity just as--if not more--highly than their executive colleagues. But compared to lower-level execs, CEOs also tend to underestimate the frequency of cyberthreats their organization faces. (more)
Having observed the scene for over 30 years, these findings may be extended to include any technical threat to information security.
Quote of the Day -- "We don't know how much filtering of bad news happens that keeps CEOs from hearing some of the darker secrets." ~ Dr. Larry Ponemon
ESC Highlights Growing Espionage Threat
Some items from the latest issue of Employee Security Connection...
Corporate Espionage Rising: All told, U.S. businesses lose up to $250 billion in revenue as well as 750,000 jobs annually. To help your employees do their part to fight spying and insider risks, we explain the basic types of threats-both technical and non-technical.
Security Risks R Us: Think your employees know their stuff when it comes to spying? Here we offer a quick quiz for your employees to assess their security savvy.
Foreign Affairs: You'll want your employees to take note of this recent case in which a contractor lost his security clearance and went to jail for failing to report his relationship with a Chinese national.
Be Safe When Traveling Overseas: Whether your employees are packing for a pleasure trip or just hoping to do some sightseeing in conjunction with business travel, we provide some timely tips to help them prepare. (q.v. Staying Safe Abroad)
Security Directors...
Employee Security Connection is a quarterly awareness newsletter, developed by the National Security Institute to help educate employees to the risks and security responsibilities for protecting classified and proprietary information. Four quarterly issues, 8 pages each, in Adobe PDF format. Customized with your logo. One subscription allows organization-wide distribution rights (e-mail, intranet or print). They do all the work. You get all the credit. Easy!
Corporate Espionage Rising: All told, U.S. businesses lose up to $250 billion in revenue as well as 750,000 jobs annually. To help your employees do their part to fight spying and insider risks, we explain the basic types of threats-both technical and non-technical.
Security Risks R Us: Think your employees know their stuff when it comes to spying? Here we offer a quick quiz for your employees to assess their security savvy.
Foreign Affairs: You'll want your employees to take note of this recent case in which a contractor lost his security clearance and went to jail for failing to report his relationship with a Chinese national.
Be Safe When Traveling Overseas: Whether your employees are packing for a pleasure trip or just hoping to do some sightseeing in conjunction with business travel, we provide some timely tips to help them prepare. (q.v. Staying Safe Abroad)
Security Directors...
Employee Security Connection is a quarterly awareness newsletter, developed by the National Security Institute to help educate employees to the risks and security responsibilities for protecting classified and proprietary information. Four quarterly issues, 8 pages each, in Adobe PDF format. Customized with your logo. One subscription allows organization-wide distribution rights (e-mail, intranet or print). They do all the work. You get all the credit. Easy!
Japanese scientists to build robot insects
Japan - Police release a swarm of robot-moths to sniff out a distant drug stash. Rescue robot-bees dodge through earthquake rubble to find survivors.These may sound like science-fiction scenarios, but they are the visions of Japanese scientists who hope to understand and then rebuild the brains of insects and program them for specific tasks.
Ryohei Kanzaki, a professor at Tokyo University's Research Centre for Advanced Science and Technology, has studied insect brains for three decades and become a pioneer in the field of insect-machine hybrids. (more)
Friday, July 10, 2009
Negative feedback, buyer claims he was arrested.
A Chinese national was indicted this week for conspiring to violate U.S. export law, following a nearly three-year investigation into his alleged efforts to acquire sensitive military and NSA-encryption gear from eBay and other internet sources.
Chi Tong Kuok, of Macau, told Defense Department and Customs investigators that he had been “acting at the direction of officials for the People’s Republic of China,” according to a government affidavit in the case. “Kuak indicated he and PRC officials sought the items to figure out ways to listen to or monitor U.S. government and military communications.” (more) (sing-a-long)
Chi Tong Kuok, of Macau, told Defense Department and Customs investigators that he had been “acting at the direction of officials for the People’s Republic of China,” according to a government affidavit in the case. “Kuak indicated he and PRC officials sought the items to figure out ways to listen to or monitor U.S. government and military communications.” (more) (sing-a-long)
You know spying is a major problem when...
...Forbes Magazine is hawking spy gear on their Web site.
(Click to enlarge)
Follow-up: Murdock Phone Tap Scandal
via Politics Daily... The Guardian broke a story revealing that Rupert Murdoch's News Group Newspapers has paid out more than 1 million pounds in court costs after its journalists were accused of involvement in phone tapping.The journalists allegedly hired private investigators to hack into the mobile phones of public figures ranging from former deputy prime minister John Prescott to supermodel Elle McPherson, as well as numerous other politicians, sports stars and actors. The investigators allegedly gained access to all sorts of confidential information about these people, including tax records, bank statements and social security files...
...one of Murdoch's former editors at the News of the World says that this scandal constitutes one of the major media stories of modern times.
First, it suggests that such behavior -- if shown to be true -- was not the result of a few rogue reporters but a systemic policy in the newsroom, opening the paper up to the possibility of a class-action lawsuit.
Second, the scandal also threatens to embroil the Metropolitan police -- who apparently did not alert all those whose phones were targeted -- as well as the Crown Prosecution Service, which did not pursue all possible charges against News Group personnel. Finally, even Conservative party leader David Cameron could be tainted by this one: The party's chief of communications, Andy Coulson, was an editor at the News of the World when the alleged wire-tapping took place. Murdoch, for his part, maintains that he knew nothing about any of this.
This morning, the Commons Culture, Media and Sports Committee of the British Parliament announced it is launching an official investigation into the use of illegal surveillance techniques. (more)
Thursday, July 9, 2009
Does your Security Program Include TSCM?
If not, your corporate strategies are about this well protected.Add TSCM / Eavesdropping Detection Audits to your security program.
Contact a qualified specialist, today. ~Kevin
Security Director Alert - "Get me some dirt on..."
Electronic eavesdropping and wiretapping attacks are coming at you from all angles: competitors, disgruntled employees, unions, foreign governments, activists, and the media. Here is a high-profile example of media spying...
Rupert Murdoch's News Group News papers has paid out more than £1m to settle legal cases that threatened to reveal evidence of his journalists' repeated involvement in the use of criminal methods to get stories.
The payments secured secrecy over out-of-court settlements in three cases that threatened to expose evidence of Murdoch journalists using private investigators who illegally hacked into the mobile phone messages of numerous public figures to gain unlawful access to confidential personal data, including tax records, social security files, bank statements and itemised phone bills.
Cabinet ministers, MPs, actors and sports stars were all targets of the private investigators.
How pervasive was this snooping?
...one senior source at the Met told the Guardian that during the Goodman inquiry, officers found evidence of News Group staff using private investigators who hacked into "thousands" of mobile phones. Another source with direct knowledge of the police findings put the figure at "two or three thousand" mobiles. (more) (more)
Rupert Murdoch's News Group News papers has paid out more than £1m to settle legal cases that threatened to reveal evidence of his journalists' repeated involvement in the use of criminal methods to get stories. The payments secured secrecy over out-of-court settlements in three cases that threatened to expose evidence of Murdoch journalists using private investigators who illegally hacked into the mobile phone messages of numerous public figures to gain unlawful access to confidential personal data, including tax records, social security files, bank statements and itemised phone bills.
Cabinet ministers, MPs, actors and sports stars were all targets of the private investigators.
How pervasive was this snooping?
...one senior source at the Met told the Guardian that during the Goodman inquiry, officers found evidence of News Group staff using private investigators who hacked into "thousands" of mobile phones. Another source with direct knowledge of the police findings put the figure at "two or three thousand" mobiles. (more) (more)
"Passwords? We don't need no stinkin'..."
Kon-Boot for Windows enables logging in to any password protected machine profile without without any knowledge of the password. There is also a version for Linux. Sounds dangerous. Stay tuned. Freeware download.Security Director Recommendation - One possible corporate environment solution; lock out USB ports and CD drives.
Spy Cheap... at The International Spy Museum
The International Spy Museum Store is having a great summer sale! Up to 50% Off + Free Ground Shipping on Orders Over $50.Very Practical...
Metrosafe Anti-Theft Computer Bag
Product Facts: When you have top-secret data to deliver, there may be spies lurking around the dead drop, waiting to lift your laptop. That’s where the Metrosafe delivers. It looks like a regular laptop case, but its security features elevate it to an effective anti-theft device. It has tamper-proof, lockable
zippers and a wire-reinforced, slash-proof shoulder strap with a built-in combination lock. (You can anchor the strap around a secure object like a table leg.) Its front and bottom panels are also slash-proof to protect against knife-wielding spies. Designed with a fully padded laptop compartment with two organizer pockets, a front zippered organizer pocket and two padded pockets to hold a cell phone, PDA, camera, or MP3 player. Fits most 13” laptops. Technical Data: 840-denier ballistic nylon/high-tensile steel wire. Black. 12” x 13-1/2” x 4”. 2 lbs., 3 oz. (33% off)
Tuesday, July 7, 2009
Why Business Espionage is Epidemic
Business espionage has kept me in business for over 30 years now. I help organizations uncover it and stop it - before they suffer expensive losses. Eavesdropping and wiretap detection is a key component to corporate counterespionage efforts because they are the easiest espionage red flags to spot.
This is what I have learned over the years.
Business espionage is rampant due to...
1. Low cost of entry.
2. High rate of return.
3. Low probability of detection.
4. Lower probability of prosecution.
5. Even lower probability of meaningful punishment.
Example...
David A. Goldenberg, ex vice president of AMX, was arrested following a six week investigation and was charged with Unlawful Access of a Computer System/Network, Unlawful Access of Computer Data/Theft of Data and Conducting an Illegal Wiretap. On May 11 he entered a plea of guilty to felony wiretapping.
The investigation revealed that, while an employee of AMX, Goldenberg had infiltrated the email accounts of Sapphire Marketing, a sales representative for Crestron. He was intercepting emails related to potential contracts, which afforded him advanced knowledge of Sapphire's customers and bid prices affording him an opportunity to underbid them. He then established a free email account and created an automatic forward of the victim's email to that address.
He has been sentenced to three years probation, including psychological counseling, and will have to pay an undisclosed fine. The maximum sentence for the crime is five years in prison but Goldenberg has managed to avoid any jail time. (more)
In this case, damage was done. Their information and strategies were taken and used against them. The loss was expensive.
Call me if your company would like to know how to detect espionage problems before they get to this stage. ~ Kevin
This is what I have learned over the years.
Business espionage is rampant due to...
1. Low cost of entry.
2. High rate of return.
3. Low probability of detection.
4. Lower probability of prosecution.
5. Even lower probability of meaningful punishment.
Example...
David A. Goldenberg, ex vice president of AMX, was arrested following a six week investigation and was charged with Unlawful Access of a Computer System/Network, Unlawful Access of Computer Data/Theft of Data and Conducting an Illegal Wiretap. On May 11 he entered a plea of guilty to felony wiretapping.
The investigation revealed that, while an employee of AMX, Goldenberg had infiltrated the email accounts of Sapphire Marketing, a sales representative for Crestron. He was intercepting emails related to potential contracts, which afforded him advanced knowledge of Sapphire's customers and bid prices affording him an opportunity to underbid them. He then established a free email account and created an automatic forward of the victim's email to that address.
He has been sentenced to three years probation, including psychological counseling, and will have to pay an undisclosed fine. The maximum sentence for the crime is five years in prison but Goldenberg has managed to avoid any jail time. (more)
In this case, damage was done. Their information and strategies were taken and used against them. The loss was expensive.
Call me if your company would like to know how to detect espionage problems before they get to this stage. ~ Kevin
Monday, July 6, 2009
Spy Trick #325 - Lost Laptops from Airports
A new study sponsored by the Dell computer company estimates that more than 12,000 laptop computers are lost or stolen each week at U.S. airports, and only 33% of those that turn up in "lost and found" are reclaimed.
The other 67% remain in the airport awhile before being disposed of, meaning there are "potentially millions of files containing sensitive or confidential data that may be accessible to a large number of airport employees and contractors," the study reports.
More than 53% of business travelers say their laptops contain confidential or sensitive information, but 65% of these people admit they don't take steps to protect it. Yet the average business cost when confidential personal information is lost or stolen is $197 per record, according to another Ponemon study. (more)
A full copy of the report can be found here. (pdf)
What do you think happens to laptops left at the airport?
Could they fall into the hands of professional snoops?
"The TSA turns it over to state surplus property agencies, which tend to sell it online or at retail stores."
Let's dig further. We'll pick Texas, a big state with several major airports (7 to be exact). They have several method of disposal...
• Online auctions at www.lonestarauctioneers.com and www.bandiauctions.com
• 3 live on-line auctions a year.
• eBay under seller name texasstatesurplus.
• At their walk-in stores.
(Texas Surplus Brochure)
It would not be difficult for business spies to track property disposal auctions from every airport.
Solutions... Crypt your disk. Install theft reporting software. Engrave "Reward if found and returned..." on the bottom.
The other 67% remain in the airport awhile before being disposed of, meaning there are "potentially millions of files containing sensitive or confidential data that may be accessible to a large number of airport employees and contractors," the study reports.More than 53% of business travelers say their laptops contain confidential or sensitive information, but 65% of these people admit they don't take steps to protect it. Yet the average business cost when confidential personal information is lost or stolen is $197 per record, according to another Ponemon study. (more)
A full copy of the report can be found here. (pdf)
What do you think happens to laptops left at the airport?
Could they fall into the hands of professional snoops?
"The TSA turns it over to state surplus property agencies, which tend to sell it online or at retail stores."
Let's dig further. We'll pick Texas, a big state with several major airports (7 to be exact). They have several method of disposal...
• Online auctions at www.lonestarauctioneers.com and www.bandiauctions.com
• 3 live on-line auctions a year.
• eBay under seller name texasstatesurplus.
• At their walk-in stores.
(Texas Surplus Brochure)
It would not be difficult for business spies to track property disposal auctions from every airport.
Solutions... Crypt your disk. Install theft reporting software. Engrave "Reward if found and returned..." on the bottom.
The Case of the Tattle-Tell Cell
NY - Mikhail Mallayev, who was convicted in March of murdering an orthodontist whose wife wanted him killed during a bitter custody battle, stayed off his cellphone the morning of the shooting in Queens. But afterward, he chatted away, unaware that his phone was acting like a tracking device and would disprove his alibi — that he was not in New York the day of the killing. Darryl Littlejohn, a nightclub bouncer, made call after call on his cellphone as he drove from his home in Queens to a desolate Brooklyn street to dump the body of Imette St. Guillen, the graduate student he was convicted this month of murdering.
The pivotal role that cellphone records played in these two prominent New York murder trials this year highlights the surge in law enforcement’s use of increasingly sophisticated cellular tracking techniques to keep tabs on suspects before they are arrested and build criminal cases against them by mapping their past movements. (more)
Sunday, July 5, 2009
Bugs Found - Georgia on my Mind
Georgia - The discovery of bugging equipment in opposition party offices indicates that the country is under a repressive regime, Georgian Public Defender Sozar Subari said on Tuesday. His statement followed claims by the Conservative Party and the Way of Georgia leaders that they found bugging equipment in their offices on Monday.
...the bugging equipment was discovered by one of the opposition leader’s security guards by using special equipment.
Later on Monday Conservative Party leaders also claimed they had found bugging devices in their office.
On Tuesday it also became known that similar devices had been found in the Alliance for Georgia’s office in Isani. One of the members of the Alliance, New Rights activist Mamuka Katsitadze, said that the New Rights is now checking its own offices. “I am also planning to examine my house...
The Interior Ministry has denied any links with the bugging devices found in opposition party offices. Spokesperson Grigol Beselia said that the Ministry’s special agencies do not use these devices any more. “A criminal case has been launched concerning the bugging equipment found in the Conservative Party and Way of Georgia offices. No special license is needed to buy these kind of devices. Anyone can buy them... (more)
...the bugging equipment was discovered by one of the opposition leader’s security guards by using special equipment.
Later on Monday Conservative Party leaders also claimed they had found bugging devices in their office.
On Tuesday it also became known that similar devices had been found in the Alliance for Georgia’s office in Isani. One of the members of the Alliance, New Rights activist Mamuka Katsitadze, said that the New Rights is now checking its own offices. “I am also planning to examine my house...
The Interior Ministry has denied any links with the bugging devices found in opposition party offices. Spokesperson Grigol Beselia said that the Ministry’s special agencies do not use these devices any more. “A criminal case has been launched concerning the bugging equipment found in the Conservative Party and Way of Georgia offices. No special license is needed to buy these kind of devices. Anyone can buy them... (more)
"Love the giver more than the gift." - B.Y.
Psst: The super-secretive National Security Agency is about to build a huge, $1.9 billion data center at Camp Williams, Utah, to help spy on communications worldwide. (more)
SpyCam Story #540 - The Covert Cruiser
OH - Why did that police cruiser camera start recording?That’s an unanswered question in the wake of the tape that showed Police Chief Tim Escola kissing and caressing a part-time officer under his command.
An attorney for the former chief suggested the cruiser camera may have been rigged, a claim township officials dispute.
POSSIBLE ANSWERS
Law Director Charles Hall said Escola or officer Janine England accidentally may have switched the camera system into a “covert mode,” which recorded their behavior June 2 as they drove a burglary suspect back from the Cincinnati area.
Those familiar with the equipment in Perry Township didn’t know the feature existed until Thursday after a review of the owner’s manual, Hall said. The system is less than a year old. “If you go to turn the device off and hold the power button, the camera goes into covert mode,” Hall said. In covert mode, the camera continues to record but the display screen and all lighting turns dark, he said.
Escola abruptly retired Tuesday night. England remains on the force and faces no discipline. (more with interesting comments) (video)
"So, SIS stands for SECRET Intelligence Service?"
The wife of the new head of Britain's spy agency has posted pictures of her husband, family and friends on Internet networking site Facebook, details which could compromise security, a newspaper said on Sunday. Sir John Sawers is due to take over as head of the Secret Intelligence Service in November. The SIS, popularly known as MI6, is Britain's global intelligence-gathering organisation.
In what the Mail on Sunday called an "extraordinary lapse", the new spy chief's wife, Lady Shelley Sawers, posted family pictures and exposed details of where the couple live and take their holidays and who their friends and relatives are. (more) (sing-along)
Saturday, July 4, 2009
Business Espionage - Frankincar
Tong Jian S11 China’s first "self-designed" hybrid sports car...
Part Prius
Part Audi R8
Part Ferrari F430
via China Car Times...
The S11 was first unveiled at the Shanghai Auto show earlier this year to an impressed crowd. The car was designed by Shanghai based TJ Innova, the S11 looks fantastic, with Audi and Ferrari design tones slipped into its sleak body, under the platform there is an AWD drivechain pushing power to each corner of the car. (more)
Just coincidence?
You decide.
Friday, July 3, 2009
IvUkenReDizUmstBeeMstrPrzadnt
For more than 200 years, buried deep within Thomas Jefferson's correspondence and papers, there lay a mysterious cipher -- a coded message that appears to have remained unsolved. Until now.The cryptic message was sent to President Jefferson in December 1801 by his friend and frequent correspondent, Robert Patterson, a mathematics professor at the University of Pennsylvania. President Jefferson and Mr. Patterson were both officials at the American Philosophical Society -- a group that promoted scholarly research in the sciences and humanities -- and were enthusiasts of ciphers and other codes, regularly exchanging letters about them. (more)
What's in a spy suspect's bedroom?
The latest revelation in the curious case of accused Cuban spies: They kept a copy of The Spy's Bedside Book
in their apartment.
A peek inside the apartment of husband-and-wife spy suspects reveals a shortwave radio, a sailing guide to Cuban waters -- and now a copy of The Spy's Bedside Book, according to new court documents in the case. (more)
in their apartment.A peek inside the apartment of husband-and-wife spy suspects reveals a shortwave radio, a sailing guide to Cuban waters -- and now a copy of The Spy's Bedside Book, according to new court documents in the case. (more)
Blind Justice Swats Blind Swatter
MA - A blind teenager was sentenced to 11 years in prison on Friday for hacking into the Verizon telephone network and using fake 911 calls to harass an investigator who was building a case against him... Matthew Weigman, 19, from Revere, Mass., was part of a group of sophisticated and notorious telephone hackers who engaged in “swatting” calls. (Calls prompting police SWAT team dispatch.)
Swatters use spoofing technology to mask their real location when placing fake 911 calls. This makes it seem as though the call is legitimate, and coming from a potential victim’s home. Police are sometimes dispatched to the homes of these “victims,” allowing swatters to effectively harass their targets from a distance.
Weigman, known as “Little Hacker,” has been involved in telephone hacking since the age of 14. (more)
Trend - Phone Encryption
During Sweden’s EU Presidency (started July 1), Swedish government authorities and the defense forces will use Sectra’s Tiger XS personal voice encryptor for eavesdrop-secure communications. Sweden is the fifth country in Europe to use Tiger XS to protect telephone conversations from eavesdropping during its EU Presidency. (more)from the web site...
One encryption device for all
Tiger XS is a personal encryptor that protects mobile and fixed communications. Use one encryption device to secure your voice, data, fax and SMS communications. Tiger XS is connected to your mobile phone via Bluetooth®. This enables a high level of security on communications networks such as GSM, PSTN, ISDN, IP networks as well as satellite systems. With Tiger XS you are safe to exchange classified information over GSM networks or ordinary telephone lines – from your office desk, at home or on the road. (more)
Thursday, July 2, 2009
Watergate. Bailout. They just sound right together.
According to a July 2 broadcast on National Public Radio, the famed Watergate Hotel in Washington, DC is likely to face foreclosure because the owners have defaulted on a $69.9 million loan on the property. Watergate is well-known to many Americans because of the events of June, 17, 1972, when DC police arrested five men trying to break in and wiretap the offices of the Democratic Party located in the building. Along with two others, they were tried and convicted in January 1973.
All seven were connected with President Richard M. Nixon's reelection committee, suggesting that what appeared to be a simple burglary/wiretap might involve high-level government officials. (more)
FutureWatch - Watergate is purchased (bailed out) by the National Park Service. Tours daily. Most popular stop... The Frank Wills Memorial Door, with tape over the lock.
Subscribe to:
Posts (Atom)
