Sunday, August 31, 2014

Broker, Trader, Lawyer, Spy: The Secret World of Corporate Espionage

In this penetrating work of investigative and historical journalism, Eamon Javers explores the dangerous and combustible power spies hold over international business.

Today's global economy has a dark underbelly: the world of corporate espionage. Using cutting-edge technology, age-old techniques of deceit and manipulation, and sheer talent, spies act as the hidden puppeteers of globalized businesses... Readers meet the spies who conduct surveillance operations, satellite analysts who peer down on corporate targets from the skies, veteran CIA officers who work for hedge funds, and even a Soviet military intelligence officer who now sells his services to American companies.

Intelligence companies and the spies they employ are setting up fake Web sites to elicit information, trailing individuals and mirroring travel itineraries, dumpster-diving in household and corporate trash, using ultrasophisticated satellite surveillance to spy on facilities, acting as impostors to take jobs within companies or to gain access to corporations, concocting elaborate schemes of fraud and deceit, and hacking e-mail and secure computer networks.


This globalized industry is not a recent phenomenon, but rather a continuation of a fascinating history. The story begins with Allan Pinkerton, the nation's first true "private eye," and extends through the annals of a rich history that includes tycoons and playboys, presidents and FBI operatives, CEOs and accountants, Cold War veterans and military personnel. (more)

A Good Short Spy Story...

The green metal file box was about the size and shape of an ammunition case. 

It was scuffed and serious-looking and packed tight with personal letters and papers that had belonged to my grandfather, who died in 1989. The line in the family had always been that he “did intelligence work in Washington after the war.” This file box gave up a better story: My grandfather was an operations officer with the C.I.A. from January 1948 to August 1951. But that revelation brought up another question: Why only three years? (more)

Dyson Project N223 - Coming Spetember 4th

FutureWatch: Teaser video suggests Dyson’s new vacuum cleaner may spy on you...

BAT Hauled to Court Over Spy Claims

Cigarette giant British American Tobacco (BAT) could have its dirty linen aired in court following a sensational high court application launched by local "value brand" producer Carnilinx for alleged "corporate espionage". 

In the application, Carnilinx director Kyle Phillips claimed BAT paid Pretoria attorney Belinda Walter for commercially sensitive information she obtained while "infiltrating " the company and the FairTrade Independent Tobacco Association (Fita) in 2012 and 2013. If this goes to trial, these spy claims could be extremely damaging for BAT, which is based in London and is the largest company listed on the JSE Securities Exchange, worth R1.26-trillion.

"BAT has used unlawful means to interfere in the business of the applicant. It has paid [Walter] monies to spy [on Carnilinx]," Mr Phillips claimed. (more)

Start Protecting Your Trade Secrets - Yes, You Have Trade Secrets

Every company has information, business methods or techniques or a unique service delivery model that has competitive value worth protecting. Some information, processes and techniques may benefit from patent, trademark or copyright protection, but there is a much broader universe of your company's R&D, business analysis and process improvement that is potentially protectable as a trade secret.

The first step in securing that protection is to identify your trade secrets. Once trade secrets have been identified, you can then design documents and procedures to maximize the available protections and to preserve the value of your business. 

Protectable trade secrets may be found in many aspects of your business. Common examples could include your marketing strategies, key analysis of your customers' purchasing habits and preferences, proprietary statistical models and the terms of your strategic alliances with business partners. 

Less obvious, but no less important, examples could include an innovative risk management strategy, unique processes to continuously evaluate and improve the delivery of your products and services, or methodologies to assist in evaluating and responding to RFPs. (more)

Before you discuss all these things, make sure the room is not bugged. The folks at counterespionage.com can help.

Saturday, August 30, 2014

Green Group Suggested Video Cameras to Spy on Farmer

An environmental group that stands accused of overstepping its inspection authority and trespassing across a Virginia farm also tried to have video cameras installed to monitor the property. 

An officer of the Piedmont Environmental Council proposed that one of that group’s board members “runs a security company and could offer the use of security cameras to record visitors,” according to documents examined by The Daily Signal. 

Documents obtained by The Daily Signal show the environmental group sought not only to monitor Liberty Farm through increasingly invasive inspections but also to install the video cameras to monitor visitors.

However, the Virginia Outdoors Foundation, a quasi-state agency created by the state legislature to preserve open space, would not go along. (more)

John Walker Jr., spy. Dead at 77.

John Walker Jr., a former American sailor convicted during the Cold War of leading a family spy ring for the Soviet Union, has died in a prison hospital in North Carolina, officials said Friday. (more)

Saturday, August 23, 2014

Oil Ministry to Install Cameras in Sensitive Locations to Guard Against Espionage

India - A lower-level functionary of the oil ministry, keen to deliver a copy of a file to a corporate (mole), made a fatal mistake while photocopying the paper: he forgot to remove the original document from the photocopier. This created a stir when an attendant spotted the paper while dusting the machine next morning. 

The fate of the corporate mole is not clear but incidents such as these have resulted in the oil ministry moving rapidly to install surveillance cameras in sensitive locations to guard against espionage...

The surveillance system is intended to deter such moles or catch them red-handed. "The idea is to keep corporate lobbyists at bay. Cameras will be installed in sensitive locations of Shastri Bhawan," an oil ministry source said. (more)

Video Review of the Spy Gear Undercover Spy Cam Phone

A $30.00 toy with some interesting possibilities...

How Anyone Can Turn Your Computer Into a Bugging Device

by Null Byte...
Now that nearly everyone and everyplace has a computer, you can use those remote computers for some good old "cloak and dagger" spying. No longer is spying something that only the CIA, NSA, KGB, and other intelligence agencies can do—you can learn to spy, too.

In this brand new series, we will explore how we can use the ubiquity of the computer to peek in on just about anyone and anyplace. Unlike the spy movies of yesteryear where the spy had to place a listening device in the lamp or in a houseplant, as long as there is a computer in the room, it can be used as a "bug."

We will examine how to turn that commonplace computer into our own bug to listen in on conversations, use as a spy camera, track Internet searches, and more.
James Bond and Q have nothing on us!

In this first part, I will show you how to convert any computer, anywhere, into a listening device. As nearly every room now has a computer in it, you can put a bug in nearly every room, unnoticed and undetected. (more)


Tips: 
• Don't open any Word or Excel files from anyone who might want to bug you. 
• Reboot your computer often.

Business Espionage: Corporations Spy on Nonprofits With Impunity

by Ralph Nader...
Here's a dirty little secret you won't see in the daily papers: Corporations conduct espionage against U.S. nonprofit organizations without fear of being brought to justice.

Yes, that means using a great array of spycraft and snoopery, including planned electronic surveillance, wiretapping, information warfare, infiltration, dumpster diving and so much more.

The evidence abounds.

For example, six years ago, based on extensive documentary evidence, James Ridgeway reported in Mother Jones on a major corporate espionage scheme by Dow Chemical focused on Greenpeace and other environmental and food activists...

This is hardly the only case of corporate espionage against nonprofits. Last year, my colleagues produced a report titled Spooky Business, which documented 27 sets of stories involving corporate espionage against nonprofits, activists and whistleblowers. Most of the stories occurred in the US, but some occurred in the UK, France and Ecuador. (more)

Friday, August 22, 2014

Denny’s Daily Zinger: Is a Thief Running Rampant in Your Office?

By Denny Hatch 

Julian Assange (Wikileaks), Edward Snowden  and Pfc. Chelsea (née Bradley) Manning became household names overnight. 

They downloaded U.S. Government secrets. Diplomatic relations, American politics and military secrets were seriously compromised.
How'd it happen? Up to 4 million peopleOpens in a new window—including 500,000 government contractors—hold Top Secret clearances.

That's how.

The Lions Gate Film Studios' $100 Million Theft
In late July at Lions Gate film studios, a perfect copy of the upcoming Sylvester Stallone  movie, "Expendables 3Opens in a new window," was stolen. The film cost an estimated $100 million to produce.

It was immediately offered free all over the Internet on such sites as KickassTorrents, or KAT, and The Pirate Bay, or TPB, and a slew more.

Millions of co-conspirators downloaded the film for private viewing resulting in a box office catastropheOpens in a new window when it opened in theaters.

Reuters headlineOpens in a new window
August 11, 2014:
U.S. judge orders websites to stop 'Expendables 3' film piracy
 Lotsa luck. 

Takeaways to Consider  
  • In your organization, who has the equivalent of Top Secret clearance?
  • Who has keys to your digital vault and access to the most sensitive R&D?
  • Does a system exist whereby every time a major asset is in transit-not in its usual place-it can be tracked by user?
  • Should you monitor employees' email to see who in your organization may be feeling underpaid or contemplating retribution?
  • Two-thirds of companies monitor employees' InternetOpens in a new window use and "almost 33 percentOpens in a new window of 140 North American businesses nationwide conduct regular audits of outbound email content."
  • Your future could depend on it.
Denny Hatch 's new book is "Write Everything Right!" Drayton Bird writes, "Just had to say again how bloody good this is. Who else could tell me in one book how to write a resume, which words irritate people and how to review a film? (Sent from my iPhone)." Click here to download (Opens as a PDF) and read the first three chapters FREE. The title is also available on KindleOpens in a new window. Reach Denny at dennyhatch@yahoo.com.Opens in a new window

Friday, August 15, 2014

The 1-Click Conference Call Trick - Ease or Espionage?

from the website...
"We made CCALL because it’s a pain in the axx to enter conference codes from a mobile phone. If you've ever had a calendar invite with a long conference ID and scribbled it on the back of your hand to avoid jumping between the email, your calendar and your phone app then you understand why we did this."

Question: Do you think this a clever public service, or a clever social engineering eavesdropping / espionage trick? Doesn't matter. I know what I am telling my clients.

Wednesday, August 13, 2014

Need a Reason to Buy an iPhone?

Spies hate iPhones...
The secrets of one of the world’s most prominent surveillance companies, Gamma Group, spilled onto the Internet last week, courtesy of an anonymous leaker who appears to have gained access to sensitive corporate documents. And while they provide illuminating details about the capabilities of Gamma’s many spy tools, perhaps the most surprising revelation is about something the company struggles to do: It can’t easily hack into your typical iPhone. (more)

Saturday, August 9, 2014

The NSA is Inventive - Just Look at Their Patents

What do a voice identifier, an automated translator, a "tamper-indicating" document tube, and a supersecure manhole cover have in common? They're all technologies for which the secretive National Security Agency (NSA) has been granted patents by the U.S. government, giving the agency the exclusive rights to its inventions.

The four technologies represent a tiny fraction of the more than 270 sleuthy devices, methods, and designs for which the nation's biggest intelligence agency has been granted a patent since 1979, the earliest year for which public figures are available. As the patent holder, the NSA can license the particular technology -- for a fee -- to anyone who wants to use it, so long as the patent hasn't expired.

The NSA's cryptologists and computer scientists have been busy over the years inventing methods of encrypting data, analyzing voice recordings, transferring digital files, and removing distortion from intercepted communications -- all things you'd expect from the world's largest and most sophisticated eavesdropping agency. And the digital spooks have patented gadgets straight out of a James Bond flick, such as tamper-indicating envelopes and finely tuned radio antennas. (more) (The List)

More Bad Publicity About USB Security

Cyber-security experts have dramatically called into question the safety and security of using USB to connect devices to computers.

Berlin-based researchers Karsten Nohl and Jakob Lell demonstrated how any USB device could be used to infect a computer without the user's knowledge.

The duo said there is no practical way to defend against the vulnerability.

The body responsible for the USB standard said manufacturers could build in extra security.

But Mr Nohl and Mr Lell said the technology was "critically flawed". (more with videos)

Friday, August 8, 2014

China, Sex, Spycams and PIs... A Cautionary Tale

(June) A covert sex tape involving a senior executive and his Chinese lover was the trigger for a major investigation into corruption at British drugs giant GlaxoSmith-Kline...

The video of married Mark Reilly and his girlfriend was filmed by secret camera and emailed anonymously to board members of the pharmaceutical firm.

It led to an investigation that has rocked the £76billion company... (more)

(Yesterday) A British private investigator (PI) has been sentenced to two and a half years in jail by a Chinese court after becoming embroiled in a sex and whistleblowing scandal at the drug firm GlaxoSmithKline.

Peter Humphrey, 58, was also fined 200,000 yuan (£19,300), and his wife, Yu Yingzeng – a naturalised American citizen – was sentenced to two years and fined 150,000 yuan in the first case of its kind involving foreigners in China...

GSK had hired them to investigate why the company's then head of China operations, Mark Reilly, had been filmed surreptitiously having sex with his Chinese girlfriend in his guarded luxury home. (more)

Money Saving Spy Tips
1. No area you think is private is private until a competent TSCM team says so.
2. The "girlfriend" spy is an old trick.
3. Bugs, taps and spycams are old spy tricks. #3 used with #2 will cost you.
4. Executives: beware of #2, check for #3 frequently.
5. PIs, working in China has its risks.
6. Blackmail works, especially when state sponsored.
7. Proactive TSCM is far cheaper than a mess like this.

The Ford Motors Bugging Case - FBI Continues Investigation

The FBI has taken a computer disk and internal Ford e-mails in a continuing investigation of a former employee who was fired in June after the company found recording devices she had hidden in a building on its Dearborn, Mich., world headquarters campus.

Ford fired Sharon Leach, 43, a mechanical staff engineer who worked at Ford for 16 years, in late June after company security personnel saw her leave and return to the same conference room on multiple occasions. She told them she was recording conference meetings using the bugs...

According to court records, the FBI seized eight listening devices from Ford headquarters on July 11. It earlier had seized more than two dozen items from Leach's Wyandotte, Mich., home weeks earlier, including bank statements, tax records, a buy.com shipping bag, a Post-It note with numbers and a key chain with keys labeled "do not duplicate." (more)

Free Tip: Recover Files Locked by Cryptolocker Ransomware

If your computer files have been (or will be) held for ransom by Cryptolocker, bookmark this site... https://decryptcryptolocker.com/

FireEye and Fox-IT have partnered to provide free keys designed to unlock systems infected by CryptoLocker.

These folks will analyze one of your locked files and send you the decode key, FREE.

Thursday, August 7, 2014

Coming Soon - The "Pssst. Don't go walking there alone" App

SketchFactor is a navigation app that shows the relative sketchiness of an area. It's focused on improving city exploration on foot. SketchFactor empowers users to report sketchy experiences, read sketchy incidents, and get directions to where they need to go in the least sketchy way possible.

What does sketchy mean?
Sketchy means a number of different things. To you, it may mean dangerous. To someone else, it may mean weird.
 

What can I report?
You can report any sketchy incident you see fit. (more)


FutureWatch: If this gains traction, like Yelp, it will become a whole lot more than just a personal app. Police, criminologists, city planners, security consultants, taxi cab companies and more will find use for the data this generates. Imagine a real-time SketchFactor overlay for Google maps.

FBI Citizens Academy - Hey, corporate America, turn around and pay attention.

“The top secret, government, political secrets, all that top secret stuff that you kind of think about spies, probably less than 10% of what they are trying to go after.” 

FBI experts say that 90% of what they go after, is industrial and trade secret espionage, and the target: students and executives from companies traveling abroad carrying trade secrets from their research and development at universities and companies.. And it's highly sought after.

“Every company, your research and development, it’s your next product down the road, and if I can steal that information and beat you to the market it's going to be devastating for you as a company.” (more) (video)

Tuesday, August 5, 2014

Nixon Tapes Released for 40th Anniversary of Resignation

Forty years ago this Friday, Richard Nixon became the first and only president of the United States to resign from office. He signed his resignation agreement, boarded a helicopter for San Clemente, Calif., and largely retreated into the shadows of history.

A decade later, he sat down with former White House aide Frank Gannon to share his own account of his final days in the Oval Office. Segments culled from those 30 hours of interviews were aired publicly just once, on CBS News. This week, The Richard Nixon Foundation and the Richard Nixon Presidential Library and Museum are releasing a series of clips of those interviews in commemoration of the 40th anniversary of the resignation.

In the first installments of the video series entitled “A President Resigns,” the disgraced president recalls learning that the infamous tape that became known as “the smoking gun” had been released. The tape revealed that Nixon had been aware of the break-in at the Watergate, despite his repeated denials. (more)

Monday, August 4, 2014

FutureWatch: Eavesdropping on Potato Chip Bags... You may be next.

Researchers at MIT, Microsoft, and Adobe have developed an algorithm that can reconstruct an audio signal by analyzing minute vibrations of objects depicted in video. In one set of experiments, they were able to recover intelligible speech from the vibrations of a potato-chip bag photographed from 15 feet away through soundproof glass.

In other experiments, they extracted useful audio signals from videos of aluminum foil, the surface of a glass of water, and even the leaves of a potted plant. The researchers will present their findings in a paper at this year’s Siggraph, the premier computer graphics conference.


 

“When sound hits an object, it causes the object to vibrate,” says Abe Davis, a graduate student in electrical engineering and computer science at MIT and first author on the new paper. “The motion of this vibration creates a very subtle visual signal that’s usually invisible to the naked eye. People didn’t realize that this information was there.” (more)

Spy Tradecraft FutureWatch - 3-D Room Scan Mapping

Despite the promise of Google's Movidius-equipped Project Tango, there are still no depth-sensing, SLR-stomping smartphones on the market. But Movidius thinks that could change soon, thanks to its brand new chip: the Myriad 2 vision processor unit (VPU). 

"The Myriad 2 is going to provide more than 20x the power efficiency of the Myriad 1, and enable camera features that were not possible before in mobile devices," CEO Remi El-Ouazzane tells me. If you'll recall, Tango's original tech brought faster focus, improved depth of field, near-optical zooming and higher light sensitivity to smartphone cameras (and now, tablets).



It also let researchers scan a room in 3D to provide interior navigation, among other cool tricks. (more)

From a Security Scrapbook Blue Blaze Irregular...
So, letting uncleared persons into secure facilities just became even more stupid. With new processing chips, surreptitious video recording becomes even more dangerous. Movidius makes the chips. And Matterport makes the 3D modelling software. This is very cool but at the same time very disturbing. How many tradecraft applications will this have? Security managers should see, at least, the Matterport video.

USB - Unfixable Security Broken

It is well known that USB drives can be dangerous. Companies run strict screening policies and it has long been known that running unknown ‘exe’ files is a bad idea. But what if the threat was undetectable, unfixable and could be planted into any USB device be it a USB drive, keyboard, mouse, web camera, printer, even smartphone or tablet? Well this nightmare scenario just became reality.

The findings will be laid out in a presentation next week from security researchers Karsten Nohl and Jakob Lell who claim the security of USB devices is fundamentally broken. More to the point they said it has always been fundamentally broken, but the holes have only just been discovered.

BadUSB


To demonstrate this the researchers created malware called ‘BadUSB’. It can be installed on any USB device and take complete control over any PC to which it connects. This includes downloading and uploading files, tracking web history, adding infected software into installations and even controlling the keyboard so it can type commands.

“It can do whatever you can do with a keyboard, which is basically everything a computer does,” explains Nohl... (more)


The short-term solution to BadUSB isn’t a technical patch so much as a fundamental change in how we use USB gadgets. To avoid the attack, all you have to do is not connect your USB device to computers you don’t own or don’t have good reason to trust—and don’t plug untrusted USB devices into your own computer. ...or, treat USB sticks the same way you would hypodermic needles. (more)

Android Warning - Don't Click SMS Links Without Thinking First

A virus known as 'Andr/SlfMite-A' has been recently discovered that is spreading throughout the Android world through text messages (SMS)...
 
Andr/SlfMite-A virus sends SMSs, which includes a malicious link. If you unknowingly click on the embedded link within the SMS, then the virus easily get installed on your phone. Once the virus is downloaded onto your phone, it secretly sends text messages with malicious link to the first 20 contacts from your contact list. 


These self-replicating 'worms' send SMSs to your contact list, thus playing with the trust that the receiver has in you. Just because the person from your contact thinks that the message is from you and hence is a genuine text message, they might just get tricked into clicking the link and unknowingly allow the virus to get installed onto their phone. (more)

PI Tip #251 - Clean Up Your Crummy Surveillance Videos - FREE

VideoCleaner is FREE professional open-source video enhancement software. With VideoCleaner, you can brighten poorly lit scenes, increase detail clarity, correct the viewing perspective, reverse lens distortion, repairs VHS recordings, improve color contrast, isolate channels, and so much more.

VideoCleaner makes faint movements, distant traffic signal color changes, and small details obvious. You can annotate on-screen with text and highlighting, correct playback speed, provide sweeping or adjacent before-after views, and extract stills.

Being open-source means that you can customize VideoCleaner to fit your needs and delve deep into the science. Everything is free, even the support.
VideoCleaner is free without any purchase price, support or update fees. You are welcome to use VideoCleaner and its components for any legal purpose, personal or commercial, without any requirements or obligations beyond the open-source General Public License (GPL) of its components. You are free to redistribute this software in accordance with its associated GPL. (more)

Wealth Managers Enlist Spy Tools to Map Portfolios

Some of the engineers who used to help the Central Intelligence Agency solve problems have moved on to another challenge: determining the value of every conceivable investment in the world.

Five years ago, they started a company called Addepar, with the aim of providing clear and reliable information about the increasingly complex assets inside pensions, investment funds and family fortunes. In much the way spies diagram a communications network, Addepar filters and weighs the relationships among billions of dollars of holdings to figure out whether a portfolio is about to crash. (more)