Friday, August 10, 2018

Corporate Espionage: GM Skunks Ford

When you think of corporate espionage, you think of documents exchanging hands in dark parking garages, or hackers breaking into company mainframes. But GM is better than all that, and instead opted to walk in the front door in their attempts to best the Ford F-150, the best-selling truck in America. That meant GM engineers joining public factory tours of Ford’s Dearborn plant.

The engineers studied Ford’s production methods and said, yeah, we can do better. ... armed with stopwatches and trained eyes, the GM engineers believed they saw problems.

“They had a real hard time getting those doors to fit,” Tim Herrick, the executive chief engineer for GM truck programs told Reuters. His team did more intelligence gathering. They bought and tore apart Ford F-series doors sold as repair parts. Their conclusion... more

The idea of giving plant tours ended years ago, just for this reason. It has been 32 years since you could watch a freakin' corn flake being made. If you give plant tours, STOP. ~Kevin

1986 - "They have stopped the public tours at the Kellogg Company...
The company says it had no choice. Spies from rival manufacturers were sneaking in with the tourists, it said. In fact, according to Joseph M. Stewart, a vice president, engineers from a foreign competitor took the tour 20 times before setting up a rival manufacturing operation." more

Eavesdropping and Wiretapping History

In July 1956, the Pennsylvania Bar Association Endowment (PBAE) commissioned a comprehensive study of "wiretapping practices, laws, devices, and techniques" in the United States. At the time, Pennsylvania was one of several jurisdictions in the country without a statute regulating eavesdropping. Members of the PBAE's Board believed that a nationwide fact-finding mission had the potential to help state lawmakers establish effective policies for police agencies and private citizens. The man appointed to direct the study was Samuel Dash, a prominent Philadelphia prosecutor whose stint as the city's District Attorney had given him a first-hand look at eavesdropping abuses on both sides of the law. Two decades later, while serving as Chief Counsel of the Senate Watergate Committee, Dash would see many of those abuses come full circle...

The result of Dash's efforts was The Eavesdroppers, a 483-page report co-authored with Knowlton and Schwartz.  Rutgers University Press published it as a standalone volume in 1959.   The book uncovered a wide range of privacy infringements on the part of state authorities and private citizens, a much bigger story than the PBAE had anticipated. more (long, in-depth and very interesting) 

Thursday, August 9, 2018

TSCM is Technical Surveillance Countermeasures - Beware of Imitations

TSCM from the Yellow Pages.

TSCM from IBM.

TSCM live from New York.

TSCM from the International Association of Professional Security Consultants (, or here.

Facial Recognition Technology – Not Ready for PRIME Time’s facial recognition tools incorrectly identified Rep. John Lewis (D-Ga.) and 27 other members of Congress as people arrested for a crime during a test commissioned by the American Civil Liberties Union of Northern California, the watchdog said Thursday...Amazon’s so-called Rekognition technology — already in use at law-enforcement agencies in Oregon and Orlando — is hampered by inaccuracies... more

Security Scrapbook Flashback to 2008.

Wednesday, August 8, 2018

Cree CEO: 'All technology companies' face espionage

Cree CEO Gregg Lowe said Tuesday that “all technology companies face the same thing” when it comes to the need to protect trade secrets.

“Every day, they are making changes to help protect and secure their technology and I think we’re no different than anybody else,” he said at Triangle Business Journal's Power Breakfast at PNC Arena.

“I think all companies face these challenges. You’ve got technology, you’ve got capability and people want to come after it.

A former Cree employee, Coy Bell, is alleged to have stolen trade secrets worth millions by downloading classified files onto an SD card, according to a report. more

Samsung's Galaxy S7 Alert - Meltdown

Samsung's Galaxy S7 smartphones have a security flaw that could allow hackers to spy on tens of millions of users.

The smartphone, owned by more than 30 million people, contains a compromised microchip which would enable cybercriminals to exploit a flaw called Meltdown.

Meltdown was uncovered earlier this year and only affects chips designed by Intel. It is believed to have existed in devices dating back 20 years, but was disclosed to chip makers Intel, ARM and AMD in 2017.

Potentially, it could allow hackers to bypass the barrier in hardware between applications and a computer’s memory, allowing them to steal passwords. more

Dearest, I am formerly Spy Chief of Nigeria and need your assistance to move...

Nigeria's head of the intelligence service has been fired after security services staged a brief "takeover" of parliament in the capital Abuja, at a time when President Muhammadu Buhari is out of the country.

Hooded armed men from the police and Department of State Service (DSS) blocked access to the two chambers - the Senate and House of Representatives - on Tuesday morning, preventing lawmakers, workers, journalists and other visitors from entering. more

The War Against Tiny Spy Cameras in South Korea - TSCM Police Activity

In response to a growing outcry, teams organized by the police have sprung into action. Armed with infrared scanners that can spot a lens and devices that detect electrical charges, they spend hours hunting for cameras* installed by peeping Toms in changing rooms and public bathrooms...

Although concerns about spy cams and illicit filming are far from new in South Korea — the activity was dubbed “molka” years ago — the problem appears to be growing. The number of suspected perpetrators identified by police rose from 1,354 in 2011 to 5,363 in 2017; more than 95 percent were men... 

Police identified more than 26,000 victims of illicit filming between 2012 and 2016, over 80 percent of them female. But many never find out they are victims: The real number “would be 10 times higher than the police figure” if the full extent were known, said Oh Yoon-sung, a criminology professor at Soon­chunhyang University... more

* 20% off.

Tuesday, August 7, 2018

Anatomy of a Bankruptcy

CA - The Gardena-based parent company of the retail chains Fallas and Anna’s Linens said Monday it filed for bankruptcy reorganization and plans to close 74 of its 344 stores. National Stores Inc., a family-owned firm, operates in 22 states and Puerto Rico...

National Stores said the bankruptcy filing was due to certain under-performing stores and severe weather in various regions that hurt sales.

In addition, the company suffered a data breach in the second half of last year in which some customers’ payment-card information was exposed at dozens of stores, and as a result “access to operating funds diminished” for the company, National Stores said. more

Three reasons for the failure, in the order stated:
  1. Under-performing stores.
  2. Severe weather.
  3. Data breach diminished operating funds.
Number One is manageable. 
Number Two is vague. 
Number Three is a killer.
The list should be reversed, to show order of importance order.

Takeaway... Information security (from IT to TSCM) can make or break any business.

Sunday, August 5, 2018

This Week in Spy News

US - The July arrest and indictment of Maria Butina, a 29-year-old Russian woman accused of being a spy, sent shockwaves through Washington and left the political world wondering where she had come from. Her Instagram page showed a glimpse of what her life looked like in Russia while she was allegedly "laying the groundwork" to move to the United States and conduct high-level espionage on behalf of the Russian government. more

UK- SPY chiefs are to develop futuristic technology that will predict when and where terrorist attacks will take place. They are pumping millions into a project called “Unblinking Eye” to identify and keep watch on people who pose a security threat. A new cutting-edge system will monitor and analyse human behaviour and help security services act before an outrage is committed. It mirrors the sci-fi movie Minority Report, starring Tom Cruise, where cops use psychic technology to arrest murderers before they strike. more

US - A suspected Russian spy was employed for more than a decade at the US Embassy in Moscow before being fired last year, a senior administration official tells CNN. The woman, a Russian national, worked for the US Secret Service for years before she came under suspicion during one of the State Department regional security office's routine security reviews in 2016, the official said. The security office found the woman was having regular, unauthorized meetings with the Russian intelligence service, the FSB. more

US - Sen. Dianne Feinstein’s office was infiltrated by a Chinese spy who worked as her driver and attended official functions on her behalf for 20 years, according to new reports from Politico and The San Francisco Chronicle.

USB Memory Security - Hand GrenadeUS - An engineer employed by General Electric Co. was arrested by the FBI and charged with using sophisticated techniques to steal digital files on the company's turbine technology to benefit his interest in Chinese companies that compete with GE... The federal criminal complaint says that in 2014, Zheng "downloaded more than 19,000 files from GE's computer network onto an external storage device, believed by GE investigators to have been a personal thumb drive." Federal authorities said that Zheng is a U.S. citizen and also holds citizenship in China. more

S. Korea - The country is in the grip of what's been described as a spy camera epidemic. Hidden cameras capture women - and sometimes men - undressing, going to the toilet, or even in changing rooms in clothing stores, gyms and swimming pools. The videos are posted online on pop-up pornography sites. Activists in Seoul now warn that unless more is done to prevent it, this type of crime is likely to spread to other countries and will prove difficult to stop. more (Too late. It already has.)

US - A local handyman has been charged with spying on his customers’ personal lives by installing hidden cameras in homes where he had done work. Alton police arrested Peter Mugford and charged him with five felony counts of unlawful wiretapping, two counts of burglary, violation of privacy, and stalking... Mugford allegedly used his profession as a contractor/handyman to get access to client homes and place hidden cameras in bedrooms, bathrooms, and other private areas of the home. Mugford would then return to the homes without the owners knowledge or consent to retrieve cameras and footage. more

...and The Hollywood Reports submits its Top 10 Best Spy Comedies list. See if you concur. My pick for #1 is Top Secret.

A Spycam Backlash in South Korea

South Korea - Thousands of women wearing red shirts endured the suffocating heat... to protest against the illegal filming of women...

According to South Korean police, a total of 5,363 hidden camera crimes occurred last year*, and similar crimes are still occurring.

Last month, a high school boy was caught filming in a girl’s restroom. Separately, a man in his 30s who sold 2,845 videos illegally filmed in public restrooms was caught as well...

Hidden camera cases coming up over and over again has forced women to become more cautious about using public restrooms. They have come up with ways to spot hidden cameras, such as filling in any holes they find in restrooms and turning off all the lights in bathrooms to check for camera lights.

The organizers, who asked reporters not to ask demonstrators any questions, let their chants and pickets do the talking.
The first protest of the "Inconvenient Courage" kicked off in May, drawing more than 10,000 protestors. And the second and third protests drew another 15,000 and 18,000, respectively.

Saturday's protests, according to the organizers, nearly quadrupled those numbers. more

* This is only the discovered and reported incidents. Most are never discovered.

Tuesday, July 31, 2018

Corporate Espionage Alert: Deep Portrait Videos – Not Just a Government Problem

The bad actors have stepped up their game with perhaps the most potentially devastating cyber ruse of all – the high-tech “Deepfake” videos...

Deepfake videos are the residue of new internet technology that supplies almost anyone the ability to alter reality so that subjects can be manipulated to say anything the hacker wants, from the ludicrous and inflammatory to the downright incriminating...appears so real it is almost impossible to spot the bogus video.

The potential security impact of these altered videos has both the federal government and the U.S. Intelligence community on high alert...

“This started several years ago with fake videos and then it turned into Deepfake videos and it’s currently progressing to deep portrait videos,” says Bob Anderson, who is a Principal in The Chertoff Group’s global Strategic Advisory Services and a former national security executive and former Executive Assistant Director with the FBI...

“This is a potentially huge national security threat for a variety of reasons. Picture telecommunication calls or video conference calls that an adversary could potentially interject a fake deep portrait video of a three-star general or CEO of a company directing members of that company or organization to partake in potential detrimental national security or criminal actions,” Anderson says. “Nation-states like Russia, China and Iran could potentially utilize this technology for a variety of counterintelligence, corporate espionage, economic espionage and political influence campaigns across the United States.” more

Monday, July 30, 2018

More Security Cameras Vulnerable to Spying

A popular wireless security camera designed to safeguard businesses and homes was vulnerable to a spying hack.

The flaw meant it was possible to hijack video and audio streamed from other people's properties by making a minor tweak to Swann Security's app.

Researchers found the problem after the BBC reported a case where one customer had received another's recordings.

Australia-based Swann and OzVision - the Israeli provider of its cloud tech - said the issue had now been fixed.

Swann said that the vulnerability had been limited to one model - the SWWHD-Intcam, also known as the Swann Smart Security Camera - which first went on sale in October 2017. Retailers including Maplin, Currys, Debenhams, Walmart and Amazon have sold them.

However, there are concerns that other companies' cameras supported by OzVision could have problems. more

It is argued that the company offers cloud service to around three million smart cameras and users rely upon its app to connect to their IoT devices, and if anyone can gain access to live stream then all the smart cameras stand at risk. These include the Flir FX smart camera and other brands apart from Swann. The problem lies in the tunnel protocol that is responsible for verifying is a particular viewer is authorized to access the live stream or not.  more

Saturday, July 28, 2018

Dad Charged With Felony Eavesdropping - Phone Ownership Irrelevant

MI - An Antrim County man faces two felony charges after authorities said he recorded conversations between his ex-wife and his 12-year-old daughter for nearly three years...

Carlson, who has custody of his daughter ... had been using a Voice Over Internet Protocol (VOIP) setting to record all telephone calls associated with his cellphone number, according to a report from the Michigan State Police.

Investigators contend Carlson let his daughter use the phone so she could talk to her mother, Kellie Poehner, who lives in Genesee County, but did not inform Poehner or his daughter that he was recording the calls, nor did he ask for their consent. Both believed the conversations were private, the report said.

Carlson is suspected of emailing some of the recordings in March to John Poehner, who is married to Kellie Poehner. That alleged action prompted an investigation that led to the distribution and dissemination charge... more

Friday, July 27, 2018

Silicon Valley – Den of Spies

Foreign spies have been showing up uninvited, to San Francisco and Silicon Valley for a very long time.

According to former U.S. intelligence officials, that’s true today more than ever. In fact, they warn—especially because of increasing Russian and Chinese aggressiveness, and the local concentration of world-leading science and technology firms—there’s a full-on epidemic of espionage on the West Coast right now. And even more worrisome, many of its targets are unprepared to deal with the growing threat.

Unlike on the East Coast, foreign intel operations here aren’t as focused on the hunt for diplomatic secrets, political intelligence or war plans. The open, experimental, cosmopolitan work and business culture of Silicon Valley in particular has encouraged a newer, “softer,” “nontraditional” type of espionage, said former intelligence officials—efforts that mostly target trade secrets and technology.

“It’s a very subtle form of intelligence collection that is more business connected and oriented,” one told me. But this economic espionage is also ubiquitous. Spies “are very much part of the everyday environment” here, said this person. Another former intelligence official told me that, at one point recently, a full 20 percent of all the FBI’s active counterintelligence-related intellectual property cases had originated in the Bay Area. (The FBI declined to comment for this story.) more

Auction: Some Remarkable Pieces of Telephone History

If you like old school gear that seems like it would kill you if you look at it wrong, well, we have an auction for you.
Click to Enlarge.

Auction Starts
Aug 4, 2018 11am EDT

The Telephone Pioneers of America was a group founded by various employees and bigwigs at telecom companies back in 1911. Alexander Graham Bell, the man Americans are often taught invented the telephone, was an early member.

At first, it was a way to create a community around the various people who pioneered the tech of telephony, then it shifted to a philanthropic mission. These days, it functions as a network of volunteers that help out in their community. Along the way, the non-profit set up a bunch of little museums around the U.S. dedicated to preserving old equipment and ephemera related to the history of the telephone.

Now, two of those branches are closing and you can buy their goods in an auction online or IRL on August 4th. Bruneau & Co, an auction house based in Cranston, Rhode Island, will handle the bidding. more

How Not to Write Your Name Electronically on Your Hotel Room Door

Reprint of LinkedIn post by Brian Creter...
"At my hotel last week in Los Angeles, I walked up and down my hallway and was able to identify multiple hotel guests who used their full and very unique legal names on their phones, which shows on personal wifi hotspots (see below). 
This is essentially like writing your name on a stickie and putting on your hotel door, or wearing a name tag while sitting in the airport. Range is typically 25 to 50 ft. so you can usually narrow down to one of several rooms. 
Go to Settings > General > About > Name OR change in iTunes. Also, remove any info that identifies the device (i.e. iPhone, iPad, etc.)."

Thursday, July 26, 2018

The Telephone Unmasked - The New York Times - October 13, 1877

The Telephone Unmasked

Published:  October 13, 1877

It is time that the atrocious nature of the telephone should be fully exposed, and its inventors, of whom there are any quantity, held up to execration.

When this nefarious instrument was first introduced, it was pretended that its purpose was an innocent one. We were told that the telephone would enable a man in New-York to hear what a man in Philadelphia might say; and though it was difficult to understand why anybody should ever want to listen to a Philadelphian’s remarks - which, notoriously, consist exclusively of allusions to the Centennial Exhibition and an alleged line of American steam-ships - there was nothing necessarily immoral in this possible use of the telephone.

Then it was claimed that by means of the telephone conversations could be carried on with other than Philadelphians, and that political speeches delivered in Washington could be heard in any city of the continent.

As the President was at that time making speeches in Vermont instead of Washington, the public was not alarmed by this announcement, and it was not until the telephonic conspirators mentioned that the uproar of a brass-band could be transmitted to any distance through the telephone that any general feeling of uneasiness was developed.

Nevertheless, the vast capabilities for mischief of the telephone, and the real purpose of its unprincipled inventors have been studiously concealed, and it is only by accident that the greatness and imminence of the danger to which the public is exposed have suddenly been revealed.

Suspicion ought to have been awakened by the recent publication of the fact that if the lamp-posts of our City were to be connected by wires, every confidential remark made to a lamp-post by a belated Democratic statesman could be reproduced by a telephone connected with any other lamp-post. It is true that this publication was ostensibly made in the interest of the Police force, and it was recommended that patrolmen should use the lamp-posts as means of communication with Police Head-quarters. It was evident, however, that the result would be to make every lamp-post a spy upon midnight wayfarers.

Men who had trusted to friendly lamp-posts for years, and embraced them with the upmost confidence in their silence and discretion, would find themselves shamelessly betrayed and their unsuspecting soliloquies literally reported to their indignant families; strange to say this suggestive hint of the powers of the telephone attracted no attention, and has ere this been in all probability forgotten.

A series of incidents which has lately occurred in Providence has, however, clearly shown the frightful capabilities of the telephone. Two men, to whom, so far as is known, no improper motive can be attributed, were recently experimenting with a telephone, the wire of which was stretched over the roofs of innumerable buildings, and was estimated to be fully four miles in length. They relate that on the first evening of their telephonic dissipation they heard men and women singing songs and eloquent clergymen preaching ponderous sermons; and that they detected several persons in the act of practicing upon brass instruments. This sort of thing was repeating every evening, while on Sunday morning a perfect deluge of partially conglomerated sermons rolled in upon them.

These are the main facts mentioned by the two men in what may be called their official report of their experiments, but it is asserted that they heard other things which they did not venture to openly repeat.

The remarks of thousands of midnight cats were borne to their listening ears. The confidential conversations of hundreds of husbands and wives were whispered through the treacherous telephone, and though the remarks of Mr. and Mrs. Smith were sometimes inextricably entangled with those of Mr. and Mrs Brown, and it was frequently impossible to tell from which particular wife came the direful threat, “O! I’ll just let you know,” or from what strong husband in his agony came the cry, “Leggo that hair!” the two astonished telephone experimenters learned enough of the secrets of the leading families of Providence to render it a hazardous matter for any resident of that city to hereafter accept a nomination for any office.

Now is has been ascertained that the wire of this telephone was not in contact with any other wire, and thus the hypothesis that the sounds heard by the two men were messages in process of transmission by the usual telegraphic wires is untenable. Moreover, a little reflection will show that cats do not send telegraphic messages, and that leading citizens do not transmit by telegraph petitions to their wives advocating a policy of conciliation in respect to hair.

The scientific persons whom the two men have consulted have no hesitation in saying that the telephonic wire picked up all the sounds in its neighborhood by the process of induction.

When the wire passed over a church, it took up the waves of sound set in motion by the preacher and reproduced them on the telephone. In like manner it collected the sounds from the concert-halls and dwelling-houses over the roofs of which it passed, and the peculiar distinctness with which is transmitted the remarks of cats was due to the fact that it must have passed in close proximity to several popular feline resorts.

We can now comprehend the danger of the telephone. If any telephonic miscreant connects a telephone with one of the countless telegraphic wires that pass over the roofs of the City there will be an immediate end of all privacy. Whatever is said in the back piazza by youthful students of the satellites of Mars will be proclaimed by way of the house-top to the eavesdropping telephone operator. No matter to what extent a man may close his doors and windows, and hermetically seal his key-holes and furnace-registers with towels and blankets, whatever he may say, either to himself or a companion, will be overhead.

Absolute silence will be our only safety. Conversation will be carried on exclusively in writing and courtship will be conducted by the use of a system of ingenious symbols. An invention which thus mentally makes silence the sole condition of safety cannot be too severely denounced, and while violence even in self-defense, is always to be deprecated, there can be but little doubt that the death of the inventors and manufacturers of the telephone would do much toward creating that feeling of confidence which financiers tell us must precede any revival of business.

Trust No One, or Life-locked

via Kreb's on Security...
Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers. 

The company just fixed a vulnerability on its site that allowed anyone with a Web browser to index email addresses associated with millions of customer accounts, or to unsubscribe users from all communications from the company.

The upshot of this weakness is that cyber criminals could harvest the data and use it in targeted phishing campaigns that spoof LifeLock’s brand. more

If you use LifeLock carefully check future emails using their name before clicking on anything. Also, check occasionally to make sure you haven't been unsubscribed. ~Kevin

Sunday, July 22, 2018

Richard Simmons: P.I. Who Allegedly Planted Bugging Device Charged

The private investigator who allegedly planted a tracking device on Richard Simmons' car has been charged with a crime.

Scott Brian Matthews was charged with 2 counts of the crime of unlawfully using a tracking device.

Prosecutors say Matthews planted the device on the car Richard bought for his housekeeper, Teresa Reveles. They say he planted it so he could shadow Simmons and see if he was going to doctors or hospitals. more

A New Type Of Inductor - Last Barrier To Ultra-Miniaturized Electronics Is Broken

For those keeping an eye on the future of electronic surveillance, this is really interesting news. Others may find the story a bit technical and dry. ~Kevin

In the race for ever-improving technology, there are two related technical capabilities that drive our world forward: speed and size...

But at the same time these advances have comes in leaps and bounds, one fundamental circuit element — the inductor — has had its design remain exactly the same...

The breakthrough... a phenomenon known as kinetic inductance...
Click to enlarge.
That’s where the work of Banerjee’s Nanoelectronics Research Lab and their collaborators comes in. By exploiting the phenomenon of kinetic inductance, they were able to, for the first time, demonstrate the effectiveness a fundamentally different kind of inductor that didn’t rely on Faraday’s magnetic inductance.

Instead of using conventional metal inductors, they used graphene — carbon bonded together into an ultra-hard, highly-conductive configuration that also has a large kinetic inductance — to make the highest inductance-density material ever created. more

High School Coach Caught Spying

An investigation by the Florida High School Athletic Association (FHSAA) and Sarasota County Schools, has led to more fallout for the Braden River High School Football Program.

...the district was alerted in May to alleged improper use of HUDL, a national online football management database where teams and players put their highlight reels and can playback games and review old plays.

Through an investigation, it was determined that there was an improper recruit account used to access video footage...

The Sarasota School District says that recruit account was tracked back to the coaching staff at Braden River High School. more

Thursday, July 19, 2018

Economic Espionage: Hackers X-Ray X-Rays and Other High-Tech Medical Devices

A mysterious hacking group has been spying on the healthcare sector by going as far to infect computers that control X-ray and MRI machines with malware.
Fortunately, sabotage and patient data collection doesn't appear to be a motive behind the hacking. The attackers were probably focused on corporate espionage and studying how the medical software onboard the computers worked, the security firm Symantec said on Monday.

Over the past three years, the hacking group Orangeworm has been secretly delivering the Windows-based malware to about 100 different organizations, said Jon DiMaggio, a security researcher at Symantec. He speculates this may have been done to learn how to pirate the medical software onboard. more

Spycam'er Arrainged on New Charges

An Idaho Falls man arrested in late June for reportedly hiding a camera in a teenage girl’s room was arraigned Friday on new charges.

Eric Kidman, 23, was charged with five counts of sexual exploitation of a child, in addition to the charge of sexual abuse of a child by making an electronic recording of a minor under 16. The charges come from a cache of child pornography discovered in a Dropbox account.

The 13-year-old victim from the original charge found a camera hidden in a plant in her room while she was watering it. Kidman initially denied hiding the camera but later admitted to police he had placed it in her room and destroyed the micro SD card to cover his tracks.

A video of the victim in her room from a different angle was discovered on his laptop. Another spy camera was delivered to Kidman’s address via the United States Postal Service on July 25, after Kidman had been arrested. more

Wednesday, July 18, 2018

Bed Bugger of Multiple Beds Arrested

TN - Metro police on Wednesday arrested a man after they say he used a baby monitor to spy on a female coworker in her Sylvan Heights home.

Christopher G. Neel, 35, is charged with wiretapping and aggravated burglary in connection with the incident involving a female victim, according to an arrest affidavit.

According to the affidavit, the woman found the baby monitor underneath her bed in her home in February and suspected Neel was the person who put it there.

The report states that when Neel was confronted by the woman he admitted he placed the monitor in her home. Neel, the affidavit continues, also told the woman that he entered her home after he watched someone enter the keycode to her front door at a party in November.

Police also reported Neel also placed a baby monitor in other co-workers' homes, and that when confronted by his co-workers in March he wrote letters to at least one of them apologizing for his actions. more

Liechtenstein Protects Geneva Airport Against IMSI Catchers

Telecom Liechtenstein (FL1) announced a contract to protect Geneva Airport against electronic eavesdropping and disruptions to mobile networks.

FL1 Overwatch is a service specifically designed to protect companies or information-sensitive individuals. The system reports any detected attempts at espionage directly to the Mobile Security Alarm Centre in Liechtenstein, which triggers alerts and countermeasures.

Specifically, so-called IMSI catchers (fake mobile communication base stations) or jamming transmitters can be identified, located and analyzed before countermeasures are taken...

By using FL1 services, Geneva is the first airport to offer its visitors full integrity of mobile networks in critical areas and can therefore ensure enhanced protection of mobile communications as well as mobile devices used by passengers, employees and security personnel against electronic attacks. more

Walmart Awarded Eavesdropping Patent

Walmart this week was awarded a US patent for a new listening system for its stores that could raise serious privacy concerns from its shoppers and workers.

According to the filing, the system would capture a variety of sounds in the store to figure out employees' performance and effectiveness at checkout.

For instance, the system can be used to capture beeps produced by a scanner and the rustling of bags at checkout to find out the number of items in a transaction or even the number of bags used.

More alarmingly, the patent mentions that the system could be used to listen to guests' conversations to determine the lengths of checkout lines.

"Additionally, the sound sensors can capture audio of conversations between guests and an employee stationed at the terminal," the patent states. "The system can process the audio of the conversation to determine whether the employee stationed at the terminal is greeting guests."

The new concept hasn't been implemented in Walmart stores and Walmart didn't say whether it ever will be. more

How Everyone (in the world) Could Vote in a U.S. Election

Remote-access software and modems on election equipment 'is the worst decision for security short of leaving ballot boxes on a Moscow street corner.'

The nation's top voting machine maker has admitted in a letter to a federal lawmaker that the company installed remote-access software on election-management systems it sold over a period of six years, raising questions about the security of those systems and the integrity of elections that were conducted with them. more

Older News (July 30, 2017)...
Several hackers reportedly managed to hack into multiple United States voting machines in a relatively short period—in some cases within minutes, and in other within a few hours—at Def Con cybersecurity conference held in Las Vegas this week.

Voting Machine Village provided 30 different pieces of voting equipment used in American elections in a room, which included Sequoia AVC Edge, ES&S iVotronic, AccuVote TSX, WinVote, and Diebold Expresspoll 4000 voting machines. more

Tuesday, July 17, 2018

Council President Accused of Planting Hidden Cameras in Borough Hall and Reaping Kickbacks

PA - Republican Mitchell, 75, of Fourth Street in Upland, is accused of orchestrating a $133,000 kickback scheme, which included allegations of planting hidden cameras in borough hall when he served as borough council president. In addition to felony theft, he is charged with ethics and wiretapping offenses...

Arrested along with Mitchell and charged with similar offenses was Thomas Willard of Downingtown, the owner of the Eddystone-based Logan Technology Solutions...

According to the charges, Mitchell and Willard received up to $133,000 in kickbacks for covert recording devices, cameras and security systems installed at inflated costs throughout borough buildings in Upland. Whelan previously said he believed Mitchell went to Willard with the idea for the scam.

According to invoices and bank records reviewed during the investigation, Willard and his company were paid almost $1 million between 2009 and 2015 for various security-related projects.

According to authorities, video and audio equipment were installed sometime in 2013. A covert camera system installed in Upland’s borough hall was being disguised as the motion sensors for the building’s alarm system. There were three cameras – one in the secretary’s office and two in borough council chambers- brought to the attention of law enforcement by then-Upland Mayor Michael Ciach. more

If You Live With a Housemate – Check for Spycams

IN - A 23-year-old man was arrested Thursday on a voyeurism charge.

On June 26, a woman saw a camera in her bathroom vent... then called Tippecanoe County sheriff's officers.

After investigating, the police concluded Di Fu, the woman's housemate, was responsible for the act.

Fu is charged with voyeurism using a camera or video device. He posted bond and was released from the Tippecanoe County Jail Thursday night.

The Purdue University directory lists Fu as a graduate research assistant at its biomedical engineering department. more

If you live with housemates you need to know how to check for spycams.

Nine Years After the First Smart TV Debuted Congress Goes "Hummmm"

Smart TVs are invading privacy and should be investigated, senators say

Two Democratic US senators have asked the Federal Trade Commission to investigate privacy problems related to Internet-connected televisions.

"Many Internet-connected smart TVs are equipped with sophisticated technologies that can track the content users are watching and then use that information to tailor and deliver targeted advertisements to consumers,"

Sens. Ed Markey (D-Mass.) and Richard Blumenthal (D-Conn.) wrote in a letter yesterday to FTC Chairman Joseph Simons. "Regrettably, smart TV users may not be aware of the extent to which their televisions are collecting sensitive information about their viewing habits." more

This is normal. Legislation generally lags new technologies by about ten years. ~Kevin

Friday, July 13, 2018

Hackers Selling Access to Law Firm Secrets

...a cybersecurity firm that specializes in monitoring the dark web, showed CNBC a forum post in Russian where the cybercriminal was offering access to a New York City law firm’s network and files, and was willing to send screenshots as evidence he had broken in.

The price for the access was $3,500...

“If you're a law firm that's involved in major transactions, [mergers & acquisitions] of publicly traded companies, you're going to have a lot of sensitive information, inside information before it becomes publicly available,” Dominitz said. “If I'm able to access that, I can trade around that and manipulate stocks and make a lot of money. more

Note: Hacking is only one method used to collect inside information. Close and lock the IT door, but don't leave your other doors and windows open. Engage the services of a Technical Information Security Consultant who also has TSCM expertise.

Thursday, July 12, 2018

New Jersey: Wiretap, Spycam & GPS Tracking Laws

This is an excellent article covering phone recording, video surveillance and GPS tracking in New Jersey...

As technology rapidly advances and becomes more sophisticated, attorneys, litigants and the courts must grapple with the use of modern surveillance in the context of litigation in family matters.

Surveillance can be useful in some situations, and litigants often resort to surveillance of their spouse to gather what they perceive to be valuable evidence. That evidence, whether it be video footage, recorded telephone calls, GPS tracking, digital copies of hard drives or other forms of surveillance, may be used at trial or simply to gain leverage in settlement negotiations. Nevertheless, this type of activity does not come without risk.

Without careful guidance and an understanding of the legal implications, surveillance can place attorneys in jeopardy of legal or ethical violations, and could also undermine the client’s position (e.g., something of limited evidential value could backfire on the client).

This article explores three surveillance techniques and analyzes the risks and rewards of each. more

U.S. Wiretap Report - 2017

This report covers intercepts (also known as wiretaps) concluded between January 1, 2017, and December 31, 2017, as reported to the AO, and provides supplementary information reported to the AO on arrests and convictions resulting from intercepts concluded in prior years.

Click to enlarge
Forty-eight jurisdictions (the federal government, the District of Columbia, the Virgin Islands, Puerto Rico, and 44 states) currently have laws that authorize courts to issue orders permitting wire, oral, or electronic surveillance. Table 1 shows that a total of 30 jurisdictions reported using at least one of these types of surveillance as an investigative tool during 2017. more

Sunday, July 8, 2018

TSCM During Construction Projects

In the world of business espionage there is a golden time to install bugs, taps, and other electronic surveillance items.
  • It is a time when nobody is checking. 
  • It is a time when these devices become completely hidden from future detection.
  • It is construction time.
TSCM During Construction

The Bugged Embassy Case: What Went Wrong, is a well-documented story of eavesdropping devices planted so deeply the building had to be abandoned.

The Attack on Axnan Headquarters: An Espionage Operation, is a fictionalized true story of exactly how corporate construction penetrations are accomplished.

Both accounts are a fascinating read, and are true cautionary tales for our times.
“You really don’t want electronic surveillance
to become the hidden feature of
your new Boardroom, C-suite, or other sensitive area.”


Designing Information Security into Construction Projects

Electronic eavesdropping and information attacks can be stopped, but there is a catch; timing. Technical Surveillance Countermeasures (TSCM) needs to be included in the planning and construction phases of your project. Learn how.

South Korean Women Protest Against Spy Cam Porn

Thousands of South Korean women gathered in Seoul on Saturday to demand stronger government action to fight the spread of intimate photos and footage taken by hidden cameras, which they say has women living in constant anxiety and distress.

Police said about 18,000 took part in the all-women protest, with demonstrators calling for stronger investigations and punishments against male offenders who photograph or film women without their knowledge and post the material online...

Since 2004, South Korea has required smartphones to make large shutter sounds when taking pictures and videos to prevent such crimes. However, phone cameras can be silenced through apps and there’s also an abundance of miniaturized cameras that can be hidden inside bags, shoes and toilets or small holes drilled into bathroom walls and doors...

The national government plans to spend 5 billion won ($4.5 million) to equip local governments with more camera detecting equipment, and strengthen inspections of bathrooms in public spaces and private buildings. There are also plans to widen inspections to elementary, middle and high schools. more

Friday, July 6, 2018

Spycam Quote of the Week

~Christopher Falkenberg, president of security consulting firm Insite Risk Management and former U.S. Secret Service special agent discussing the ease of hotel room spycam bugging...

"Assuming someone has access to the room before and after the customer uses it, I think it’s quite easy because there are many devices available to the public that can be inserted into a room and retrieved after. It’s not high-speed stuff, and it’s not hard to get." more

Israeli Cyber Warfare Firm Employee Caught Selling Eavesdropping Software...

...which is why we say there is no such thing as a secure 'back door'.

Israel’s cyber warfare giant, NSO’s former employee stole company’s ‘Pegasus’ eavesdropping program software and tried to sell it on the ‘dark web’. 

The Pegasus is a classified security tool that can eavesdrop on any person in the world without their knowledge, Globes reported Friday.

The accused is believed to have stolen NSO products and the program worth hundreds of millions of dollars. An indictment filed against the employee last week charged him with security offenses, in addition to theft from his employer. more

What is Dumber than Spycaming a Police Station Restroom?

Not much. Give this dude a double Darwin!

A 28-year-old clerk has been accused of secretly recording other employees inside a restroom at the Long Beach Police Department’s headquarters, authorities said. 

Sergio Nieto of Downey was arrested late last month after he allegedly photographed and videotaped people inside a restroom at the department’s downtown offices...

Nieto was suspended pending further investigation... Investigators are trying to determine the scope of Nieto’s alleged misconduct, and how many people may have been illegally filmed. more

Infographic - Countries Where Private Security Outnumber Police

Whether they're patrolling shopping malls, conducting screening at airports or protecting VIPs, private security guards have become an increasingly common sight across the world. 

In many countries, they are armed with handguns and even dress in uniforms similar to the police.

The sector has experienced huge growth in recent years and today there are an estimated 20 million private security workers worldwide while the industry is worth approximately $180 billion. That is expected to grow even further to $240 billion by 2020, greater than the GDP of 100 countries including Portugal, Romania and Hungary.

According to research conducted by The Guardian, half of the planet's population lives in countries where there are more private security workers than police officers. more

Click to enlarge.
It is likely these are very conservative statistics, as they don't include security specialists, like: professional security consultants, Technical Surveillance Countermeasures (TSCM) specialists, private investigators, computer security specialists, and people working in the alarm and video surveillance sectors. ~Kevin

The Spy Who Dumped Me

Looks like a fun spy movie.
In theaters August 3, 2018.

Wednesday, July 4, 2018

Without Spies There May Have Been No 'Fourth of July'

By Nina Strochlic, for National Geographic magazine.

In 1777, the American colonies were badly losing their fight for independence from Great Britain. The British Army had captured New York City’s crucial port. Expecting further advances, the Continental Congress was evacuated from Philadelphia. It seemed that the war was lost.
Then George Washington, then Commander-in-Chief of the Continental Army, wrote a letter that changed the course of the war.

Washington was desperate to discover what was happening inside New York, but military scouts couldn’t get close enough. The general needed someone to penetrate enemy lines, but when he asked for volunteers, few of his troops raised their hands.

“Spying wasn’t seen as gentlemanly,” says Vince Houghton, resident historian at the International Spy Museum in Washington, D.C.

Finally, a young army captain named Nathan Hale volunteered for the dangerous assignment. He was caught a week later and hanged, the first known American spy to be executed on the job. (He’s memorialized with a statue outside CIA headquarters.)

Washington realized that the mission was too big for untrained volunteers, so he set about building an espionage organization.

John Jay, later the first Chief Justice of the Supreme Court, had been running counterintelligence as head of the New York State Committee and Commission for Detecting and Defeating Conspiracies. One of Jay’s operatives, a merchant named Nathaniel Sackett, had experience in secret writing and codes. 

In February 1777, Washington wrote a letter to Sackett in which he offered him $50 a month—out of his own pocket—to establish the first formal apparatus for the “advantage of obtaining the earliest and best Intelligence of the designs of the Enemy.” “Without the organization that Sackett set up, it would have been very difficult for us to win the war,” says Houghton. “We had a ragtag army and [the British] had the greatest army, greatest navy, and greatest economy in the world. We had no real business winning this war.”

But America’s spy service got off to an inglorious start. Most of Sackett’s agents failed at their jobs—including Sackett himself, who was fired after just six months.

Fortunately for the infant nation, Sackett’s replacement, 26-year-old Benjamin Tallmadge, created what is considered one of America’s greatest espionage operations: the Culper Spy Ring. Comprised of childhood friends from Long Island, the group included a shop owner inside New York City who gathered information, a traveling trader who smuggled it out of the city, and a whale boat captain who delivered it to Washington’s camp.

Employing the tools and tricks of the 18th-century spy trade—hiding secret messages in hollow feather quills, using “dead drops” to transport letters—the Culper operatives unmasked enemy spies, busted a money counterfeiting plan, and stopped the British from sabotaging a French aid mission to the colonies.

After important letters were lost during an enemy raid, Tallmadge invented a “numerical dictionary” code that matched 763 cities, names, and words to numbers. (Washington’s code name was Agent 711.) Washington also asked physician James Jay (brother to John) to invent an invisible ink that could be revealed only with another chemical and would “relieve the fears of such persons as may be entrusted in its conveyance.

Washington’s espionage experiment paid off. In 1781 the British surrendered, thanks in part to the intelligence gathered by the Culper Ring and their networks. “Washington didn’t really out-fight the British. He simply out-spied us,” a British intelligence officer allegedly said after the war.

None of the Culper spies were ever caught, and even Washington himself never learned exactly who was in the group. The ring’s very existence wasn’t discovered until the 1900s, and to this day no one knows for certain how many members it had.

After the war Washington asked Congress to reimburse him $17,000—nearly half a million dollars today—for his espionage expenses. The lawmakers obliged.

Tuesday, July 3, 2018

Washington Policymakers Bluster About High-Tech Foreign Surveillance (again)

Washington policymakers are growing increasingly worried about the threat of high-tech foreign surveillance, a development complicated by U.S. spy agencies' use of similar technologies.

Lawmakers are stepping up their demands for more information from the Trump administration about foreign efforts to spy on Americans' cellphones. more

Facebook Promises Not to Use Tech in Phone Eavesdropping Patent

In an attempt to assuage concerns raised by Facebook's filing for a patent for software that could turn the mics of smartphones on in order to record secret messages in TV ads, the social networking giant has ruled out using the technology in any of its products.

The patent had been filed "to prevent aggression from other companies," Facebook Vice President and Deputy General Counsel Allen Lo told Engadget in a statement this week. The technology in this patent has not been included in any of Facebook's products, "and never will be", Lo said. more

No Formal Process for Protecting a Trade Secret in Canada ?!?!

Canada - At the annual Uniform Law Conference of Canada in 1989, there was proposed legislation drafted that was called the Uniform Trade Secrets Act.

It provided for potential civil remedies against anyone who acquired a trade secret improperly, including through commercial espionage or electronic means. Courts could grant injunctions, award damages and determine who could make future use of the trade secret.

The proposed legislation was put forward one year after the Supreme Court of Canada issued its ruling in R. v. Stewart on the issue of whether “confidential information” can be the subject of theft under the Criminal Code. The court, in a unanimous decision, concluded that it could not, since confidential information on its own is not property...

Three decades later, there are still no criminal offences specific to this area and the Uniform Trade Secrets Act was never enacted into law by any province. In fact, the current website of the federal Canadian Intellectual Property Office states flatly that there is “no formal process” for protecting a trade secret. more

Meanwhile... Australia has passed new laws to get tough on spying. more

Monday, July 2, 2018

Sign Up - Hackers On Planet Earth (H.O.P.E.) - 3 Days & Nights in NYC

The Circle of HOPE will take place on July 20, 21, and 22, 2018 at the Hotel Pennsylvania in New York City. H.O.P.E. stands for Hackers On Planet Earth, one of the most creative and diverse hacker events in the world. It's been happening since 1994.

Three full days and nights of activities, including more of the provocative and enlightening speakers that the HOPE conferences are known for. In addition, they will have access to a massive amount of space to put together all sorts of hacker projects and assorted fun stuff.

In the past they've had huge hackerspace villages, film festivals, Segway rides, lock picking villages, a wide variety of vendors, art installations, live video, vintage computers, robots, an amateur/ham radio station, electronics workshops, book signings, and the country's biggest supply of Club-Mate.

All of that happening right in the middle of New York City, across the street from Penn Station and down the block from the Empire State Building. more

Be sure to check out the amazing list of speakers and topics!

Ah, Gee. Not LTE.

Vulnerabilities have been discovered in LTE that would make it possible for an attacker to tap into 4G networks for the purposes of spying on and hijacking 4G browsing sessions.

Security researchers from Ruhr-Universität, Bochum and New York University, Abu Dhabi show how three different attacks can be launched on the second layer of LTE -- also known as the data link layer. Two passive attacks allow for identity mapping and website fingerprinting, while the active cryptographic aLTEr attack allows for DNS spoofing and network connection redirection.

The researchers, David Rupprecht, Katharina Kohls, Thorsten Holz, and Christina Pöpper, are due to share their findings at the 2019 IEEE Symposium on Security & Privacy next year, but has published a paper in the meantime. Their findings mean that all three protocol layers of LTE (physical, data link, and network) have been found to be problematic.

Current 4G networks are vulnerable, and it is thought that 5G networks could be as well. In the name of responsible disclosure, the group informed the likes of the GSM Association (GSMA), the 3rd Generation Partnership Project (3GPP), and telephone companies of its findings. more

Whataburger - Toilet Spycam - 13 Unidentified Victims

TX - The man accused of placing a video camera in the restroom of a Whataburger restaurant has now been arrested, according to Abilene police...

Abilene police released footage of the suspect placing the camera inside a bathroom stall.

Last Friday, a woman called police after finding the device inside the toilet lid at a south Abilene Whataburger.

A woman, who said she wishes to remain anonymous, told KTAB/KRBC that when she went to the restroom, she flushed the toilet and noticed an unusual small circle under the rim of the toilet lid. She said she looked closer and found what appeared to be a camera lens. The woman said she then followed the camera to 'a bunch of wires connected to the device' under the lid of the tank.

The woman said she then ripped the device out of the tank and and ran to her car where she called police...

Whataburger said it had launched its own investigation... more

Abilene police are seeking information about potential victims from last week's Whataburger video voyeur case.

Police said 13 unidentified victims need to be identified.
Anyone who was at Whataburger at 4241 South 1st Street on Friday, June 22 between 8:50 a.m. and 1:18 p.m. and used the women's restroom as asked to call police at 325-676-6610. more

Sunday, July 1, 2018

Could Your Smartphone Battery Spy on You? (unlikely, but...)

Most batteries in today’s smartphone are intelligent enough to detect how people use their phones and employ power-saving technologies that result in longer battery life. That advantage sounds excellent all around, but...

The researchers who authored a paper [PDF] on the subject of smartphone batteries capable of spying on people pointed out that this hack would be quick to implement and difficult to detect. They say smartphone owners may even participate in helping the hacks happen by installing malicious batteries themselves.

It could happen in a scenario where a hacker sets up an online store and entices users with promises of extra-long battery life and low prices, sends a purchaser the battery and waits for it to become installed in the phone to begin the tracking segment of the hack.

Plus, the battery could be capable of continuous monitoring, giving hackers the opportunity to see almost all the things the targets do with their phones, whether that’s browsing the internet, typing on the phone’s keyboard or receiving calls. more

A bug made to look like a cell phone battery...