Man Charged for Putting 'SPY' Cameras in Seattle Expedia HQ Bathrooms

A 42-year-old Lynnwood man is facing multiple felony charges for allegedly putting hidden “spy” cameras in two bathrooms at the Expedia Group headquarters in Seattle...

According to charging documents, Vargas-Fernandez placed cameras under the sink aimed at the toilet in two all-gender bathrooms at the Expedia office building between Dec. 4, 2023, and Jan. 11, 2024. Investigators said at least 10 victims were seen in the illegal footage and believe “several more victims have yet to be discovered.”

When officers searched Vargas-Fernandez’s apartment after his arrest, they found at least “33 various spy cameras carrying from full, partial, no concealment,” according to court documents. Investigators also found at least 22 SD cards and six hard drives with “at least 20 terabytes of storage.” more  video

Corporate security directors, there is an innovative, preemptive, low-cost solution...
Spy Camera Detection Training for your security and facilities personnel. It includes a Recording in the Workplace Policy and Inspection Log. Training, a Policy and Inspection Log with show your due diligence in court should an incident arise.

Apple Self-Driving Industrial Espionage Case Ends in Sentencing

A former Apple engineer will spend four months in prison, bringing a lengthy and contentious case to a close six years after the U.S. government first charged the engineer, Xiaolang Zhang. 

9 to 5 Mac has been covering the case since shortly after it began, and their report on Zhang’s sentencing has a good overview of the issues to date.

The basics? Zhang worked for Apple in the U.S., where he worked on the company’s self-driving car project, Project Titan. He then left abruptly to work for another company, this one based in China, XMotors. When he did so, he brought several proprietary documents with him. Hence the charges against him, to which he eventually pleaded guilty. The Department of Justice also announced several charges in the case last year. more

Corporate Security Alert: Google's Spyware Report

Spyware risks are rising fast, and you should definitely be worried — even Google says so...

Companies developing spyware and offering spying services to government agencies and threat actors around the world are growing in number, and to make matters worse, for all of them - business is good.

This is according to a new report from Google, which highlights the growing concern of commercially developed spyware.

Now, according to Google’s latest Buying Spying report, it tracks around 40 Commercial Surveillance Vendors (CSV). Some are more popular than others, but all play an important role in developing spyware, it said. more

Google: "If governments ever claimed to have a monopoly on the most advanced cyber capabilities, that era is over. The private sector is now responsible for a significant portion of the most sophisticated tools we detect."

A Corporate Espionage Gamble

Ivans Ivanovs, a former employee at OnAir Entertainment, has claimed that the company illegally accessed Playtech’s internal systems for two years. The illegal access is said to have continued even after Igor Veliks, who was instrumental in the scandal, left his job with Playtech Live Latvia. Ivanovs asserts that Veliks, together with accomplices, made use of unauthorized access to clandestine monitor Playtech’s future games and features...

The impending release of OnAir Entertainment’s ‘Diamond Rush Roulette’, overseen by Veliks, is now under scrutiny amidst these industrial espionage claims. As the legal proceedings progress, Ivanovs pledges to divulge more details concerning the purportedly unethical operations at OnAir Entertainment. more

Corporate Espionage: A Very Basic Cautionary Tale

Aesop’s fable, “the Tortoise and the Hare,” famously warns us about the dangers of arrogance and complacency in the face of a determined adversary. 

Unfortunately, in the modern race for supremacy between the United States and the People’s Republic of China (PRC), it appears that American policymakers and executives have failed to heed this warning, bearing disastrous consequences for industries vital to U.S. national security.

Like the hare, the United States had long enjoyed a substantial lead in developing defense-industrial sectors and innovating dual-use technologies. However, Washington has since rested on its laurels and exposed itself to theft through its lax counterintelligence posture. 

Meanwhile, the PRC — marrying the patience and long-term vision of the fabled tortoise with the remarkable leapfrogging ability enabled by its pervasive industrial espionage — has now caught up and even surpassed the United States across a plethora of key defense and technology sectors. Therefore, if spying and stealing are how the PRC plans to ‘win the race’ in modern strategic competition, the United States can only hope to prevail by investing far more robustly in counterintelligence. more

Maybe this could help.

Ivanti Attacks Part of Deliberate Espionage Operation

Researchers warn the previously unknown actor has developed custom malware designed to maintain persistent access on targeted networks and evade detection.

The threat actor behind the monthlong exploitation of Ivanti Connect Secure VPN is conducting an espionage campaign using custom malware with the goal of maintaining continued access to the appliances, according to research released Thursday by Google Cloud’s Mandiant unit. 

Multiple suspected APT actors have used similar methods with appliance-specific malware in order to engage in post-exploitation threat activity and evade detection. However, Mandiant researchers said, at the moment, this exact activity is not linked to a known actor and they don’t have enough information yet to pinpoint the origin. more

5 Steps for Preventing & Mitigating Corporate Espionage

via Evan Gibbs, Will Taylor, Partners, Troutman Pepper
There has been a steady increase in the volume of incidents involving corporate espionage, especially matters in which an insider is the bad actor. In an era when such risks are escalating, protection of sensitive corporate information has become paramount.

Here are five key strategies companies should implement to prevent and mitigate corporate espionage. (summary...)

1. Insist on Nondisclosure Agreements
2. Know and Control Your Trade Secrets
3. Perform Due Diligence
4. Train Your Employees and Independent Contractors
5. Promptly Investigate Suspected Activity

Preventing and mitigating corporate espionage requires a multifaceted approach. By implementing rigorous legal safeguards, conducting thorough due diligence, using secure communication practices, providing comprehensive employee training, and responding promptly and effectively to suspected activity, companies can significantly enhance their protection against corporate espionage and safeguard their assets. more

UnitedHealth Group Sues Ex-Executives Over Alleged Corporate Espionage

In a twist of corporate intrigue, health care entrepreneurs from Minnesota, Ken Ehlert and Mark Pollman, find themselves locked in a legal duel with their former employer, UnitedHealth Group... 

The lawsuit alleges that Pollman managed to secure a hard drive crammed with sensitive files during an informal lunch rendezvous with a former subordinate... 

The lawsuit states that the former executives amassed 500,000 emails and files, brimming with confidential information and trade secrets, and leveraged them to conceive a suite of corporate entities. more

A Corporate New Year's Resolution - Detect Espionage Easily

Intelligence collection is a leisurely process. Enemies quietly collect long before they use. 

Until they use what they have gathered, no harm is done. Knowing this gives you the edge.

• Electronic Surveillance is not the goal. It is a means to an end.
• Electronic Surveillance is a key component of intelligence gathering.
• Electronic Surveillance is the one spy trick which is easily detectable, if you look for it.

Protection Requires Detection
Technical Surveillance Countermeasures (TSCM) audits exploit weaknesses inherent in electronic surveillance. Knowing you are being targeted provides you with time to counter - before your information is used against you; before harm is done.

All businesses need TSCM as their canary in the mine shaft. 

Click here to learn more... counterespionage.com

Fake Cell Towers Spy On Phones

The risks associated with fake cell towers are manifold. Firstly, there is the threat of unauthorized access to sensitive personal information. This includes passwords, credit card details, and other private data that can be used for identity theft or financial fraud. Furthermore, fake towers can also listen in on phone calls and gather valuable business intelligence, posing a significant risk to corporate espionage...

The fake tower can intercept this IMSI number and collect other data, such as the mobile device’s location, call records, text messages, and even the content of phone calls. This information can then be used for various purposes, including surveillance, identity theft, and corporate espionage. more

Fast-growing Firm Accused of Corporate Espionage in $250M Lawsuit

In the $250 million lawsuit, the California company alleges AscellaHealth used connections inside Nymox in an attempt "to take control of the company's assets by a kick-back scheme."...

Nymox is alleging that AscellaHealth—which Nymox refers to as “a would-be ‘black knight’ competitor”—resorted to “illegal and unlawful corporate espionage” because it couldn’t gain enough support from Nymox shareholders by “legitimate means.”

Nymox is accusing Ascella of using its ties to the ex-Nymox leaders to pass off an investment proposal as a way to learn confidential company information and take control of the company's assets via a kick-back scheme, according to the biotech’s Nov. 9 release. more

Philadelphia Lawyer Advice: Fighting Accusations of Corporate Espionage

Summary of the Spodek Law Group blog post...

Getting accused of corporate espionage can be scary. It can feel like your career or even freedom is on the line. But with the right legal help, you can get through this. In this article, we’ll break down what corporate espionage is, what the consequences can be, and most importantly—your defense options...

What Should You Do if Accused?
First, don’t panic. Just because you’re accused doesn’t mean you’ll be convicted. About half of economic espionage cases end in plea bargains or dismissals. With an experienced legal team, you can avoid the worst outcomes...

• Don’t try to handle this alone. 
• Remain silent. 
• Act quickly.
• Do comply with orders. 
• Watch what you say. 
• Begin gathering evidence.
• Consider independent analysis. 
• Look closely at the motives. 
• Highlight your character. If you have a long career with no prior offenses, that works in your favor. Judges go easier on first-time offenders. more

Corporate Espionage: Nvidia Senior Employee Accidentally Reveals Confidential Files

Nvidia sued after senior employee accidentally showed off confidential files taken from previous employer during a video meeting... Nvidia is in hot water after one of its software engineers accidentally let a rival company—and his former employer—in on a secret: that he stole its top-secret research and took it to the trillion-dollar tech giant. more

Update: Court Grants Exec Bail in Industrial Espionage Case

A South Korean court has granted bail to a former executive of Samsung Electronics accused of stealing sensitive information developed by the technology giant, court records showed on Tuesday.

In a case that underscores the country's efforts to crack down on industrial espionage, prosecutors have alleged that the former executive Choi Jinseog, a South Korean chip expert, stole information formulated by the world's top memory chipmaker to help his client set up a chip factory in China. more

BlackBerry - The Best Movie Of 2023?

The True Story Thriller That’s Being Called The Best Movie Of The Year... Matt Johnson’s BlackBerry, managed to make a small but noticeable splash at the box office, resulting in a stunning 98 percent certified fresh critic score from Rotten Tomatoes...

Though the film’s premise may not immediately strike you as rife with thrilling storytelling potential, BlackBerry manages to take the high-intensity world of tech development, corporate espionage, and the true tale of one corporation’s rise and incredible fall to its absolute limits.

Those who lived through the era of BlackBerry phones being the must-have product on the market will look back at the moment in history with a newfound sense of awe after seeing the film, while those too young to recall the ubiquity of the full-keyboard phone will be shocked and appalled by the underhanded business practices which brought mobile internet to the next level. more

How an Indian Startup Hacked the World

Appin was a leading Indian cyberespionage firm that few people even knew existed. 

A Reuters investigation found that the company grew from an educational startup to a hack-for-hire powerhouse that stole secrets from executives, politicians, military officials and wealthy elites around the globe. 

Appin alumni went on to form other firms that are still active...

Chuck Randall was on the verge of unveiling an ambitious real estate deal he hoped would give his small Native American tribe a bigger cut of a potentially lucrative casino project.

A well-timed leak derailed it all.

In July of 2012, printed excerpts from Randall’s private emails were hand-distributed across the Shinnecock Nation’s square-mile reservation, a wooded peninsula hanging off the South Fork of Long Island...  more

Yet Another USB Cautionary Tale

Duped with a malicious USB...

Mr Burgess (ASIO Director General Mike Burgess) referenced an unnamed Australian company that found global success making a product "similar to a motion detector" before their sales suddenly dropped.

"A little while later, their product started being returned to the factory because they were broken," he said.

"When they opened their branded products, they discovered they weren't their branded products, because the components were inferior, they were exact knock-offs."

The problem was eventually traced to an international conference, where someone had offered to share information with one of the company's employees by plugging a USB into their laptop.

"That USB downloaded malware onto that laptop, which later on, when they were connected back to their corporate network, was used to steal their intellectual property," he said.

"That intellectual property was passed from the intelligence services to state-owned enterprise that mass-produced the goods and sold them on the market that undercut them." more

More USB Security Information...

 • USB – Hacked Charging Cables

• USB – Malicious Spy Cable Detector Instructions

• USB – General Memory Stick Warning

• USB – Malicious Cables

• USB – NSA Type Cable Bug – $6.74

Extra USB Spy News - Government entities in the Asia-Pacific (APAC) region are the target of a long-running cyber espionage campaign dubbed TetrisPhantom. "The attacker covertly spied on and harvested sensitive data from APAC government entities by exploiting a particular type of secure USB drive, protected by hardware encryption to ensure the secure storage and transfer of data between computer systems," Kaspersky said in its APT trends report for Q3 2023. more

Intense Competition Leads to Attempted Corporate Espionage

via Lexology - from the Troutman Papper law firm.

Side Note: Troutman Pepper has formed a Corporate Espionage Response Team to help clients combat the increasing incidence of corporate espionage.

Arthur AI, a New York-based AI company, received a request for a Zoom demonstration of its technology from a startup called OneOneThree. The head of technology at OneOneThree, Yan Fung, expressed interest in purchasing Arthur AI’s technology. But there were some immediate red flags.

First, prior to the Zoom meeting, Arthur AI employees recognized that OneOneThree had no website. The Timesarticle says that Fung told Arthur AI at the time that OneOneThree was in “stealth mode,” which is why it had no website. Then, when Arthur AI asked Fung to sign a nondisclosure agreement (NDA), he reportedly asked Arthur AI to “hold off on the NDA,” and Arthur AI agreed.

Despite these issues, a Zoom meeting was arranged to demo the technology. Fung said Karina Patel, OneOneThree’s “main engineer,” would dial in to the meeting. However, during the Zoom meeting, an attendee logged in under the name of Aparna Dhinakaran, which an Arthur AI employee immediately recognized as a founder of Arize AI, a rival startup. When recognized, the attendee quickly logged off. Arthur AI later deduced that Fung was, in fact, an employee of Arize AI named Dat Ngo, and OneOneThree was an inactive company of his.

After the call concluded, one of Arthur AI’s employees messaged Ngo via LinkedIn direct messaging. Ngo responded by trying to recruit the Arthur AI employee, according to the Times article. more

Lessons Learned:

• Require NDAs Every Time.
• Perform Proper Due Diligence and Act Consistently With Your Findings. 
• Only Use Secure Communication Channels and Restrict Recording.
• Train Employees on Spotting and Responding to Potential Threats.
• Conduct a Prompt and Careful Investigation Into Suspected Activity.

China Is Becoming a No-Go Zone for Executives

Foreign executives are scared to go to China. 

Their main concern: They might not be allowed to leave. 

Beijing’s tough treatment of foreign companies this year, and its use of exit bans targeting bankers and executives, has intensified concerns about business travel to mainland China. Some companies are canceling or postponing trips. Others are maintaining travel plans but adding new safeguards, including telling staff they can enter the country in groups but not alone.

“There is a very significant cautionary attitude toward travel to China,” said Tammy Krings, chief executive of ATG Travel Worldwide, which works with large employers around the world. “I would advise mission-critical travel only.” Krings said she has seen a roughly 25% increase in cancellations or delays of business trips to China by U.S. companies in recent weeks. more

If Ants Can be Tricked, What Chance do Corporations Have?

A cautionary tale for corporations that think they are espionage-proof.

In a study in the journal Science, researchers report that blue butterfly caterpillars infiltrate red ant colonies and grub food by mimicking the raspy sound of the ant queen.

It’s good to be the Queen. You get fed and cared for and generally treated like royalty. But if you’re a blue butterfly caterpillar, you can get the same benefits by just pretending to be queen. Because these crafty caterpillars trick ants into feeding them—by mimicking the sound of their queen.

Ants are social creatures whose colonies contain a queen ant, and hordes of worker ants who feed the queen and take care of all her young. Blue butterfly caterpillars have come up with clever ways to exploit that system. These parasitic caterpillars take up residence in the nests of red ants. And they mooch free meals in part by waggling their heads to beg for food like all the other ant grubs. 

But that’s not all. Scientists using sophisticated recording equipment were able to listen to the caterpillars chatter. And found that the interlopers imitated the sounds of an adult queen. more

• Your company is filled with hard-working, innocent, social creatures.
• Anyone bent on corporate espionage knows they just have to blend in.
• They will listen to your sounds.
• They will exploit your system.
• They will imitate loyalty.
• They will eat your lunch.
• Fight back.