The French Cuff Connection - For the Well-Dressed Bond

Polished Silver Oval WiFi and 2GB USB Combination Cufflinks.
These cufflinks feature 2GB USB storage plus they provide a WiFi hotspot to multiple devices! You can also access media servers from the host computer. Perfect for business meetings, travel and techies everywhere.

WiFi Connection
Simply download the accompanying installation software to an Internet ready host computer, insert the USB hotspot cufflink into that computer’s USB port, and the computer then becomes a high-speed WiFi hotspot. It also enables the computer to wirelessly share media files with electronic devices like tablets and smartphones.

What Connects?
Smartphones, tablets or any other wireless device! (more) 

Spybusters Security Tip #721 - Periodically check your computer for items (like these) plugged into the USB ports on the back of your box.

World's Smallest USB Stick, nah... Shtik

Psst... It's the thingy on the right.

Think it's hard to stop USB stick info-espionage now? Just wait. And, wait until they come as promotional give-a-ways. The urge to use them will be uncontrollable. Gee, what if they are pre-loaded with spyware? Losing them will be equally uncontrollable. What more could the spies of 2012 ask for?

The new 19.5 x 14.5 x 2.9 mm USB stick will be available in 4, 8 or 16GB capacity versions when it's launched. (more)

BTW, do you have a program to deal with USB vulnerabilities?

Security Director Alert: USB Trouble Sticks

• Memory sticks given as gifts or promotional items may contain spy software (possibly unbeknownst to the giver).

• “Found on the ground” USB sticks are risky. They may have been planted for you to find. Never plug one into a computer to see what is on it. It may contain a destructive virus or keystroke logger.

• Unsecured memory sticks are easily stolen or copied. They may still contain valuable information, even if “erased”. Always secure these data storage devices. In a business setting, the data on the device should be password protected and encrypted. The most extreme example of this seen to date is the Cryptek...

An encrypted USB memory stick with Da Vinci Code chastity belt!

This is what you want your executives to carry! (coming soon) 

You can also make your own “cryptstick” using Murray Associates instructions.

USB Memory Stick Security Checklist

• Create a “no USB sticks unless pre-approved” rule.
• Warn employees that a gift USB stick could be a Trojan Horse gift. 
• Warn employees that one easy espionage tactic involves leaving a few USB sticks scattered in the company parking lot. The opposition knows that someone will pick one up and plug it in. The infection begins the second they plug it in.
• Don’t let visitors stick you either. Extend the “no USB sticks unless pre-approved” rule to them as well. Their sticks may be infected.

Harassment Stick
The new Devil Drive elevates the office prank to a new level of sophistication. It looks like a regular USB thumb drive, but it’s actually a device of electronic harassment. The Devil Drive has three functions:

• It causes annoying random curser movements on the screen.
• It types out random phrases and garbage text.
• It toggles the Caps Lock.
Just be aware of it should you hear complaints along these lines.

Chameleon Sticks
Some USB memory sticks have alter egos. They may look like simple memory sticks, but they are actually voice recorders or video cameras. Keep an eye out for these devices at business meetings.

Extra Credit

• Lock out USB ports
• More USB security tips

The USB stick problem is only one business espionage vulnerability. There are hundreds more. When you are ready to fight back, contact counterespionage.com

Tips for Visiting a Closed Society with Your Electronics

Ken Lieberthal of the Brookings Institution does a lot of work in China. Visiting about 10 times a year...

Like a lot of us these days, Lieberthal carries electronics with him to do his work. However, he takes a bit more precaution than many business travelers, as he tells weekends on All Things Considered guest host Rachel Martin.

"I first of all get a loaner laptop."

"I first of all get a loaner laptop. And the USB that I bring, I clean digitally before I bring it, so it's totally blank," Lieberthal says.

Lieberthal then disconnects the Wi-Fi and Bluetooth functions, sets email filters and a virtual private network, or VPN. That's all before the trip. While in China, he never lets his Blackberry leave his side, never uses a wireless Internet connection while he has his USB drive plugged in, and he also physically hides his fingers when typing passwords.

When he gets home, everything gets digitally wiped and cleaned.
Why take all this precaution? Espionage...

The cloak-and-dagger world of corporate espionage is alive and well, and China seems to have the advantage. Their cyber-espionage program is becoming more and more effective at swiping information from America's public and private sectors. The U.S. government has even blamed China publicly for hacking American industries. (more) 

Visiting closed societies on business? 
This is good advice.
And, there is more you need to know. Call us.

Security Tip - Free Program Protects USB Ports from Maleware Infections

Did you find a USB memory stick and are afraid to plug it in? (good)

Does your friend want to insert their (possibly infected) drive into your computer? 

Panda USB Vaccine may help...

There is an increasing amount of malware which, like the dangerous Conficker worm, spreads via removable devices and drives such as memory sticks, MP3 players, digital cameras, etc. To do this, these malicious codes modify the AutoRun file on these devices.

Panda USB Vaccine is a free antimalware solution designed to protect against this threat. It offers a double layer of preventive protection, allowing users to disable the AutoRun feature on computers as well as on USB drives and other devices:

Vaccine for computers: This is a ‘vaccine' for computers to prevent any AutoRun file from running, regardless of whether the device (memory stick, CD, etc.) is infected or not.

Vaccine for USB devices: This is a ‘vaccine' for removable USB devices, preventing the AutoRun file from becoming a source of infection. The tool disables this file so it cannot be read, modified or replaced by malicious code.

This is a very useful tool as there is no simple way of disabling the AutoRun feature in Windows. This provides users with a simple way of disabling this feature, offering a high degree of protection against infections from removable drives and devices.

You can download Panda USB Vaccine free here.

Local Politics - Wiretapping I

Editorial from local paper...

NC - Even before anyone knew for sure what was on the digital flash drive that mysteriously appeared in Hope Mills Mayor Eddie Dees' mailbox, town residents had plenty of reason for concern about their leaders.

The "thumb drive" contained recordings of conversations between Town Manager Randy Beeman and Police Chief Robert Hassell. They were all or part of five calls recorded between Feb. 25 and May 17...

It appears that the wiretap originated in the town's Police Department. The mayor says the drive contains calls made into and out of the department. If that's true, it also raises serious questions about the department and its internal security. It fairly screams for a full-blown criminal investigation.

But instead, the commissioners have chosen to wait for the town attorney to investigate, which he's been doing for months now. (more)

"Do spy shop gadgets really work?"

Once in a while I can point to a news event which answers the question.

...A former Shirley Town Administrator Kyle Keady, 46... is alleged to have victimized an undetermined amount of people, but largely Town Hall officials and employees. Via secreted pen cameras, digital recorders and a baby monitor, Keady is charged with possessing hundreds, if not thousands, of audio, still images and video images of unwitting town officials and employees. Many images are reportedly of women in various stages of undress. 

Keady led investigators to a baby monitor in the ceiling tiles above Town Accountant Bobbi Jo Coburn's office - the extension cord running to his office where it ran down a wall covered by maps to be plugged into the wall. A Sony digital recorder was discovered in a potted plant on the desk of Administrative Assistant Kathleen Rocco. But, causing the widest-spread grief, battery operated pen cameras were apparently systematically placed in the ceiling vent, aimed downward, above the second stall in the public women's room at Town Hall capturing any number of women, intended or otherwise.

The various digital medium used to warehouse the images were allegedly given up willingly by Keady upon request by State Police while investigators executed a search warrant on the second floor at 7 Keady Way - the Town Hall address on the roadway named in honor of Keady's father Daniel, a longtime town official. Nine thumb drives were found on a single key ring in Keady's pocket that he freely emptied, according to police reports.

Keady also allegedly granted police permission to search his vehicle and home. Nothing was found in his car but loads of pornography and seven boxes of digital recording devices were found at his home, along with another pen camera, several thumb drives and lurid, clandestinely attained Town Hall photos and videos. Keady also reportedly admitted to entering Rocco's home and photographing a drawer full of her undergarments without her knowledge or permission. ...Keady remains free on $2,500 cash bail posted in June. (more)

Got a stick? You can spy!

According to Mugil all you need is a USB stick and a FREE program called “USBThief_Modified_by_NEO”. 

USB Thief is a simple program which makes your standard USB stick into a spying USB stick, if you plug it into someone’s PC, it will extract all the passwords from it.

This improved version also steals ALL of the following:
• Visited Links List
• Internet Explorer Cache List
• Internet Explorer Passwords List
• Instant Messengers Accounts List
• Installed Windows Updates List
• Mozilla Cache List
• Cookies List
• Mozilla History List
• Instant Messengers Accounts List
• Search Queries List
• Adapters Report
• Network Passwords List
• TCP/UDP Ports List
• Product Key List
• Protected Storage Passwords List
• PST Passwords List
• Startup Programs List
• Video Cache List

The question is, "Do you trust him?"

Feeling lucky?

His program is here.

As always... 

Why do I mention it?

So you will know what you are up against.

• Never let someone else stick you with their stick.

• Never stick yourself with a dirty stick.

Spyware on Infected USB Sticks

via Krebsonsecurity.com

Researchers have discovered a sophisticated new strain of malicious software that piggybacks on USB storage devices and leverages what appears to be a previously unknown security vulnerability in the way Microsoft Windows processes shortcut files...

Independent security researcher Frank Boldewin said he had an opportunity to dissect the malware samples, and observed that they appeared to be looking for Siemens WinCC SCADA systems, or machines responsible for controlling the operations of large, distributed systems, such as manufacturing and power plants.

“Looks like this malware was made for espionage,” Boldewin said. (more)

USB coffee-cup warmer could be stealing your data

via New Scientist...

Are you sure that the keyboard or mouse you are using today is the one that was attached to your computer yesterday? It might have been swapped for a compromised device that could transmit data to a snooper.

The problem stems from a shortcoming in the way the Universal Serial Bus (USB) works. This allows almost all USB-connected devices, such as mice and printers, to be turned into tools for data theft, says a team that has exploited the flaw.

Welcome to the murky world of the "hardware trojan". Until now, hardware trojans were considered to be modified circuits. For example, if hackers manage to get hold of a microchip when it is still in the factory, they could introduce subtle changes allowing them to crash the device that the chip gets built into. (more)

Security Directors - You already know about the dangers of plugging in dirty USB memory sticks. Now, you need to consider the possibility that foreign governments are loading other "legitimate" USB devices with spyware at the chip level. (Hey, they did it with hard drives.) Alert the employees. Convince them to resist the "Oh, isn't it cute. Let's plug it in," temptation.

Tamatebako - The Hara Kiri Thumb Drive

Losing your memory?  Get this...
Fujitsu’s has a new Secure USB Memory Device, called Tamatebako. It has 2GB capacity and supports AES 256-bit encryption and will delete its stored data after 10 minutes up to one week. 
 
It will also commit hara-kiri if told the wrong password or forced to have intercourse with an unauthorized computer. (more)

The Geek Chorus on USB Sticks

Background... The Unsolicited "Gift" USB Stick

The latest proof...

Australia - IBM has been left with egg on its face after it distributed virus-laden USB keys to attendees at Australia's biggest computer security conference.

Delegates of the AusCERT conference, held over the past week at the Royal Pines Resort on the Gold Coast, were told about the malware problem in a warning email this afternoon by IBM Australia chief technologist Glenn Wightwick.

The incident is ironic because conference attendees include the who's who of the computer security world and IBM was there to show off its security credentials. (more)

CSI your USB

"We're going to show you how to mimic Microsoft's offering (Computer Online Forensic Evidence Extractor) using open-source software to unlock Windows accounts, investigate suspicious activity, see any file on a Windows disk and even peruse files that others believe have been permanently deleted." (more) 

Quick Take...

• Grab an old USB stick. (2GB or more)

• Read the directions. (here)

• Load BackTrack 4 onto your stick. (BackTrack 4 download)

(ta-daaaa!) 

• Now pretend you are William Petersen

Contest - You vs. the Swiss Army (USB)

Carl Elsener Jr, the current president of the Swiss army knife maker Victorinox and grandson of the company's founder, was in London this morning to promote the company's latest product: a secure USB flash drive.

And when he says secure, he doesn't appear to be mucking around. Victorinox is so confident of the combination of encryption and fingerprint security built into the drive that it has offered a reward to anyone who can crack it.

Think you've got what it takes to crack the Victorinox code? If you succeed, be prepared to walk away $100,000 richer. It's that simple.
Click here to to send us your registration by email!
View Rules and Regulations (PDF)

PS - If you screw it up, the data self-destructs!

SpyCam Story #569 - Thumb Trips Taper

GA - An Alpharetta man was charged with unlawful eavesdropping and child molestation.

Police said Matthew Andrzejak used a video camera inside a ball point pen to secretly record gym members at Lifetime Fitness in Alpharetta.

Andrzejak was charged with 22 counts of unlawful eavesdropping and applicable felony child molestation charges.

An investigation was launched when a patron of the gym found a computer thumb drive which had been dropped on the floor of the facility. After discovering illegal surveillance images of children and acts of child molestation occurring at a place of residence that were stored on the thumb drive, the patron contacted Alpharetta authorities. (more with video)

USB Memory Stick Failed Encryption - UPDATE

In our January story, USB Crypt Stick - design flaw, or... design back door discovered, several USB stick manufacturers were identified as having their encryption cracked. Subsequently, two clients asked me to research this. They wanted to know if the flawed encryption included all encrypted USB stick manufacturers.

So far, I have found one manufacturer who affirms their crypt-sticks remain secure.

from their press release...

"In response to the reports that certain hardware-encrypted USB flash drives have been hacked on Monday, Jan. 4, IronKey, maker of the world's most secure flash drive, today announced that its devices are not vulnerable to the serious architectural flaw that has compromised many 'secure' USB storage devices. IronKey customers remain safe." (more)

USB Crypt Stick - Design flaw, or...

...design back door discovered? 

You decide. 

NIST-certified USB Flash drives with hardware encryption cracked

Kingston, SanDisk and Verbatim all sell quite similar USB Flash drives with AES 256-bit hardware encryption that supposedly meet the highest security standards. This is emphasised by the FIPS 140-2 Level 2 certificate issued by the US National Institute of Standards and Technology (NIST), which validates the USB drives for use with sensitive government data. 

Security firm SySS, however, has found that despite this it is relatively easy to access the unencrypted data, even without the required password.

The USB drives in question encrypt the stored data via the practically uncrackable AES 256-bit hardware encryption system. Therefore, the main point of attack for accessing the plain text data stored on the drive is the password entry mechanism. When analysing the relevant Windows program, the SySS security experts found a rather blatant flaw that has quite obviously slipped through testers' nets. During a successful authorisation procedure the program will, irrespective of the password, always send the same character string to the drive after performing various crypto operations – and this is the case for all USB Flash drives of this type.

Cracking the drives is therefore quite simple. (more) (UPDATE)

USB Sticks that Stick it to You

Short Story: Beware the "free" USB memory stick.
Long Geeky Story:
From: David Lesher
Subject: AMEX sends USB trojan keyboards in ads

A fellow user group member reported getting a USB-fob from American Express. When he plugged in to a port, it attempted to send his xterm command line to {the dots were hex digits, it appears.... [and PGN changed x to dot to avoid filtering]} but didn't succeed. [It may be Windows and Mac compatible, but not Linux...]

That address redirects to an Amex URL:

It identified itself on the USB chain as: Bus 003 Device 003: ID 05ac:020b Apple, Inc. Pro Keyboard [Mitsumi, A1048/US layout]

Since it's clearly NOT an Apple Pro Keyboard; one wonders why the manufacturer chose that false identity. The masquerade as a keyboard might also have been to penetrate those machines that do not blindly mount USB storage devices.

Risks: While we now look for incoming malware on the TCP/IP connections, clearly we need to similarly monitor the other ports as well; you can do just as much damage (or more) with a insider keyboard attack, given some social engineering. Is the power line next?

One More Good Reason to Lock USB Ports

The new Devil Drive elevates the office prank to a new level of sophistication and maddening effectiveness. It looks like a regular USB thumb drive, but it's actually a devious device of electronic harassment. Its use should be strictly limited to deserving subjects only.

The Devil Drive has three functions:
(1) it causes annoying random curser movements on the screen,
(2) it types out random phrases and garbage text, and
(3) it toggles the Caps Lock.

It allows you to select any combination of these frustrating functions, or all of them. It also allows you to set the time interval between events (ranges from 5 seconds to 15 minutes; the longer intervals are recommended for the most maddening effects).

Note: the Caps Lock toggle function does not work on Macs. To deploy the Devil Drive, just discreetly insert it into any unused USB port on the victim's computer (no drivers are needed).

The Devil Drive never hits the "Enter" key and it never clicks the mouse button, but still you should not use it on anyone's computer who is doing critical work where any disruption could cause serious consequences; like any prank, exercise prudence and judgment before deploying. (more)

Spybusters Tip # 385 - FREE Encrypted Memory Sticks. Roll Your Own!

Step 1 - Go to your junk drawer. Grab one of your regular old USB memory sticks.

Step 2 - Go to TrueCrypt.org.
Grab their FREE encryption software.

Step 3 - Read the Beginner's Tutorial. Load & Lock.

Ta-daaaa!
Instant FREE encrypted memory stick!!!
(clap, clap, clap)
Thank you.
Kevin
P.S. You can also roll Free Mac/Windows XP/Vista/2000/Linus sticks the same way.
Additional Spybusters Tips.