Showing posts with label espionage. Show all posts
Showing posts with label espionage. Show all posts

Wednesday, September 9, 2020

China Looks To Build Espionage Hub In Iran Under 25-Year Deal


The next phase of the 25-year deal between China and Iran will focus on a large-scale roll-out of electronic espionage and warfare capabilities
focused around the port of Chabahar and extending for a nearly 5,000 kilometer (3,000 mile) radius, and the concomitant build-out of mass surveillance and monitoring of the Iranian population, in line with the standard operating procedure across China, senior sources close to the Iranian government told OilPrice.com last week. 

Both of these elements dovetail into Beijing’s strategic vision for Iran as a fully-functioning client state of China by the end of the 25-year period.

By that time, Iran will be an irreplaceable geographical and geopolitical foundation stone in Beijing’s ‘One Belt, One Road’ project, as well as providing a large pool of young, well-educated, relatively cheap labor for Chinese industry. 

The mass surveillance, monitoring, and control systems to cover Iran’s population is to begin its full roll-out as from the second week of November...

The plan is for nearly 10 million extra CCTV [closed-circuit television] cameras to be placed in Iran’s seven most populous cities, to begin with, plus another five million or so pinhole surveillance cameras to be placed at the same time in another 21 cities, with all of these being directly linked in to China’s main state surveillance and monitoring systems,” said an Iran source. “This will enable the full integration of Iran into the next generation of China’s algorithmic surveillance system that allows for the targeting of behavior down to the level of the individual by combining these inputs with already-stored local, national, and regional records on each citizen, together with their virtual data footprints,” he said. more

 

Friday, May 11, 2018

FontCode: Embed Secret Messages Within Text

Click to enlarge.
Computer scientists have invented FontCode, a way to embed hidden information in ordinary text by imperceptibly changing the shapes of fonts in text. 

The hidden information persists even when documents or images with perturbed texts are printed or converted to another file type. Method could prevent document tampering, protect copyrights, as well as embed QR codes and other metadata without altering the look or layout of a document.

"While there are obvious applications for espionage, we think FontCode has even more practical uses for companies wanting to prevent document tampering or protect copyrights, and for retailers and artists wanting to embed QR codes and other metadata without altering the look or layout of a document," says Changxi Zheng, associate professor of computer science and the paper's senior author.  more

Thursday, June 29, 2017

Business Espionage: The Slow Burn Costs


"Businesses need to be aware of the full costs of a cyber-attack, in particular, the “slow-burn” costs (i.e. those associated with the long-term impacts of a cyber-attack, such as the loss of competitive advantage and customer churn). When added to immediate costs (i.e. legal
and forensic investigation fees, and extortion pay outs), slow burn costs can dramatically increase the final bill."
Lloyd's Report - in association with KPMG and legal firm DAC Beachcroft more

Lloyd's is promoting their cyber-insurance with this report. Their warning, however, actually applies to all forms of business espionage. Insurance is for the disaster. A good Technical Information Security Survey can prevent disasters. You need both.

Monday, June 12, 2017

Ponder of the Week

Lawyers and manufacturers are also vulnerable to corporate espionage.  Months can go by before they even realize they've been hit. — Mandy Simpson, CEO, Cyber Toa

Wednesday, June 7, 2017

Wartime Spies Who Used Knitting as an Espionage Tool

During World War I, a grandmother in Belgium knitted at her window, watching the passing trains. As one train chugged by, she made a bumpy stitch in the fabric with her two needles. Another passed, and she dropped a stitch from the fabric, making an intentional hole. Later, she would risk her life by handing the fabric to a soldier—a fellow spy in the Belgian resistance, working to defeat the occupying German force.

Whether women knitted codes into fabric or used stereotypes of knitting women as a cover, there’s a history between knitting and espionage. “Spies have been known to work code messages into knitting, embroidery, hooked rugs, etc,” according to the 1942 book A Guide to Codes and Signals. During wartime, where there were knitters, there were often spies; a pair of eyes, watching between the click of two needles. more

Monday, April 3, 2017

DJ turned PI turned DJ Uncovers Corporate Espionage of Rival Networks

Australia - Kyle Sandilands called on his little known training as a private eye 
to uncover what he calls multiple acts of “corporate espionage” aimed at destabilising his hit breakfast show...

He eventually discovered that a number of people from 2DayFM and NOVA had been emailing clips from The Kyle and Jackie O Show to advertisers and celebrity agents, suggesting they move their business from KIIS to them.

Sandilands says he was shocked when he discovered the extent of the ‘”corporate espionage” after he started getting proof from KIIS clients and associates in the US, where he has a music business. more

Friday, March 31, 2017

Electronic Eavesdropping Confirmed: CEO's Car Was Bugged During Takeover Talks

The head of Stada, the German drugmaker at the centre of a takeover battle, confirmed his car had been bugged last year but reassured investors that the company had not suffered as a result. "I have no reason to assume that any confidential business information went into the wrong hands," Chief Executive Matthias Wiedenfels told a news conference on Wednesday after the group announced annual financial results.

The disclosure comes at a sensitive time as Stada is the subject of a 4.7 billion euro ($5.1 billion) takeover fight between two rival private equity consortia. It was not clear who was responsible for the bugging and no suggestion that it was connected to the takeover battle.

Germany's Manager Magazin reported last week that Wiedenfels found a listening device in his car and that he was also anonymously sent photographs taken of him in confidential business situations and outside of the office.  more

Did you expect him to say, "Oh yes, confidential business information went into the wrong hands. The company has suffered as a result."

When was the last time you checked? Check here.

Saturday, December 31, 2016

Security Director Alert - Russian Cyber Activity, GRIZZLY STEPPE

The Department of Homeland Security (DHS) has released a Joint Analysis Report (JAR) that details Russian malicious cyber activity, designated as GRIZZLY STEPPE. 

This activity by Russian civilian and military intelligence services (RIS) is part of an ongoing campaign of cyber-enabled operations directed at the U.S. Government and private sector entities.

DHS recommends that network administrators review the Security Publication for more information and implement the recommendations provided.

Monday, November 28, 2016

Business Espionage Today: Sling TV Launches Cloud DVR Hours Before DirecTV

Sling TV users will soon be able to record some TV shows and store them online for later viewing.

The feature, which will initially be available as an invite-only beta to users of Dish's online streaming video service, is being announced on the same day that a major rival is appearing on the scene. Details of AT&T's DirecTV Now will be unveiled at a press event in New York later today. more

Just coincidence? You decide. 
How secret is your marketing strategy? 
When was the last time you checked? ~Kevin

Monday, November 21, 2016

3D Industrial Espionage

Your 3-D printer is leaking, but not in ways you can see.

It leaks sounds and energy. That's not a problem — unless you want to keep your creation a secret. In that case, it's time to get serious about security. Computer scientists have now shown that hackers can eavesdrop on 3-D printers — and then copy what they made. All it takes is your average smartphone.

As 3-D printing becomes more widespread, thieves will find new ways to steal original designs, worries Wenyao Xu. This computer scientist at the State University of New York in Buffalo led the new work...

To hack these printers, a spy needs to merely “listen” to the noise and energy the machine emits, including the magnetic fields that vary as it works. Both sound and electromagnetic energy travel as waves. By tapping into these waves, Xu says, a spy could identify the shape of what was being printed. This would allow someone to steal a design without ever seeing the original.

“We need to prevent these attacks,” Xu says. more

Monday, November 14, 2016

Business Espionage: Agribusiness Now in the Crosshairs

In an industry where information is power, dishonest competitors may steal agrichemical company data and use it to their advantage. While this may sound a little like a James Bond movie plot, industrial espionage is a real event.

Take for example, the case from October 2016, when a Chinese man was sent to prison for 3 years... The crime was part of a years-long conspiracy involving several Chinese citizens aimed at stealing valuable patented corn seeds from Iowa farm fields so they could be smuggled to a Chinese agriculture conglomerate.”...

Worse still, is that this case is not an isolated incident, with Robert Anderson Jr., assistant director of counterintelligence at the F.B.I. explaining that, “Agriculture [industrial espionage] is an emerging trend that we’re seeing.” Adding that, until two years ago, “the majority of the countries and hostile intelligence services within those countries were stealing other stuff.”

Such is the power of a trade secret in modern agribusiness, that attempts to steal it are replacing efforts to learn military secrets.

Possibly, this is part of what geo-political experts call ‘food security’...

When it comes to agribusiness data, industrial espionage should leave you neither shaken nor stirred, but should simply be a case of, ‘We’ve been expecting you Mr. Bond.’ more more

Thursday, November 10, 2016

Business Espionage Problem: Car Spy Photographers Using Drones

...automakers are looking at ways to put a stop to this practice.

Click to enlarge.
One answer may be coming from the German company Deutsche Telekom, which is working with developers on ways to keep drones out of certain areas.

The American company Dedrone also has a DroneTracker system that can locate drones more than half a mile away. We're sure that more creative and interesting means of inhibiting drones are coming down the road as well. more

Business Espionage: Bugger Caught in the Act

UK - A camera recording with audio was found under a chair during a private meeting of MPs. 

British sportswear company Sports Direct was being paid an unannounced visit by members of the House of Commons’ Business Select Committee. The MPs were there to insure that good working practices were being upheld by the company.

The MPs gave Sports Direct a one-hour warning before arriving, part of a long-running investigation into conditions at the company. During their visit, they were having a private meeting over lunch to discuss their findings. It was then that Labour MP Anna Turley spotted a staff member hiding a camera in the room where they were meeting. 

Turley says a woman came into the room to bring sandwiches to the MPs, then she crouched down to hide a camera under a chair. “I saw her trying to arrange it to get the best angle so that they could video us up at the board table and listen to what we were saying.” more

The device was identified as a small Go-Pro camera, which records excellent audio as well as video. ~Kevin

Friday, November 4, 2016

Bugging Devices Found at Iran Nuclear Talks Hotel, Say Swiss Officials

A number of computers at a five-star Geneva hotel that has hosted sensitive talks, including Iranian nuclear negotiations, were found to be infected with malware used for espionage, Swiss prosecutors have revealed...

The long-running nuclear talks were a magnet for the world’s intelligence agencies as they sought to find out more about the Iranian nuclear programme and the negotiating positions of the six nations involved.

When the talks shifted to a luxury hotel in Vienna, the microwave radiation from the surveillance efforts of competing intelligence agencies was so intense that diplomats had to walk some distance from the venue to use their mobile phones.

The US secretary of state, John Kerry, would take walks with his Iranian counterpart, Mohammad Javad Zarif, in what was seen as a publicity stunt, but which was also a practical means of dodging electronic bugs.

When diplomats attending talks in Lausanne wanted to call their capitals, they would stroll around the grounds of the venue, another five-star hotel, rather than call from their rooms. more

Friday, October 21, 2016

DIY NSA ...at home, in your spare time!

Harold Thomas Martin is alleged to have spent more than 20 years collecting data from multiple government agencies, federal prosecutors said.

My conception photo of his home office.
Court documents say 50 terabytes of data had been seized but it is not clear how much of this was classified...

Mr Martin was employed with Booz Allen Hamilton, the same consulting firm that employed Edward Snowden, who gave documents to journalists exposing NSA surveillance practices...

If the case succeeds, it raises serious questions about NSA security, says Alan Woodward, a computer security expert from Surrey University.

"The only extraordinary thing about this story is the volume of data stolen," he said.

"If someone was taking the data out of the NSA over a very long period of time, regardless of motive, it does raise a few questions about how they were able to do that: if someone is removing data habitually you'd expect that to be spotted." more

Wednesday, October 12, 2016

Business Espionage Alert: Spying is the New Hacking

Increasingly cybercriminals are using spying techniques better associated with intelligence agencies 
 
to identify relevant information about you and your life and turn that around to attack you.

"There are no hackers, they're all gone -- there are only spies," says Eric O'Neill, national security strategist for Carbon Black and a former FBI counter-intelligence operative.

"The new hackers are using traditional espionage techniques and they're blending it with advanced cyber penetrations in order to steal information," he says, adding "just ask the DNC". more

As predicted back in 2013. Help is available. ~Kevin

Smart Watches Banned from Government Meetings

Apple Watch reportedly banned from UK government meetings due to Russian spying fears.

Virtually all connected devices are susceptible to hacking, which is why the UK government banned smartphones from cabinet meetings over fears that they could be used by foreign agents to eavesdrop on sessions. Now, the ban has been extended to cover Apple Watches and similar wearables.

The Telegraph reports that the UK government's biggest concern is that Russian spies could potentially hijack any smart device to discover national secrets. “The Russians are trying to hack everything,” said one source.

There haven't yet been any reported incidents of cybercriminals, Russian or otherwise, using smartwatches to listen in on sensitive government meetings, but the idea isn’t just a case of being overly paranoid. more

Wednesday, October 5, 2016

Business Espionage: Houston Fortune 500 Energy Company Invaded Twice

The Federal Bureau of Investigation says it is looking into the theft of intellectual property from a Fortune 500 company in Houston’s energy corridor.

The company has asked to not be identified for security reasons, but the FBI wants to know why the man took several items from the business during its off-hours last year.

The man was caught on camera during the theft and during another burglary attempt at the same company.



According to the FBI, at approximately 3 a.m. on June 25 the burglar gained unauthorized access into the building through a defective door. After spending a couple of hours inside, the man exited with property belonging to the company and its employees.

On Dec. 30, the same man attempted to enter the same Fortune 500 Company. This time, the man was unable to get into the secure area of the building. He stole a security radio from a desk in the lobby on his way out. more

As IT security becomes better, intrusion, theft and the planting of bugging devices will increase. Conduct periodic technical surveillance countermeasures (TSCM) to reduce opportunities and risk. Read the Facilities Management article,  How to Handle Counterespionage to learn how. ~Kevin

Tuesday, September 27, 2016

Industrial Espionage: An update on what it includes.

Industrial espionage comes in many forms; the most commonly seen is the surveillance type methods, usually seen in the secret spy books and television programs. However, the truth is far from the glamour of the fictitious man who find out about the wrong, puts it right and gets the girl. In the real world this problem is a very real thing and one of the worst types of industrial espionage is the selling of trade secrets.
But this is only one cell of a much bigger definition, in recent years the definition of what is seen as industrial espionage has increased to cover such areas as; attempts to sabotage a corporation, in some cases, malware and spyware has even entered the arena of corporate espionage. And as earlier mentioned there are the more obvious kinds of industrial espionage such as theft of trade secrets, bribery, blackmail, and technological surveillance. more

Keep all this in mind when you suspect business espionage. The attack vectors are many; about half people, half technological. Solving the problem requires a holistic strategy, and working with specialists who have holistic mindsets. ~Kevin

Two answers to, "How can corporate espionage firms exist when hacking people is illegal?"

Answer #1. You have to prove the espionage firm did something illegal. This is sometimes much harder than it might seem.

I was once interviewed by an IT manager of a major telecoms company. They had security like nothing I had ever seen - it was like the introduction of the old spy comedy Get Smart - layer after layer of heavy doors, big muscle doormen, ID checks, cameras…

 

I asked why they had all the security. The IT manager said “our main rival is hiring investigators to learn anything about us, any way they can”. Of course, his firm was doing the same to the rival firm - so they were in no position to complain about illegal tactics.

And of course, if the other firm had snuck someone in, someone who planted say a radio network bug, to give the spy direct access to the firm’s internal network - how could anyone prove who they were, and why they were there? I’m sure that “copping a trespass charge” was part of the deal for spies who entered the premises illegally.

Answer #2. Simple : Spying is not limited to hackingmore