Ex-Sheriff Pleads Guilty to Wiretapping

WV - Former Clay County Sheriff Miles Slack pleaded guilty Tuesday to a federal charge that he hacked his wife’s work computer.

Slack entered the plea to a wiretapping charge Tuesday in U.S. District Court in Charleston. He faces up to five years in prison. Sentencing was set for Dec. 19.

The government said Slack secretly installed a keystroke logger on a computer in the Clay County Magistrate Court office in April where his wife worked. They were married at the time but have since divorced.

Spyware devices can be purchased online and typically are 1-2 inches long and attached to the keyboard cable. Once installed, they can intercept anything typed on that keyboard. (more)

Alerts sent in by our Blue Blaze Irregulars this week...

• "Time to take the glue gun to your USB ports." Data exfiltration using a USB keyboard. 

• "Dust off your information security policy (or start putting one in place…)" Do you have a comprehensive information security program? Many businesses are still operating without one, leaving them open to preventable data breaches.
 
• "Enough already: encrypt those portable devices" The U.S. Federal Trade Commission (FTC) announced it had reached a settlement with a cord blood bank in respect of the loss of nearly 300,000 customers’ personal information. ...The information had been stored on unencrypted backup tapes, an external hard drive and a laptop that were stolen from a backpack left in an employee’s car.

• “This call may be recorded” - Ninth Circuit says disclaimer not always necessary. But it’s still a good idea! 

• "Man cleared of spying on his wife via computer software..." His attorney argued that prosecutors could not prove why Ciccarone used the software.

• "Nestlégate" Court convicts Nestle of "spying" on Swiss activists. (vintage commercial)

Van Eck Grown Up - Time to look at eavesdropping on computer emissions again.

1985 - Van Eck phreaking is the process of eavesdropping on the contents of a CRT or LCD display by detecting its electromagnetic emissions. It is named after Dutch computer researcher Wim van Eck, who in 1985 published the first paper on it, including proof of concept.[1] Phreaking is the process of exploiting telephone networks, used here because of its connection to eavesdropping.

2009 - A simple experiment showing how to intercept computer keyboard emissions. 

It is notable that there is: 
• no connection to the Internet; 
• no connection to power lines (battery operation); 
• no computer screen in use (eliminates the screen emissions possibility); 
• and no wireless keyboard or mouse. 
Intercepted emissions are solely from the hard-wired keyboard.

The interception antenna is located about one meter away. (This is why we look for antenna wires under desks, and metal parts on desks to which wiring is attached.) 
(video 1) (video 2)

The point is, if one can get an antenna withing close proximity of your computer, what you type belongs to them.
 
December 2012 - Not satisfied with pulling information from your keyboard, injecting information becomes a concern (pay attention investment firms).

"The roughly half-dozen objectives of the Tactical Electromagnetic Cyber Warfare Demonstrator program are classified, but the source said the program is designed to demonstrate ready-made boxes that can perform a variety of tasks, including inserting and extracting data from sealed, wired networks.

Being able to jump the gap provides all kinds of opportunities, since an operator (spy) doesn’t need to compromise the physical security of a facility to reach networks not connected to the Internet. Proximity remains an issue, experts said, but if a vehicle can be brought within range of a network, both insertion and eavesdropping are possible." (more)

2013 is going to be an interesting year. ~Kevin

Computer Anti-Virus King Becomes a Spy?!?! ...you decide.

Remember John McAfee? ...the man who, just weeks ago, went on the run from Belize after his neighbor was found murdered, claiming that the police wanted to kill him and frame him for the murder. 

He fled to Guatamala,...arrived in the US shortly after, and now he’s pecking out his tell-all tale via his blog, where he describes himself as the head of his own private spy operation.

According to the post he... purchased 75 laptops, loaded them with “invisible keystroke logging software,” packaged them back up so none would be the wiser, and gave them away to those in positions of power: law enforcement, government employees, etc. The software then sent McAfee text files of what was typed, and he soon had access to a variety of social media and email accounts.

Soon after, he amassed 23 women and six men whom he calls his operatives; eight of the women, he said, were so accomplished at their missions that they ended up living with him...

Of course, it’s important to remember some things: McAfee is known to be involved in drugs, even having had his place in Belize raided at one point on suspicion of meth manufacturing. (more)

Eavesdropper Reveries - Laser Keyboards

My new iPhone has a laser keyboard...

In my dreams :)

But until then, there is always this...

Somewhere, someone (other than me) is musing about how to eavesdrop on this technology.

The Bluetooth connection?
Optical intercept?
Keystroke logging spyware?
Or, maybe an accelerometer embedded in the table to decipher the finger tapping sounds?

Am I allowed to have this much fun at work?

Security Director Alert: USB Trouble Sticks

• Memory sticks given as gifts or promotional items may contain spy software (possibly unbeknownst to the giver).

• “Found on the ground” USB sticks are risky. They may have been planted for you to find. Never plug one into a computer to see what is on it. It may contain a destructive virus or keystroke logger.

• Unsecured memory sticks are easily stolen or copied. They may still contain valuable information, even if “erased”. Always secure these data storage devices. In a business setting, the data on the device should be password protected and encrypted. The most extreme example of this seen to date is the Cryptek...

An encrypted USB memory stick with Da Vinci Code chastity belt!

This is what you want your executives to carry! (coming soon) 

You can also make your own “cryptstick” using Murray Associates instructions.

USB Memory Stick Security Checklist

• Create a “no USB sticks unless pre-approved” rule.
• Warn employees that a gift USB stick could be a Trojan Horse gift. 
• Warn employees that one easy espionage tactic involves leaving a few USB sticks scattered in the company parking lot. The opposition knows that someone will pick one up and plug it in. The infection begins the second they plug it in.
• Don’t let visitors stick you either. Extend the “no USB sticks unless pre-approved” rule to them as well. Their sticks may be infected.

Harassment Stick
The new Devil Drive elevates the office prank to a new level of sophistication. It looks like a regular USB thumb drive, but it’s actually a device of electronic harassment. The Devil Drive has three functions:

• It causes annoying random curser movements on the screen.
• It types out random phrases and garbage text.
• It toggles the Caps Lock.
Just be aware of it should you hear complaints along these lines.

Chameleon Sticks
Some USB memory sticks have alter egos. They may look like simple memory sticks, but they are actually voice recorders or video cameras. Keep an eye out for these devices at business meetings.

Extra Credit

• Lock out USB ports
• More USB security tips

The USB stick problem is only one business espionage vulnerability. There are hundreds more. When you are ready to fight back, contact counterespionage.com

Keystroke-sniffing software found embedded in Nokia, Android, and RIM devices

A piece of keystroke-sniffing software called Carrier IQ has been embedded so deeply in millions of Nokia, Android, and RIM devices that it’s tough to spot and nearly impossible to remove, as 25-year old Connecticut systems administrator Trevor Eckhart revealed in a video Tuesday.

That’s not just creepy, says Paul Ohm, a former Justice Department prosecutor and law professor at the University of Colorado Law School. He thinks it’s also likely grounds for a class action lawsuit based on a federal wiretapping law...

FutureWatch...“In the next days or weeks, someone will sue, and then this company is tangled up in very expensive litigation,” he adds. “It’s almost certain.”

Over the last month, Carrier IQ has attempted to quash Eckhart’s research with a cease-and-desist letter, apologizing only after the Electronic Frontier Foundation came to his defense.  (more) (Note: The accompanying movie is 15+ minutes, but is very revealing.)

Fun Stuff: Release Your Inner Muse, with Animoog

Alert: This app is available at 99 cents for about 25 more days. Then it goes to $29.99... and it's still a bargain.

This week work took me from New York to San Diego and back; about 10 hours on a plane. Animoog kept me captivated for most of my time in the air. The depth of musical creativity that I pulled from this was astounding. Not musically inclined? No problem, neither am I. I barely know a quarter note from a quarterhorse, yet after the first ten minutes I was making music. Beautiful sounds. Hey, the thing even records your songs for you. 

Bonus... The trips seemed like minutes instead of hours.

Have some fun this weekend. Relax. Make music. Regain your soul. You'll be surprised how good you'll feel afterward.

"Animoog is the first professional synthesizer designed for the iPad. Powered by Moog's new Anisotropic Synthesis Engine, Animoog captures the vast sonic vocabulary of Moog synthesizers and applies it to the modern touch surface paradigm, enabling any user to quickly sculpt incredibly fluid and dynamic sounds that live, breathe, and evolve as you play them." (more)

Just don't put your phone on your girlfriend's nightstand...

People sit down, turn on their computers, set their mobile phones on their desks and begin to work. What if a hacker could use that phone to track what the person was typing on the keyboard just inches away?

A research team at Georgia Tech has discovered how to do exactly that, using a smartphone accelerometer ­the internal device that detects when and how the phone is tilted ­to sense keyboard vibrations and decipher complete sentences with up to 80 percent accuracy. The procedure is not easy, they say, but is definitely possible with the latest generations of smartphones. 

“We first tried our experiments with an iPhone 3GS, and the results were difficult to read,” said Patrick Traynor, assistant professor in Georgia Tech’s School of Computer Science. “But then we tried an iPhone 4, which has an added gyroscope to clean up the accelerometer noise, and the results were much better. We believe that most smartphones made in the past two years are sophisticated enough to launch this attack.” (more)

Two CyberWar Hacking Stories. Just Coincidence? You decide.

China has admitted for the first time that it had poured massive investment into the formation of a 30-strong commando unit of cyberwarriors - a team supposedly trained to protect the People's Liberation Army from outside assault on its networks.

While the unit, known as the "Blue Army", is nominally defensive, the revelation is likely to confirm the worst fears of governments across the globe who already suspect that their systems and secrets may come under regular and co-ordinated Chinese cyberattack.

In a chilling reminder of China's potential cyberwarfare capabilities, a former PLA general told The Times that the unit had been drawn from an exceptionally deep talent pool. "It is just like ping-pong. We have more people playing it, so we are very good at it," he said. (more)

Lockheed Martin Cyber Attack: Routine, a Warning or a Possible Act of War?

Last Thursday, Reuters ran a story that the US defense firm Lockheed Martin was experiencing a major disruption to its computer systems because of cyber attack.

The Reuters story said that the attack began the weekend before and indicated that it involved the company's SecurID tokens which allow Lockheed's 126,000 employees "... to access Lockheed's internal network from outside its firewall."

As a result of the attack, Lockheed reset all of its employees' passwords.

Thought Wall Stickers:
• "You have no idea how many people are freaked out right now [about the SecurID breach] ... TASC is no longer treating the RSA device as if it were as secure as it was beforehand."

• As one military official in the WSJ article stated it: "If you shut down our power grid, maybe we will put a missile down one of your smokestacks."

A while back, I visited the new Cyber-war exhibit at the Spy Museum in DC. It was about just this sort of thing, and the consequences of remotely destroying electrical generators using code. The outcome is very scary. Glad to see folks waking up and smelling the coffee.

The hackers have done us a favor, this time. ~Kevin

Computer Store Caught Spyware Bugging Computer They Sold

A computer rental store has been caught spying on customers through their webcams, court papers reveal.
 

Rental chain Aaron’s installed secret software on laptops that let it track the keystrokes, screenshots and even webcam images of clients as they used their computers at home, it is claimed.
 

Under surveillance: Rental chain Aaron's is alleged to have installed secret spying software on laptops that let it take photos of customers at home

A Wyoming couple are suing the rental giant, which has 1,679 stores, for breach of privacy after they discovered covert images taken of them using their rented laptop.

Court papers allege that Aaron’s told police that they install the software on all their rental computers.
 

Brian and Crystal Byrd learned that snooping software had been installed on their laptop when an Aaron’s store manager came to their home and wrongly accused them of not paying for the computer.

The manager tried to repossess the laptop and showed them a picture of Mr Byrd using the computer, which had been taken by the machine’s webcam. (more)

Samsung - Installed Keylogger on their Laptop Computers! (UPDATE)

[UPDATE: Samsung has launched an investigation into the matter and is working with Mich Kabay and Mohamed Hassan in the investigation. Samsung engineers are collaborating with the computer security expert, Mohamed Hassan, MSIA, CISSP, CISA, with faculty at the Norwich University Center for Advanced Computing and Digital Forensics, and with the antivirus vendor whose product identified a possible keylogger (or which may have issued a false positive). The company and the University will post news as fast as possible on Network World. A Samsung executive is personally delivering a randomly selected laptop purchased at a retail store to the Norwich scientists. Prof. Kabay praises Samsung for its immediate, positive and collaborative response to this situation.]

By M. E. Kabay and Mohamed Hassan Mohamed Hassan, Network World...

The supervisor who spoke with me was not sure how this software ended up in the new laptop thus put me on hold. He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used."

In other words, Samsung wanted to gather usage data without obtaining consent from laptop owners.

...This is a déjà vu security incident with far reaching potential consequences. In the words of the of former FTC chairman Deborah Platt Majoras, "Installations of secret software that create security risks are intrusive and unlawful." (FTC, 2007).

Samsung's conduct may be illegal; even if it is eventually ruled legal by the courts, the issue has legal, ethical, and privacy implications for both the businesses and individuals who may purchase and use Samsung laptops. Samsung could also be liable should the vast amount of information collected through StarLogger fall into the wrong hands.

We contacted three public relations officers for Samsung for comment about this issue and gave them a week to send us their comments. No one from the company replied. (more)

High School Hacking Nets Great Grades... for a while

CA - Omar Khan worked the school like it was a movie, installing spyware, stealing passwords and breaking into administrator offices.

A former Tesoro High School senior was convicted Monday of breaking into his high school on multiple occasions to steal advanced placement (AP) tests from classrooms, alter test scores and change official college transcript grades.

Omar Shahid Khan, 21, of Coto de Caza, pleaded guilty to two felony counts of commercial burglary and one felony count each of altering public records, stealing or removing public records, and attempting to steal or remove public records. He is expected to be sentenced Aug. 26 to 30 days in jail, three years of probation, 500 hours of community service and more than $14,900 in restitution. 

A subsequent search by the Orange County Sheriff’s Department revealed that Khan had installed spyware devices on the computers of several teachers and school administrators throughout his senior year, according to the D.A. The devices were used to obtain passwords to access teacher computers in classrooms and school administrative offices. (more)

Library PC Bugging Scam

In-line Keyboard Cable Logger

UK - Police are investigating the discovery of snooping devices attached to public computers in two Cheshire libraries. Staff found the keyloggers, USB devices which record keyboard activity, in the back of two PCs at Wilmslow Library and one at Handforth Library. (more)

Tip: Don't use public computers, but if you must, don't type in any confidential information, but if you must, don't use public computers. 

In-line USB Keystroke Logger

A physical search may turn up a keystroke logger, but cannot be relied upon to declare a computer is clean. Keystroke loggers are also sold embedded inside keyboards and as spyware (software), some of which instantly transmits the keystrokes to a remote location. 

Two types of physical hardware loggers are shown. ~Kevin

Business Espionage - This Zeus is no Cretan

The Zeus banking Trojan could be a useful tool in corporate espionage...

Zeus typically steals online banking credentials and then uses that information to move money out of internet accounts. In the past year, however, Gary Warner, director of research in computer forensics with the University of Alabama, who has been closely monitoring the various criminal groups that use Zeus, has seen some hackers also try to figure out what companies their victims work for...

"They want to know where you work," he said. "Your computer may be worth exploring more deeply because it may provide a gateway to the organisation."

That's worrying because Zeus could be a very powerful tool for stealing corporate secrets. It lets the criminals remotely control their victims' computers, scanning files and logging passwords and keystrokes. With Zeus, hackers can even tunnel through their victim's computer to break into corporate systems. (more)

Spybuster Tip #582 - Keystroke Logger Killer

KeyScrambler Personal is a free plug-in for your Web browser that protects everything you type from keyloggers. It defeats keyloggers by encrypting your keystrokes at the keyboard driver level, deep within the operating system. When the encrypted keystrokes reach your browser, KeyScrambler then decrypts them so you see exactly the keys you've typed. Keyloggers can only record the encrypted keys, which are completely indecipherable. (more)