Security Director Alert: GPS Jammers - The Next Big Threat?

click to enlarge

click to enlarge

Security Directors: Give some thought to how GPS is used in your company. Create a plan for when it dies. ~Kevin

Important...

Signals from GPS satellites now help you to call your mother, power your home, and even land your plane – but a cheap plastic box can jam it all... (more) (How GPS works.)

GPS jammers...

One manufacturer claims production of 50,000 units per year. Cheap. (ebay)

FutureWatch...

Although the GPS disruption threat is not new, we are reaching critical mass - product-wise and incentive-wise. The next terrorist, activist, protester, prankster threat - salt an area (like an airport) with hundreds of these. It will take a while to find them all. Have a security plan ready. Idea: Install a GPS frequency monitor alarm in mission critical areas. (advice from Los Alamos National Laboratory) (more)

The Ray Gun is Back...

...and you're going to need more than a tin foil hat this time.

The ray gun has become more than a boyhood fantasy. The Army is quietly working to develop technology with the potential to arm tomorrow's armored combat vehicles with the capability to destroy electronic systems with high-intensity bursts of RF energy. (video)

FutureWatch - Be sure to watch the video. This development is way more important than it first appears. ~Kevin

"It all happened after the new Donutland opened."

A random inspection of the electronic surveillance system of the Mumbai police on Wednesday, found that the Global Positioning System (GPS) in as many as 30 vehicles were malfunctioning, or not functioning at all. The faux pas came to the notice of the newly appointed police commissioner Arup Patnaik, who was inspecting the police control room to oversee the working condition as well functioning of the men and the machines deployed therein.

“I was told technical faults in the equipment led to malfunctioning of the GPS system,” Patnaik said. (more)

In other news...

CT - Police in Cheshire said a car crashed into the front of a Dunkin' Donuts on West Main Street on Thursday afternoon. There was no word if anyone was injured in the crash. No other information was available. (more)  Imagine that!

Chemical Company is Catalyst for Activists Lawsuit

LA - The U.S. division of South Africa’s Sasol chemical plant is facing a lawsuit for industrial espionage and sabotage, filed by environmental activists Greenpeace.

The case, which also involves the Dow Chemical Co. and two public relations firms, was filed in Federal Court in Washington, DC.

Greenpeace claims the two companies hired private investigators to steal its documents, tap its phones, and hack into its computers. Central to the complaint is a community's battle against the pollution of Lake Charles, in Louisiana, near the Sasol plant. (more)

Hoist by a Voicemail Petard

Employees at a CBS affiliate in Anchorage left an accidental voicemail for an aide to GOP Senate candidate Joe Miller in which they discussed and laughed about the possibility of reporting on the appearance of sex offenders at a Miller rally. And they chatted about responding with a Twitter alert to “any sort of chaos whatsoever” including the candidate being “punched.”
 

Jerry Bever, general manager for KTVA, said in a statement that a call to Miller spokesman Randy DeSoto to discuss the candidate’s planned appearance on a newscast wasn’t disconnected after the conversation ended. The call took place during a KTVA staff meeting to plan coverage of that evening’s Miller rally in downtown Anchorage. (more)

Legal Phone Taps Vulnerable to DOS Attacks

Researchers at the University of Pennsylvania say they've discovered a way to circumvent the networking technology used by law enforcement to tap phone lines in the U.S.

The flaws they've found "represent a serious threat to the accuracy and completeness of wiretap records used for both criminal investigation and as evidence in trial," the researchers say in their paper, set to be presented Thursday at a computer security conference in Chicago.

Following up on earlier work on evading analog wiretap devices called loop extenders, the Penn researchers took a deep look at the newer technical standards used to enable wiretapping on telecommunication switches. They found that while these newer devices probably don't suffer from many of the bugs they'd found in the loop extender world, they do introduce new flaws. In fact, wiretaps could probably be rendered useless if the connection between the switches and law enforcement are overwhelmed with useless data, something known as a denial of service (DOS) attack. (more)

Mission Impossible Data Destruction for Computers

from the press release...

UK - From 1st August, Stone http://www.stonegroup.co.uk/, the UK's largest privately-owned computer hardware manufacturer, will only provide its public sector customers with PCs and laptops that include the famous "Mission: Impossible" option to self-destruct the data on the system prior to disposal...  These products will include - at no extra cost - a pre-configured executable programme which will allow the customer to perform a data erasure process in-house, without the presence of an engineer or the need to remove hardware to an off-site facility.

James Bird, CEO at Stone, explains, "It sounds like that great opening sequence in Mission: Impossible when the data self-destructs after 30 seconds! It is, of course, very carefully controlled and managed and there isn't the excitement of flames and smoke, just a simple electronic signal! But with the penalty for data protection breaches now reaching up to 500,000 pounds for organisations which do not properly manage the deletion of their records... (more)

"Who's your DB daddy? Say it. Say IT."

TX - A former IT senior database administrator at a Houston electricity provider was sentenced Tuesday to one year in prison for hacking into his former employer's computer network, the US Department of Justice said...

On April 30, 2008, after he was fired, Steven Jinwoo Kim, 40, of Houston, used his home computer to connect to Gexa's computer network and to a database containing information on about 150,000 Gexa customers, the DOJ said. Kim damaged the computer network and the database in the process, the DOJ said. 

Kim also copied and saved to his home computer a database file containing personal information on the Gexa customers, including their names, billing addresses, Social Security numbers, dates of birth and drivers license numbers. Kim's actions caused a $100,000 loss to Gexa, the DOJ said. (more)

NSFW OSS FUBARs

The OSS Simple Sabotage Field Manual from 1944

 "The purpose of this paper is to characterize simple sabotage, to outline its possible effects, and to present suggestions for inciting and executing it."

Sample Tips

"Fuel lines to gasoline and oil engines frequently pass over the exhaust pipe. When the machine is at rest, you can stab a small hole in the fuel line and plug the hole with wax. As the engine runs and the exhaust tube becomes hot, the wax will be melted; fuel will drip onto the exhaust and a blaze will start."

"Jam paper, bits of wood, hairpins, and anything else that will fit, into the locks of all unguarded entrances to public buildings."

And, every teen's favorite... "'Misunderstand' orders. Ask endless questions or engage in long correspondence about such orders. Quibble over them when you can." (more)

Security Director Alert - Fake Tweets

Twitter users have caused an uproar by impersonating celebrities on the popular micro-blogging service. Businesses, too, are targets of fake Twitter profiles -- sometimes from competitors.

Exxon Mobil Corp. has found at least two unauthorized Twitter accounts under variations of its name. Twitter -- a networking service where users create profiles and send out short messages, or "tweets" to their followers -- terminated one of the profiles last summer. An Exxon spokesman says the oil company is considering what to do about the second profile, which it discovered several weeks ago.

In a defensive move, AMR Corp.'s American Airlines in April "registered every possible Twitter name that could be associated with us," a spokesman says. The move came after airline employees last summer found a rogue profile in the name AmericanAir, which was shut down four weeks later.

At Elevation Burger, a seven-outlet chain owned by Elevation Franchise Ventures LLC, a vendor in March found an unauthorized Twitter profile with tweets promoting rival Z Burger. Hans Hess, Elevation's founder and chief executive, complained to Z Burger and Twitter, which later suspended the profile after a letter from Mr. Hess's lawyer.

Amusement-park operator Cedar Fair LP, of Sandusky, Ohio, received an email from a marketing consultant who had created a Twitter profile in the name of its Cedar Point amusement park. The consultant, David Goebel, president of Goebel Group Inc., offered to relinquish control of the account in exchange for season passes to the Cedar Fair park and suggested that the company hire his firm to oversee its Twitter account. (more)

Recommendation: Get to know Twitter. Monitor it for malicious content about your company, the same way you monitor the Web and chat groups.

You do monitor, don't you?

Ok, I'll give you this tip for free...
Plug yourself into Addictomatic.com. It's free too.

Spies Under Every Watt?

The electric-utility industry is planning a pilot initiative to see whether Chinese spies have infiltrated computer networks running the power grid, according to people familiar with the effort.

Officials of the North American Electric Reliability Corp., an industry regulatory group, are negotiating with a defense contractor for the job of searching for breaches by cyberspies, according to people familiar with the plans...

The Wall Street Journal reported in April that Russian and Chinese spies had penetrated the U.S. electric grid. (more)

Hackers seek payment after break-in on state health care site

Hackers are demanding $10 million to release some eight million patient records claimed to be in their control following the compromise of Virginia's Prescription Monitoring Program (VPMP) website.

Whistleblower site Wikileaks published a copy of the ransom note left by the hackers on the website, which is used by pharmacists to follow incidents of drug abuse. The note said the intruders possessed 8.3 million patient records and 35.6 million prescriptions.

Also, the thieves said they created an encrypted backup of the data and deleted the original files.

"For $10 million, I will gladly send along the password," the note said... The VPMP website remains inaccessible. (more)

When they catch this dude, and they will, I'll give him/her a Keyboard Cat play off. ~ Kevin

Computer Spies Breach U.S. Electricity Grid

Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.

The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls.

The intruders haven't sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war. (more)

Eggs in One Basket - A Cautionary Tale

New Zealand - A promising engineering student who deliberately deleted crucial information from his employer's computer backup systems cost the company hundreds of thousands of dollars in lost business and data recovery.

Gareth Pert, 23, nearly crippled Hamilton business Progressive Hydraulics while acting out of "pure vindictiveness", said company director Rodney Sharp...

Pert was arrested last month at Auckland International Airport upon his return from Afghanistan where he had been working since the sabotage was reported.

"His motivation was that he believed he was worth more than he was getting paid. Instead of talking to us, he started adding on five hours on his time card, so we pulled him up on it," Sharp says. "I was probably the first person to sit him down and put him in his place... I said, `You've cribbed your time cards.' He said, `I'm worth it'. I said, `I don't care how good you are, it's just dishonest'." Pert then wiped the backups and never returned to work.

There is evidence he also copied some of the commercially sensitive data but he told police he couldn't remember what he did with it. (more)
Try saying "Afghanistan banana stand" to him.

Quality Inn-verse Peephole

Colorado couple finds peephole reversed in Fla. hotel...
A trip to Florida was supposed to be filled with rest and relaxation. But it was more infuriating for a Highlands Ranch couple. Aaron and Amy Cali found a peephole in their room had been reversed. So people on the outside could look inside their room.

The couple ended a Caribbean cruise on Valentine's night at a Quality Inn in Hollywood, Fla. The next morning, Amy got a disturbing surprise. "I noticed a light coming from the hotel door about 3 feet up. I realized it was a peephole. I tried looking out of it and didn't see anything," says Amy. So, she went outside and looked in.

"You could see the entire hotel room, the bed, bathroom. You could see the entire room. Everything," she said. "We don't know if photos were taken. We don't know if videos were taken. We don't know who was looking, how many were looking." (more, with video)

Thoughts...
Hotel door peepholes are mandated by law. This door had two; one at regular height, and lower one three feet from the ground (ADA compliant for people in wheelchairs). The door opened onto an outside shared walkway – not a very safe area to sit and peep.

More likely, a mini wireless spycam was temporarily affixed to the door, with the receiver in another hotel room, or parked car. There, viewing / recording could be accomplished safely.

Additional police work we would like see...
• Check all other doors for reversed peepholes.
• If more than one is reversed, consider this a for-profit, organized crime.
• Match the rooms against customer records. Look for a pattern. The same person might have rented each room once, just to reverse the peepholes.
• Look for 'regular' customers. Are their rooms usually near the the 'reversed' rooms?
• Look for connections between the night managers / staff with any suspicious names found.
• Background check night managers / staff.
• Take a peephole photo. Try to match it with Internet voyeur site photos / movies. If a match is found, many more leads will open up.
• Check other hotels in the area for similar problems.

Hotels in the Hollywood, Florida area cater to young couples visiting on vacation, school breaks and cruise ships. The area is a rich target for pornography manufacturers. It is unlikely this is an isolated incident.

Still think this is an isolated incident?

University of Georgia
...every dorm room is equipped with a peephole in order to provide extra security and precaution for every student.

Yet, the extra security measure has been turned into a practical joke as a peculiar trend circulates through the residence halls - reversing peepholes so their principle function is to peer in on people, rather than allowing residents to peek out.

"I'm not quite sure who started it, but someone said, 'Hey, look in here,' so I did and I saw the people inside," said Ileana Figueroa, a freshman from Augusta residing in Lipscomb Hall in an interview last week.

"The peepholes are pretty easy to unscrew - all you have to do is have the door open," Figueroa said. "Everyone in our hall is pretty close so anything like this is just a joke."

Sam White and his roommate Peri Finch, who both reside in Lipscomb Hall, are victims of the peephole tampering trend... (more)

P.S. "Kramer and Newman did it in a Seinfeld episode so they could check to make sure no one was in their apartments waiting to jump them." ~Tim

Sneaky USB Flash Drives

Sneaking spyware in to plant on your computers?
Sneaking company secrets out from their computers?
Recording your private meetings?
Whatever the goal, drive-by spy devices are becoming harder to catch; especially USB drives.

Here is a quick update so you will know it when you see it.

from the seller's website...
Surveillance style pen containing a micro sized video camcorder with 4 GB of memory. Get the mission completed with this awesome secret agent DV pen, often called a "spy pen" in the trade.

Sitting in your shirt pocket, standing in the pen cup or lying on the desk, no-one will ever notice as you secretly capture their every move. The built in flash stores the video until it is ready to be downloaded to a computer via USB, and with 4GB's of memory you can record hours of surveillance or interviews in between trips back to the office. (more with video)

All metal cross shaped necklace containing an 8 GB USB flash drive.

These days a USB flash drive is as necessary as your house keys. Whether you are taking large work files back and forth from the office or are sharing pictures and music with friends, nothing beats the convenience of a USB thumb drive. Well, why not make sure yours fits the person you are? This is a elegant all-metal cross that has a built in 8GB's of memory so you should have space to keep in its heart. (more)

All metal heart shaped necklace containing an 8 GB USB flash drive.

These days a USB flash drive is as necessary as your house keys. Whether you are taking large work files back and forth from the office or are sharing pictures and music with friends, nothing beats the convenience of a USB storage drive. Well, why not make sure the one you get fits the person who is going to carry it? This is an elegant all-metal and jeweled heart necklace that has a built in 8GB's of memory so you or your loved one will have enough space to keep those treasured memories close at heart. (more)

Realistic looking watermelon containing 8GB of USB flash memory. If you want more than to just plug your old fashioned USB stock in, this novelty USB memory stick that is right up your alley. Just remove the tip to reveal the USB connection, and watch people gape at your one of a kind computer accessory. (more)

FutureWatch Update - Stolen Cell Phone Alarm

Reportedly, coming soon.
Now in Beta - Available upon request.
From the inventor's web site...
Maverick Secure Mobile (MSM) is a security application.
Secure mobile helps you protect your data, track your stolen device, retrieve your phonebook & disable the stolen device remotely. The application works in hidden mode and cannot be viewed in the device...

1. Protects Your Data In case of theft/loss, the moment SIM change is detected, Secure mobile will encrypt all the data on the device like the phonebook, images, messages etc.

2. Track Device In case of loss/theft the application will send the phone number, device id, country code, operator name and area code(location) to the reporting device through sms. Secure Mobile will also report about activities performed on the stolen device via SMS; like Outgoing Calls made, etc.

3. Retrieve Phonebook The most important data on any device are the contacts. Using MSM one can retrieve phonebook from the stolen device.

4. Spy Call Spy call will switch on the loudspeaker & mic of the stolen device remotely, so that the caller can actually listen to the conversation other person is engaged in. This call will not give any notification/ ring to the stolen device.

5. Raise an alarm and disable the phone To disable stolen device remotely, send sms = hang from the Reporting device to the stolen device, and it will raise an alarm and start playing a loud Siren. MSM will also display a customized message.

6. Data Back-up Secure Mobile has a distinctive feature of incremental Data Back up. Using this feature one can back up all the data from the device to secure remote server using GPRS. So now all your data is very much secured and you can retrieve it without any hassle. All the above mentioned features can be used even if the SIM is not changed,
a. In case the device is lost by sending SMS “Activate” from the reporting device.
b. For Parental control of child’s mobile device by sending SMS “Track” from reporting device (more) (videos)

Terry and the Pirates (update)

CA - With costs related to a rogue network administrator's hijacking of the city's network now estimated at $1 million, city officials say they are searching for a mysterious networking device hidden somewhere on the network.

The device, referred to as a "terminal server" in court documents, appears to be a router that was installed to provide remote access to the city's Fiber WAN network, which connects municipal computer and telecommunication systems throughout the city. City officials haven't been able to log in to the device, however, because they do not have the username and password. In fact, the city's Department of Telecommunications and Information Services (DTIS) isn't even certain where the device is located, court filings state.

The router was discovered on Aug. 28. When investigators attempted to log in to the device, they were greeted with what appears to be a router login prompt and a warning message saying "This system is the personal property of Terry S. Childs," according to a screenshot of the prompt filed by the prosecution. (more) (history)

Survey - IT Savvy Employees Likely to Steal Company Data Before They Leave

Most IT staff would steal sensitive company information, including CEO's passwords and customer details, if they were laid off, according to a new survey from Cyber-Ark.

• 88 percent of IT administrators admitted they would take corporate secrets, if they were suddenly made redundant. The target information included CEO passwords, customer database, research and development plans, financial reports, M&A plans and the company's list of privileged passwords.

• ...a third would take the privilege password list to gain access to valuable documents such as financial reports, accounts, salaries and other privileged information.

• 35 percent admitted to sending highly confidential information via email or couriers.

• ...one third of IT staff admitted to snooping around the network, looking at highly confidential information, such as salary details and people's personal emails.

• A quarter of companies surveyed admitted to suffering from internal sabotage and/or cases of IT security fraud.

• One third of companies believe that industrial espionage and data leakage is rife, with data being leaked out of their companies and going to their competitors or criminals, usually via high gigabyte mobile devices such as USB sticks, iPods, Blackberry's and laptops or even sent over email. (more)

Rogue Lid Shuts Grid

Rogue laptops aren't the only rogues out there...
A disgruntled city computer engineer has virtually commandeered San Francisco's new multimillion-dollar computer network, altering it to deny access to top administrators even as he sits in jail on $5 million bail, authorities said Monday.

Terry Childs, a 43-year-old computer network administrator who lives in Pittsburg, has been charged with four counts of computer tampering and is scheduled to be arraigned today.

Prosecutors say Childs, who works in the Department of Technology at a base salary of just over $126,000, tampered with the city's new FiberWAN (Wide Area Network), where records such as officials' e-mails, city payroll files, confidential law enforcement documents and jail inmates' bookings are stored.

Childs created a password that granted him exclusive access to the system, authorities said. He initially gave pass codes to police, but they didn't work. When pressed, Childs refused to divulge the real code even when threatened with arrest, they said. He was taken into custody Sunday. (more)

So, how do you protect yourself against insider hijacking?
One way to start...
• Don't give the keys to the kingdom to only one person.
• "Checks and Balance" "Checks and Balance" "Checks..."
• Establish an admin / root password emergency reset plan.
• Bell your cat(5). Get notified when it hits the fan: Tripwire
• Keep my number handy. Rogues are know for their bug and wiretap tricks, too.