Wednesday, April 8, 2009

"I'm a Seoul man..."

Listenin' to ya on every mode
Good buggin' I got a truck load
I'm a Seoul man...


S. Korea - The National Intelligence Service (NIS) is engaging in more wiretapping than before. Wiretaps are five times more than what they were eight years ago, and of all government wiretaps, those by the NIS accounted for 98.5 percent. Cases like these cause members of the public to suspect the NIS is abusing its power. This suspicion is leading to a growth of opposition to a bill to revise the Communications Secrecy Protection Act Tong Bi Beop, proposed by the administration of President Lee Myung-bak and his ruling Grand National Party (GNP), which would make it possible to intercept mobile phone and internet communications. (
more)

I park my truck up on a side street
I learned how to bug ya before I could eat
I'm a Seoul man...
In this cartoon, a citizen protest the wiretapping,
however, a member of the National Intelligence Service agency says,
“Don‘t you be curious about this kind of matter.
"


Well grab a phone and I'll pull you in
Steth-o-scope and tie up all the loose ends
Yeah, yeah, yeah, yeah

I'm a Seoul man
You're a Seoul man
I'm a Seoul man
I'm a Seoul man
I'm a Seoul man
I'm a Seoul man

Tuesday, April 7, 2009

Cell Phone - Dead Giveaway

WA - A man who fatally shot his five children and killed himself had just discovered his wife was leaving him for another man, authorities said...

The night before, the father and his eldest daughter went in search of his wife, Angela Harrison. The daughter used a GPS feature in her mother's cell phone to find her with another man at a convenience store in nearby Auburn, said Ed Troyer, spokesman for the Pierce County Sheriff. (more)

Security Director takeaways...
Aside from the eavesdropping and text spyware vulnerabilities, GPS can also be a security issue (for bad or good). Get to know the capabilities of the corporate cell phones you are specifying for your executives.
• Do not give them more features than they really need.
• Make them aware of features which could be used against them. (Google Latitude, for example.)
• Caution them about opening email attachments or temporarily loosing physical control of their phones. Both are opportunities to plant spyware.
• Swap out phones with factory fresh phones on a regular basis for high-value executives. It is cheap insurance against spyware attacks.
• Remember our warning back in December? (this one) Although the news report mentions a cell phone GPS I suspect it is more likely someone slipped a GPS tracker, like Zoombak, into her car. Check your executive vehicles periodically for items like these.

Kyrgyz Base Klaimz

"This station can eavesdrop the whole world -- every fax, every e-mailed letter. Every call from a mobile or landline phone is being recorded and processed. Billions of messages are being intercepted."

Who said it?

A. немного цыпленок (Russian to English)
B. 小的鸡 (
Chinese to English)
C. The official web site. (
more)
D. Russian state television who accused the United States of spying on China and Russia after secretly turning its only remaining air base in Central Asia into a state-of-the-art surveillance center. (
more)

"How to Hack & Spy Through Anyone's Webcam"

Well, not exactly a 'how to' but a funny reality check nonetheless. Beware of Geeks bearing thumbdrive gifts! ~ Kevin (more)

Thus driving intelligence agencies, nuts.

Skype has become the world's single largest provider of international calls, surpassing even incumbent telcos like AT&T. (more)
Skype's strong encryption has been providing the illusion of "untappable" communications to many groups security agencies would like to monitor. (more)

Spooks Speak... once a year

...advance notice for next year...
According to organizers, a former Central Intelligence Agency officer, an FBI special agent, an investigator for the Naval Criminal Investigative Service, a British historian, and a former Member of British Parliament will be the headliners this year for the sixth annual International Spy Conference... "This year it's about the role of lady spies who were responsible for many of the most daring intelligent operations of the modern era - while others played a notorious role working against the US," added Reeves. "And the role of sex in real-life spy adventures has been center stage though the ages." (you just missed it)... The Raleigh Spy Conference has been a unique convention that is known across the world for bringing espionage experts and former spies together in one place. (more)

The role of sex in real-life spy adventures...

"Appearing at next year's Raleigh Spy Conference..."
Germany - A German spy has been arrested for treason after allegedly giving away important secrets to his Kosovar translator
with whom sources say he was having an affair.

The 42-year-old man, named only as Anton Robert K., was working in the Balkans when he developed an ‘intimate’ relationship with translator Murat A., 28, according to a report in Der Spiegel magazine.

He was arrested last Tuesday near Stuttgart, the magazine said, after returning from Pristina, where until 2008 he had been working undercover in a German government office. (more)

Friday, April 3, 2009

Well, ain't that a kick in the (thunk) Ow, my toe!!!

This just proves... if you can dream it, it can be. Remember, Flubber?
A unique goo-like substance
, which upon strong impact immediately locks itself into a solidified form and then back into goo, was created by a British company. The material, which was dubbed “d3o,” is already being used in a range of shock-absorbing products, including footwear and ski attire. The company has recently been granted 100,000 pound by the UK Ministry of Defense for the development of impact-proof helmets fitted with d3o which should be able to reduce the kinetic energy of a bullet or piece of shrapnel by half.


The material was engineered using something called “intelligent molecules.” "When moved slowly, the molecules will slip past each other, but in a high-energy impact they will snag and lock together, becoming solid. In doing so they absorb energy,” explained Richard Palmer, the inventor of the substance who created the company d3o (which now sells the goo like substance with the same name). Once the pressure is relieved, the material restores itself to its original flexible state. (more) (video - 21st Century Black Adder hits Baldrick with shovel) (Weekend project with your kids. Make your own Flubber!)

"Mickey Big Ears" Snoops On The Polizei

Free, with Mickey Maus, Issue 12 - A police band radio! Hold on...
Issue 12 of the German Mickey Maus magazine came bundled with a Chinese-made novelty radio. The problem: said radio was reportedly able to tune into the normally secure police-band channels.

The German police were first alerted to this rather odd eavesdropping through concerned parents, who were wondering why Mickey was calling an Alle Punktnachricht (All Points Bulletin).

A copy of the white mini-radio, about the size of two matchbooks, was picked up by several of Hamburg's finest so that they could conduct further tests on the radio's limits. (more)

I will be in Hamburg on assignment in 3 weeks and will look into this further. Need anything inspected in the EU? Call me now. ~ Kevin

Spy School

OH - Sinclair Community College begins offering classes designed to help students land jobs as intelligence analysts, either with the government or defense contractors.

The courses for the spring quarter are titled Introduction to Intelligence Community and Fundamentals of Remote Sensing in Intelligence. Each has already attracted 29 students in advance registration, said Surinder Jain, Sinclair's interim associate dean for science, mathematics and engineering. Students seeking to take the courses must be U.S. citizens, Jain said.

Jain said he is encouraged by the student interest and hopes to have additional, related course offerings in place this fall.

It is the latest Miami Valley college to offer such courses in partnership with the Advanced Technical Intelligence Center for Human Capital Development. The Beavercreek school is leading the region's effort to train a new generation of intelligence analysts to help U.S. authorities keep an eye on what the nation's enemies are doing. (more)

Eavesdropper-Stopper Copper Fired - Hits Jackpot

MI - For the second time in two years, a former Iosco County sheriff's deputy has sued his department and landed a six-figure settlement.

Anthony Eno receives $215,000 in the most recent agreement, reached last month. The sum is to be paid by Iosco's insurance carrier, county officials say.

Eno sued the Iosco sheriff department in 2008 after then-Sheriff Michael Fischer fired him for ''substantial charges of misconduct,'' the department said at the time.

Eno denied any misconduct, alleging instead that his dismissal was an act of retaliation for his role as ''whistle blower'' in a previous case. In that 2006 case, Eno helped investigators prosecute a former undersheriff for eavesdropping. (more)

Airbusted

Germany - Aircraft maker Airbus has admitted to spying on its staff in an attempt to uncover potential corruption. It is the second high-profile case this year of a company admitting to snooping on its workers in Germany.

Airbus ordered checks on all staff working in Germany from 2005 to 2007, the company acknowledged. The checks were to see if workers' bank account numbers matched those of suppliers. No wrongdoing was found.

The head of Germany's national rail operator Deutsche Bahn resigned this week after the company also admitted to spying on thousands of its employees. (more)

World Leader 'unaware' of alleged Chinese spying

Australia - Prime Minister Kevin Rudd says he has not been told that Chinese spies tried to infiltrate his email and listen to his phone calls when he visited Beijing for last year's Olympics.

The Australian newspaper is reporting Chinese spies have repeatedly tried to tap into the Prime Minister's email and mobile phone communications, Government and business IT networks and foreign embassies in Canberra.

The newspaper reports that China directly targeted Mr Rudd last August, saying he and his staff were under constant cyber attack from Chinese authorities trying to access laptop computers and mobile phone calls. (more with full audio report)

What's wrong with this story?
A. Mr. Rudd had been properly briefed, but diplomatically downplayed the incident.
B. Mr. Rudd needs a more open channel with his intelligence staff.
C. Like many leaders (public and private sector), naive arrogance blinds caution.

In case there is any doubt that spying is very real, look at some of my first-hand experiences, here and here. ~ Kevin

Wednesday, April 1, 2009

Security Director Budget Booster - CCTV TLC

via Fred D. Miller - CPP, CHS L-III, SRG Security Resources Group...
"It’s amazing how many times we are asked for specifications to replace an older camera system when just a little TLC is needed to dramatically improve its performance.

We’re not talking about trying to revive a totally dead horse or the complete upgrade of an old system to perform like new, which can be as costly as total replacement. But rather spending a modest amount to coax a couple more useful years out of a legacy if not ailing system. With today’s economy that kind of economics makes good sense to us
.

So, here are a few tweaks that may help to resurrect a dying system which you may be able to do in-house. I would note though, that PM [preventive maintenance] should be conducted at regular intervals even on brand new equipment.

• Make a list of all equipment, where it is located and what it views. Note its apparent operating condition or problem. For example; camera #1, main lobby door, washed out view.

• Physically inspect every camera, component and connector, particularly if co- axial cable is used, as even slightly corroded connections will result in poor video. If in doubt at all, replace the connection with new.

• Thoroughly clean camera housings – particularly if they were located in an area where they were apt to accumulate dirt, dust, smoke film etc.,

• Clean camera lenses with lens cleaner [not a window cleaning product which may remove or damage the lens coating] If it is a varifocal lenses [auto iris etc] readjust as necessary. “Exercise” the lens motor or mechanism to assure it works freely,

• Check the placement of the camera so that it is not washed out by lighting, sunlight, or glare from nearby glass [curtain] walls,

• Make sure cameras view what you intended them to view and readjust their mounts if need be.

• If VCRs are being used, purchase good quality head cleaning tapes. Use them initially and then on a scheduled basis. If you are using a DVR, dust and heat are among the more common enemies of this equipment, so good ventilation [cooling] and housekeeping are important.

Whether you are using VCRs or DVRs refer to their respective operating manuals before attempting any PM maintenance on your own . . . it's delicate equipment."

Fred Miller is a well-known independent security consultant. His firm, SRG Security Resources Group, is located in Lafayette Hill, PA.

For more tips like this one, sign up for his newsletter.
Need help fast... call him right now. 1-610-834-0884
His services include:

– Risk Assessments
– Site Security Evaluations
– Security Master Planning
– Security Procedures
– Contingency and Emergency Plan Review
– Supply Chain Security
– Computer Security
– Security Awareness Training for Employees
– System Design
– RFP and Bid Documents
– C-TPAT Guidelines and Cargo Security

Big Business Espionage - Espionage Business Big

via the REI newsletter...
So how big is the problem and who’s at risk? Tim Barker of the Orlando Sentinel in his article “Are you safe from corporate spies” summed it up this way, “There is an easy way to figure out if you might be a target: If you sell anything worth buying, you’ve got something worth stealing.”

A recent article by Kevin Greenberg at Forbes.com tells of a study by Purdue’s Krannert School of Management where CIOs were surveyed about the loss of intellectual properties in 2008. The value of lost information is staggering. Of the 119 respondent CIOs, the value of stolen information last year was $559 million or $4.6 million per company. (more)