Tuesday, October 27, 2009

LA DA Bugged

Los Angeles - ROBERT H. PHILIBOSIAN, as one of his first acts as district attorney, had a “bug”—the electronic sort—removed from the DA’s executive office.

Philibosian says that when he walked through the executive office after he was appointed at the end of 1982, he asked Clayton Anderson, chief of the Bureau of Investigation: “Is this office bugged?”

He recites that Anderson responded: “Yes it is,” and pointed to an electrical outlet.

The former district attorney says he told Anderson: “I want it out of here now.” (more)

Quote of the Day - The Off-Site Meeting

"And, if you're into taxes...the American Institute of Certified Public Accountants kicks off its National Tax Conference at the J.W. Marriott in Washington. Hanging around the hotel and eavesdropping between now and Friday, when the conference closes, could save you thousands of dollars." ~ Marc Ambinder, The Atlantic (more)

This is an off-handed, humorous comment.
It is also deadly accurate.


I handle counterespionage strategy for my client's off-site meetings. Hotels and conference centers are the worst. It is not at all unusual to catch the competition (and unidentified others) hanging around, eavesdropping, crashing meetings and banquets, picking up unsecured papers and engaging meeting participants – one indiscretion can blackmail a loyal employee into becoming a million dollar problem.

The technical possibilities for eavesdropping are considerable as well. Bugs are easy to plant. Most meeting presenters use wireless microphones.

Competitors reserve a cosy hotel room above the meeting rooms. They arm themselves with a sensitive radio receiver and a directional antenna. Crashing a meeting is a no-brainer.


You can see how a 2-3 person team from the competition could clean up with very little investment. One might almost call them negligent if they weren't there.

Having an off-site meeting?
Get a counterespionage strategy.
Avoid leaking your corporate blood.

Sunday, October 25, 2009

One More Good Reason to Lock USB Ports

The new Devil Drive elevates the office prank to a new level of sophistication and maddening effectiveness. It looks like a regular USB thumb drive, but it's actually a devious device of electronic harassment. Its use should be strictly limited to deserving subjects only.

The Devil Drive has three functions:
(1) it causes annoying random curser movements on the screen,
(2) it types out random phrases and garbage text, and
(3) it toggles the Caps Lock.

It allows you to select any combination of these frustrating functions, or all of them. It also allows you to set the time interval between events (ranges from 5 seconds to 15 minutes; the longer intervals are recommended for the most maddening effects).

Note: the Caps Lock toggle function does not work on Macs. To deploy the Devil Drive, just discreetly insert it into any unused USB port on the victim's computer (no drivers are needed).


The Devil Drive never hits the "Enter" key and it never clicks the mouse button, but still you should not use it on anyone's computer who is doing critical work where any disruption could cause serious consequences; like any prank, exercise prudence and judgment before deploying. (more)

Friday, October 23, 2009

FY 2008 - Annual Report to Congress on Foreign Economic Collection and Industrial Espionage

The threat to the United States from foreign economic intelligence collection and industrial espionage has continued unabated since the publication of the Annual Report to Congress on Foreign Economic Collection and Industrial Espionage, 2007. Economic espionage cases went up slightly and nearly every day brought reports—in the press and in the classified world—of new cyber attacks against US Government and business entities.

Additionally, the increasing use of new modes of communication and social networking has provided uncharted opportunities for transferring information and espionage for enterprising foreign intelligence services.

"Collection methods included everything from eliciting information during seemingly innocuous conversations to eavesdropping on private telephone conversations to downloading information from laptops or other digital storage devices."

Annual Report to Congress on Foreign Economic Collection and Industrial Espionage, FY 2008

(click here for pdf version)

Galleon Case Prompts Firms To Plug Leaks

via The Wall Street Journal...
Companies are moving to plug leaks and contain the damage from sweeping insider-trading allegations disclosed last week.(
more)

Galleon Group received confidential information in 1998 about Intel Corp. chip shipments from a woman who has emerged as a key government witness against the hedge fund and its founder Raj Rajaratnam, according to a document filed by the Justice Department.

The woman, Roomy Khan, was employed at the time by Intel and sent a fax containing "proprietary, non-public and highly confidential" information from the company to Galleon's headquarters in New York City, the two-page charging document indicates. She did so at the request of an unnamed representative of Galleon, the Justice Department alleged. (more)

Need an information protection strategy?
(click here)

Winner: Can Film Festival - Surveillance Category

Thursday, October 22, 2009

Make Magazine Spy Gadget Contest

Coming soon! Contest starts on November 17th, 2009

MAKE is teaming up with the Penguin Group to present The Alex Rider Dream Gadget Contest!

All of you adventure-seekers and gadget lovers out there are invited to join in. If you were Alex Rider, what gadget would you want in the upcoming adventure "Crocodile Tears"?

Design your dream Alex Rider gadget, inspired by an everyday object (i.e. an iPod, toothpaste, a pen).

The winning gadget will be built right here at the MAKE Labs. Send us a schematic of what your gadget is made from and how it works. (Your schematic can be a diagram, a drawing or an explanation by you).

Remember that the winning gadget will be inspired by an everyday object that one could realistically build (as much as we wish we could create a pair of scissors that could fly us to the moon)!
(more)

FYI... (via boingboing.net)
"In case you're unaware, Alex Rider is a young spy whose exploits are chronicled in a popular series of teen spy/adventure books. Alex uses all sorts of crazy high tech contraptions, made from things in his school backpack, to get out of sticky situations."


Let me know your ideas. Just for fun, I will post them here with your initials and country or state. To play for the prize, visit Make Magazine.

Tuesday, October 20, 2009

Wall Street gets Wiretaps

NY - US prosecutors who used wiretaps to make their insider trading case against billionaire Raj Rajaratnam, founder of hedge fund firm Galleon Group, said they would use similar tactics to fight future Wall Street crimes.

The US attorney for Manhattan, Preet Bharara, said on Friday the justice department would employ the same kind of electronic surveillance traditionally reserved for organized crime, drug syndicates and terrorism prosecutions.

Bharara, whose office has jurisdiction over the headquarters of some of the world’s biggest financial firms, said investigators relied on wiretaps to build a case against Rajaratnam and former directors at a Bear Stearns hedge fund.

He said it was the first time wiretaps had been used to target insider trading. (more)

"Sometimes, I just don't want them to know it's me calling."

NY - Blond society babe Ali Wise -- the fired publicity director for Dolce & Gabbana -- was slapped with four felonies yesterday for allegedly making a compulsive, vindictive leap from flacking to hacking.

The ferocious fashionista embarked on a strange, high-tech vendetta against the girlfriends of her old boyfriends, according to a criminal complaint filed against her in Manhattan Criminal Court.


Wise allegedly used widely available "SpoofCard" software more than 1,000 times.
With it, she broke into the voice-mail systems of four people -- at least two of whom had dated her high-powered ex-boyfriends -- nearly 700 times, prosecutors said.


The Barbie-esque publicist would then eavesdrop on their messages, even deleting those that did not meet with her favor, prosecutors said. (
more)

Rocket Scientist Stung in Spy Caper

Stewart Nozette, 52, developed an experiment that fueled the discovery of water on the south pole of the moon, and held a special security clearance at the United States Department of Energy on atomic materials.

He has been charged with “attempted espionage for knowingly and willfully attempting to communicate, deliver and transmit classified information relating to the national defence of the US to an individual that Nozette believed to be an Israeli intelligence officer,” the US Department of Justice said.

But the person Mr Nozette believed to be an Israeli intelligence officer was in fact an undercover FBI agent in a sting operation, the department said...

During a meeting in a bugged Washington hotel room, Mr Nozette is alleged to have said he wanted to receive cash amounts “under $10,000” to keep him from reporting it to the authorities. (more)

Business Espionage - Lee & Ge Plea

CA - The word espionage conjures up images of James Bond or Alger Hiss, not usually techies in Silicon Valley. But as the San Jose Mercury News reports, two engineers are about to face economic espionage charges in San Jose for allegedly stealing superfast computer chip plans. It’s only the second such trial of its kind in the nation. “For Silicon Valley, where companies have worried for years about their prized secrets being leaked to China and other countries, such a trial is a window into the complexities of protecting product information in a place with ties to every corner of the global economy,” reports the Mercury News. (more)

Moral: Don't count on the law to protect you. Have a good counterespionage strategy in place.

Friday, October 16, 2009

"Record your life" meme gaining altitude

Yet another "record your life" tool...
uCorder by iRes

Spy cameras have been with us for over 100 years; mostly used offensively to spy, sometimes used to inoffensively document life without intrusion-disruption.

Times are changing. Today, everyone has a chance at instant global immortality. YouTube and Flickr are our memory mausoleums; CNN's iReport, our chance to be part of the world. The price of admission to this ego-lottery... microelectronics.

Microelectronic spycam offerings have dramatically picked up pace during the past 12 months.

Take a stroll in the Security Scrapbook memory mausoleum. You will be amazed at what you see ...and what can see you. (
more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more) (more)

Thursday, October 15, 2009

"Say it with flowers, say it with mink, but...

...never, never say it with ink."
New documents shed light on a widely disseminated comment by Bank of America Corp. director Charles Gifford, who wrote in a January email that a U.S.-required dividend cut meant "unfortunately it's screw the shareholders." (more) (more)

Effective Counterespionage Strategy Rule #1:
Develop a culture which practices being
discreet.

"Does his brother sell 'anti-bugging' devices?"

South Korean embassies and other diplomatic missions abroad are vulnerable to electronic eavesdropping due to the shortage of preventive devices, according to the foreign ministry.

In a recent report to Rep. Rhee Beum-kwan for the ongoing parliamentary audit of government agencies, the ministry said only 34 of the country's 167 diplomatic offices across the world are equipped with devices for blocking electronic eavesdropping...

An anti-bugging device costs about 8 million won (US$6,600), and only one billion won would be needed to install them in the remaining 133 diplomatic missions, he pointed out. (
more)

If there was an effective "anti-bugging device," it would sell for a whole lot more than $6,600.

There is a common misconception (even in government circles) that bugging is accomplished by only one technology - radio frequency transmission. "Install our handy-dandy 'anti-bugging receiver system' and you will be bug-free, 24/7/365... forever!" Even Fortune 1000 companies have almost fallen for this mental band-aid.

A while back, the South African government found one of these "anti-bugging devices" and thought it was a bug! (more) Interestingly,
that system was from Korea.

Moral: Avoid gadgets. Get a Strategy.

Wireless Network Signals Produce See-Through Walls

Researchers at the University of Utah have found a way to see through walls to detect movement inside a building.

The surveillance technique is called variance-based radio tomographic imaging and works by visualizing variations in radio waves as they travel to nodes in a wireless network. A person moving inside a building will cause the waves to vary in that location, the researchers found, allowing an observer to map their position...

Of course there are privacy and security concerns associated with the technology. A burglar could use it to detect if anyone is home or to scout the location of security guards. (more)

This technology is a cousin to our Digital Surveillance Location Analysis™. We use it to detect and pinpoint the locations of rogue computers, unauthorized Wi-Fi hot spots and digital GSM wireless bugs. (
more)