Monday, February 8, 2010

Business Espionage - Samsung v. Hynix

The number of people facing charges related to the passing of process technology secrets from Samsung Electronics Co. Ltd. to Hynix Semiconductor Inc. has risen to 18 according to a Sapa-AP report. 

It was revealed last week that a number of employees at Applied Materials' Korean subsidiary are alleged to have stolen manufacturing process technology details for DRAM and NAND flash memory as well as investment plans for chip production, and passed them to a Hynix employee who has also been indicted. The information was passed to Hynix between March 2005 and December 2009 and has cost Samsung more than $100 million, earlier reports said. (more)

The Chips are Down

Deep inside millions of computers is a digital Fort Knox, a special chip with the locks to highly guarded secrets, including classified government reports and confidential business plans. Now a former U.S. Army computer-security specialist has devised a way to break those locks...

Tarnovsky figured out a way to break chips that carry a "Trusted Platform Module," or TPM, designation by essentially spying on them like a phone conversation. Such chips are billed as the industry's most secure and are estimated to be in as many as 100 million personal computers and servers, according to market research firm IDC. (more)

Saturday, February 6, 2010

Business Espionage - Bristol-Myers Squibb Co.

A former employee of Bristol-Myers Squibb Co. is being charged with stealing trade secrets from the pharmaceutical firm in an attempt to create a competing company in India, according to the federal government. 

U.S. Attorney Richard S. Hartunian and the Federal Bureau of Investigation said in a statement that Shalin Jhaveri, who worked at Bristol-Myers from November 2007 until Tuesday, stole numerous trade secrets from the company. If convicted, he faces up to 10 years in prison and a $250,000 fine. 

It's unclear what sort of information Jhaveri is alleged to have taken from the company. He worked as a technical operations associate at the company, according to a press release. (more) (FBI press release)

Friday, February 5, 2010

SpyCam Story #568 - Community Control?

OH - A Fostoria lawyer who had a pinhole camera in the restroom at his office was placed on community control for four years yesterday and ordered to pay a $5,000 fine. Sitting in Seneca County Common Pleas Court, visiting Judge Russell Wiseman of Crawford County also ordered Donald Guernsey, 57, to undergo a psychological evaluation and any ordered treatment. (more)

...thus adding insult to injury.

IL - An Elizabeth man is awaiting a court date in Jo Daviess County Circuit Court following charges of battery and eavesdropping.

According to court records, on Jan. 4, Brian D. Tessendorf, 33, knowing and intentionally caused bodily harm to his ex-girlfriend and mother of his child...

The day after the incident, Tessendorf allegedly used an eavesdropping device to record at least two different telephone conversations between him and the battery victim without her consent, a class 4 felony in Illinois that carries a maximum penalty of three years in prison and $25,000 for each count
. (more)

Business Espionage - Famous Last Words

NY - A former state lottery official is accused of eavesdropping on a confidential meeting in an apparent retaliation attempt after he was fired from his $148,000-a-year position.

John Charlson, 46, of Saratoga Springs, was the public information officer for the Division of Lottery from June 2007 until he was terminated Jan. 13, 2009, for failing to be a team player. Lottery executives say Charlson, who was responsible for media and public relations, supervised his staff poorly and made inconsistent statements.

A report released Tuesday by the state Inspector General’s office found that after being fired, Charlson accessed 16 Lottery e-mails and forwarded out-of-context information on video lottery terminals to state Racing and Wagering Board chairman John Sabini. He’s also accused of eavesdropping on lottery officials by using his former state code to dial into an executive meeting and conference call held nearly a week later.

Charlson reportedly told Lottery Director Gordon Medenica “you’re going to be sorry,” upon being fired. (more)

Thursday, February 4, 2010

Shocks from down under...

Darwin, Australia - An internal police investigation has been launched after a security camera was allegedly used to "zoom in on the rear of a lady" in Darwin's CBD. CCTV equipment at the Darwin police station has been disabled until software is installed to keep a record of the officer controlling the equipment at the time. (more)

NSW, Australia - Australia Post has been accused of secretly monitoring Sydney postal workers using computerised street-side red letter boxes in breach of NSW surveillance laws. But the postal service says it is entitled to spy on its staff because it is not subject to state laws. (more)

USB Memory Stick Failed Encryption - UPDATE

In our January story, USB Crypt Stick - design flaw, or... design back door discovered, several USB stick manufacturers were identified as having their encryption cracked. Subsequently, two clients asked me to research this. They wanted to know if the flawed encryption included all encrypted USB stick manufacturers.

So far, I have found one manufacturer who affirms their crypt-sticks remain secure.

from their press release...
"In response to the reports that certain hardware-encrypted USB flash drives have been hacked on Monday, Jan. 4, IronKey, maker of the world's most secure flash drive, today announced that its devices are not vulnerable to the serious architectural flaw that has compromised many 'secure' USB storage devices. IronKey customers remain safe." (more)

Wednesday, February 3, 2010

Imagine getting this far without a roadmap!?!?

"Networks are like roads," Michael Markulec explains. "And we provide the road map."

Markulec's company, Lumeta, is about to start drawing maps that will reveal every intersection, cul-de-sac and IP address in the U.S. military's vast and sprawling NIPRNet (Non-classified Internet Protocol Router Network). The "non-classified but sensitive" network is used around the world by several million U.S. personnel and about 10 million devices, Markulec said.

IPSonar, will find and identify all devices on the NIPRNet and tell network operators how they are interconnected, Markulec said. "Without that knowledge, you can't manage the network. And if you can't manage it, you can't secure it."

Mapping isn't IPSonar's only talent. The software, which is costing the Defense Department more than $10 million, also searches for leaks. (more)

By the way, do you know what electro-leaches have latched on to your LANs, your Wi-Fi networks? Help is out there.

Tuesday, February 2, 2010

Business Espionage - The Cost of Spying II

News Corp. agreed to pay $500 million to settle an ongoing, four year, lawsuit initiated by Valassis charging anti-competitive practices. Insert printer Valassis sued News Corp.'s News America Marketing unit in three separate cases, alleging price fixing and other predatory practices. Last year a jury in Michigan awarded Valassis $300 million in that case...

Last year, News America Marketing was accused by Floorgraphics Inc. Hamilton, NJ, of corporate spying. Floorgraphics, a producer of graphics placed on retails stores' floors, accused News America of illegally accessing its computer system and obtaining proprietary information, and disseminating false, misleading and malicious information about the company to its clients. The case was settled, and then days later News Corp. purchased Floorgraphics for an undisclosed sum. (more)

Monday, February 1, 2010

Business Espionage - The Cost of Spying

Italy - Telecom Italia and former parent Pirelli on Monday said they agreed to settle a criminal probe into a suspected spy ring that used phone data records, freeing the companies from lengthy court proceedings.

Italian newspaper Corriere della Sera said Pirelli and phone giant Telecom Italia agreed to pay 7.5 million euros ($10.43 million dollars) in the plea bargain deal filed on Saturday. (more)

Snitch Culture Rule Switch

MD - A Maryland delegate is proposing changes to state wiretap law after he was inspired by two filmmakers who claimed to be a pimp and prostitute seeking tax advice while surreptitiously taping ACORN staffers in Baltimore.

Delegate Richard Sossi, an Eastern Shore Republican, wants to provide immunity for people who intercept a wire, oral or electronic communication that provides evidence of the commission of a felony.

Right now in Maryland, it is illegal to record private conversations unless both parties consent to the taping. (more)

This is one way to deter James O'Keefe from showing up at your political headquarters with a team of fake telephone technicians with hidden cameras.

Pssst... (BARTNICKI v. VOPPER (99-1687) 200 F.3d 109) already accomplished this in a 2001 Supreme Court ruling. 
 "Privacy of communication is an important interest. However, in this suit, privacy concerns give way when balanced against the interest in publishing matters of public importance. One of the costs associated with participation in public affairs is an attendant loss of privacy."  
See Extortionography.

Drew Peterson Tapes?

IL - A teen who was a neighbor of the late third wife of former Bolingbrook, Ill., police Sgt. Drew Peterson testified Monday that Kathleen Savio was terrified of her husband and felt that the police department was not doing enough to help her...

Nick Pontarelli, 19, testified during the pre-trial hearing in Joliet, Ill., that Savio, found dead at home in 2004, feared Peterson was bugging her telephone calls and showed him tapes that she believed were recordings of her calls, the Breaking News Center reported.

They're Bolder in Boulder

CO - A 37-year-old man has been accused of stalking his ex-girlfriend by repeatedly sneaking into her residence over a period of months, installing voice recorders in the home, spyware on her computer and sending her threatening e-mails.

Sarah Huntley, spokeswoman for the Boulder Police Department, identified the suspect as Christopher Spiewak of Boulder.

Huntley said Spiewak is being held for investigation of domestic-violence related to stalking, second-degree burglary, computer crimes and repeated harassment. (more)

Sunday, January 31, 2010

Business Espionage - Government Bugs Taps & Hacks

UK - The security service MI5 has accused China of bugging and burgling UK business executives and setting up “honeytraps” in a bid to blackmail them into betraying sensitive commercial secrets...

The warning to British businessmen adds: “Hotel rooms in major Chinese cities, such as Beijing and Shanghai, which are frequented by foreigners, are likely to be bugged ... hotel rooms have been searched while the occupants are out of the room.”  

It warns that British executives are being targeted in China and in other countries. “During conferences or visits to Chinese companies you may be given gifts such as USB devices or cameras. There have been cases where these ‘gifts’ have contained Trojan devices and other types of malware.” (more)

The Bigger Picture - Many countries engage in business espionage. Bug and wiretap attacks happen more in the business's country than in the spying country – that's where the strategic conversations are held. If your organization does not have a coherent counterespionage strategy yet, consult with a specialist before your pockets are picked, and your executives fall victim to blackmail. Good start... Regularly scheduled inspections of your offices for electronic surveillance devices an espionage vulnerabilities.