CSI your USB

"We're going to show you how to mimic Microsoft's offering (Computer Online Forensic Evidence Extractor) using open-source software to unlock Windows accounts, investigate suspicious activity, see any file on a Windows disk and even peruse files that others believe have been permanently deleted." (more) 

Quick Take...

• Grab an old USB stick. (2GB or more)

• Read the directions. (here)

• Load BackTrack 4 onto your stick. (BackTrack 4 download)

(ta-daaaa!) 

• Now pretend you are William Petersen

Employee Spies on Boss (Oh, both are cops.)

The Botswana Police Service has suspended a senior police officer barely four months after he returned to work following his suspension arising from charges that he was allegedly involved in irregularities relating to tender procedures for the purchase of high-tech equipment to eavesdrop on cell phone and electronic mail conversations. This time around the officer was suspended for allegedly hacking his boss’s computer, thereby accessing privileged information. (more)

"Just one of my old CDs, officer."

There's a potential new form of steganography -- the sending of messages in ways that leave no hint the messages even exists -- that could lead to corporate data loss via CDs. (more)

Report... Espionage Goes Commercial

via securityinfowatch.com...

"Today, I've been perusing a new report from the Defense Security Service (DSS), and if you've been thinking espionage ended with the Cold War and exists today only in James Bond movies, think again! This report looks at how espionage -- either through human contact or through technology infiltrations -- is targeting U.S. Defense Department contractors, especially in regards to new technology related to UAVs (unmanned aerial vehicles)...

So, the point is that the espionage is being pushed out into the commercial arena, rather than from traditional government spies. But how involved are the governments, really? Are they facilitating commercial contact for espionage purposes? It's a question that we'll likely never have answered, and if they are doing that, it gives them plausible deniability."

(more) (download the report) 

"Juz following up on complaint, newzboy."

Russia - Moscow's Tverskoi District Court has authorized the seizure of documents and computers from the New Times magazine after it published a story on police corruption...

The New Times said it had received a court notice about the impending confiscation and would appeal... The independent magazine also said it has complained to the Federal Security Service that an eavesdropping device had been found in the car of its editor-in-chief, Yevgenia Albats. (more)

How Do They Do It - Net Tapping

"Our latest products are the industry's only intelligent network surveillance probes for 1Gbps and 10Gbps networks. 

Designed for use in distributed surveillance environments under the control of separate mediation systems, they are ideal for monitoring large and complex networks and offer advanced features such as target discovery based on Webmail/Email address, chat/IM id, VoIP calling information, and IP address/subnet.

DeepProbe has the capability to fully inspect every network packet, so the controlling mediation systems don’t need to rely on CMTSs, switches, routers or other probes for filtering and intercept." (more)

“This is one of the most unusual cases I have ever encountered”, said Suzanne Stringer, of the Crown Prosecution Service.

UK - Man frames co-worker’s husband as collector of child pornography... (his goal) was to break up the marriage of the co-worker with whom he was infatuated. The police finally managed to trace the real culprit after it emerged that the Finnish man had previously appeared unannounced at his co-worker’s home when her husband was at work...

Furthermore, the police uncovered photographs taken inside the victim’s home in Karttunen’s possession. From his workplace, a tractor factory, the investigators also found a bugging device containing recordings of the victim’s family life. (more)

"Most enterprises do not actually know whether their data security programs work or not..."

The business of trading in corporate secrets is bigger and more lucrative than ever, a Forrester study commissioned by Microsoft, RSA and EMC has found, with tech companies in particular targeted for theft.

Most people associate espionage with war and politics. In the tech-centric 21st century, the trading of secrets for cash is where the game is at and most enterprises are overly focused on compliance and not enough on protecting their secrets.

The study concluded that most enterprises do not actually know whether their data security programs work or not. (more) (The Forrester study)

Of course they don't know... Corporate secrets are vulnerable long before they are distilled into to computerized data. Risk mitigation begins with a counterespionage strategy that takes into account pre-data information security. 

Please, get a good counterespionage strategist on-board. IT security alone is too little, too late.

"Oyez! Oyez! Oyez!" not to mention "Uh-oh!"

Alfred Wong, a former Secret Service official who reportedly oversaw the installation of the taping system at the Nixon White House, and whose job at one point was to prevent the White House from being bugged, died last week of mesothelioma, a form of cancer, the Washington Post reported. He was 91.

Wong, of Potomac, Md., spent 24 years in the Secret Service before retiring in 1975 as deputy assistant director in charge of White House security, the Post reported.

Wong told USA Today in 1994, because his job was to prevent bugs from being installed in the White House, he was reluctant to install the tape recording system ordered by Nixon, the Post reported.

“My first response was that we shouldn’t do it, but then it was that we have to do it,” Wong told USA Today. “They wanted it done surreptitiously.”

Of course, the rest is history. (more) (more)

Spybusters InfoBonus...

Report on the US Secret Service and the White House taping system during the Nixon Administration - Secret Service Participation in Tapings (click here)

Update - Feed the Children Bugging Case

Oklahoma’s attorney general has opened a formal investigation of Feed The Children because of allegations of misuse of funds, an assistant attorney general disclosed Friday.

The investigation will involve scrutiny of the charity board of directors and its former president, Larry Jones, who was fired in November.

The charity has accused Jones of taking bribes, hiding porn magazines at the charity and "bugging” executives’ offices. The charity also alleges he misspent charity funds, pocketed travel money, kept gifts from appearances, secretly gave himself a raise and misused a charity employee as a nanny.

Jones denies wrongdoing... (more)

Even more interesting... Jones asked for the AG to get involved!

Bingo Bill Fallout

AL - ...lawmaker says his secretary won't talk on the phone for fear it's bugged. (more)

Turkish Tappy - Update

This is an amazing story. A private large-scale illegal wiretapping ring - busted. The ring included cell phone company employees, businessmen, a sports writer, a sports figure, former policemen and others! 

Although unusual, it is not unheard of... remember Rupert Murdocks' newsboys' caper last year?

Turkey - Teams from the Istanbul Police Department Organized Crimes Unit decided to take action after receiving over 100 complaints of illegal tapping. After conducting a detailed investigation for over two years, police forces initiated a simultaneous operation in four different districts yesterday morning at 07:00. Two high-level administrators and a staff member of a Global Systems for Mobile Communications Company as well as five well-known businessmen, a sports writer, former national footballer Ridvan Dilmen and six former police officers were amongst the total 26 detained...

According to the allegations, the businessmen detained were claimed to have used the assistance of a telephone tapping organization to listen to other businessmen, and used prior records of messages and conversations to their advantage as extortion. Allegations also surfaced against Ridvan Dilmen that he listened in to former footballer Tanju Çolak due to claims he was interfering in his relationship with his girlfriend. Supposedly, reports of over 100 different telephone calls were found in his e-mail address. Meanwhile, the five businessmen were detained yesterday in connection to allegations they used an illegal tapping organization to track their girlfriends. 

The telephone tapping organization is claimed to have worked in conjunction with a security company which offers private detective services.

The illegal organization is claimed to have worked with the GSM company administrators that were detained and were able to keep tabs on their victims, by listening in on their phone conversations, sharing their messaging information and by obtaining information from the base station were able to track their locations and times of calls. Supposedly the organization had specific rates for famous figures they conducted this service for, such as 3-5 thousand dollars for one to three months of tracking and 5-15 thousand dollars for three to six months of tracking. (more)

A tip worth repeating... High profile individuals and prominent executives - Hire a reputable specialist to check for bugs, taps and spycams on a regularly scheduled basis. Be sure to investigate your specialist's background and credentials. You really don't want to hire an organized crime "front company" to conduct your sweep.

Wanted: Speech Therapist. Near Cairo.

Members of an Egyptian family have been using paper and pencils for communications for 11 years after the head of the family found a listening device in their apartment, local media reported on Monday.

The bug was apparently installed by Muhammad’s first wife.

The man moved to a new apartment after that but the bugs moved with him and the family decided to use notes for communication when at home.

Muhammad’s six-year-old daughter had to learn to write early.

After eleven years, they got sick and tired of writing letters to each other and turned for help to specialists only when Muhammad’s ex-wife died.

The family was shocked when they learned that the bug was fake and never worked. (more)

Don't mention the 'explosive' diarrhea you picked up on your trip.

If you are boarding a plane within the European Union you may want to watch what you are saying, as under a new security programme someone is likely to be listening in...

 

The EU is funding a new security program which will be monitoring "suspicious" behaviour on airplanes in Europe. 

The project, designed to combat terrorism, uses a combination of cameras, microphones, explosives detectors and a sophisticated computer system which would give a pilot early warning of any danger. 

Brussels is funding research at Reading University at the moment and the project could be rolled out within the next few years. But the work has alarmed civil liberties campaigners who fear the growth of the big brother state. (more)

EU Investigates Mystery Buggings

European Union officials have launched an investigation after bugging devices were found at offices used by several delegations - including those of France, Germany and the UK.

Extra security measures have been adopted ahead of a meeting of EU leaders in Brussels on Thursday and Friday.

Spanish, Italian and Austrian offices had also been bugged, officials said...

EU spokesman Dominique-Georges Marro said it was "impossible at this stage" to determine who had planted the devices. (more)