SpyCam Story #634 - The Busted Busman

NH - The former Provider bus driver charged with sexually assaulting two boys riding his school bus allegedly filmed those assaults with hidden cameras, according to recently unsealed court documents.

The documents, an affidavit and inventory regarding a Sept. 28 search at the home of John Allen Wright, 45, of Milton, allege Wright used a number of cameras hidden in pens and a pair of sunglasses to film encounters, both sexual and not, on his bus... a pair of spy-camera sunglasses and directions on how to use them were found in Wright's living room, along with a number of pens containing hidden cameras. (more)

SpyCam Story #633 - "A big troop cheer for the FBI!"

MI - Scott Allan Herrick, 40, of Twin Lakes, Michigan, was sentenced to serve 95 years in prison, U.S. Attorney Donald A. Davis announced today. Herrick surreptitiously videotaped boys as they were dressing in the boys’ locker room in the YMCA in Muskegon and kept a massive collection of 100,000 images of child pornography with him at the Gerber Boy Scout Camp in Twin Lakes, Michigan. He was convicted at trial of three counts of attempting to produce child pornography. On the first day of trial, Herrick pleaded guilty to two counts of distributing child pornography and one count of possessing child pornography...

The Honorable Paul L. Maloney, Chief U.S. District Judge, presided over the trial and sentencing... sentencing Herrick to 1140 months (95 years) of incarceration...

Herrick was the camp director for Gerber Boy Scout Camp in Twin Lakes, Michigan. Herrick also worked as a pool safety instructor for third grade children at the YMCA in Muskegon, Michigan. Herrick was trading child pornography and was discovered during a series of undercover FBI operations. On July 1, 2010, FBI and Homeland Security Investigations-Immigration and Customs Enforcement (“HSI-ICE”) agents executed a search warrant on the Gerber Boy Scout Camp and discovered evidence of child pornography. Herrick was arrested on July 8, 2010, and has been held in custody since. (more)

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

Peter Shankman on Situational Awareness - A Cautionary Tale

How One Bit of Stupidity Could Have Brought Down a Multi-Million Dollar Media Company - An (abridged) true story, by Peter Shankman, who has a better grasp of business espionage than most executives.

Everyone is always concerned about digital espionage. “My account was hacked!” “I clicked on a bad link!” “Fifty million credit card numbers were stolen!” The fact is, however, that digital espionage is the least worrisome thing for the majority of companies. The chances of your company getting “hacked” and information being stolen is minimal, compared to getting in trouble due to the stupidity of your employees.

I was flying home this past weekend from Florida. I got into my seat and got settled. My seatmate sat down, an older gentleman in a suit and tie...

I happened to look over to my left, and this man was reading a huge binder. Had to be at least 100 pages, if not more. He was on the first few pages. I looked over, and in giant letters, it said “KEY INVESTMENT HIGHLIGHTS.” That caught my interest, as it would anyone. Within five words, I realized that he was reading an overview of a very large media company – In another thirty seconds, I’d put it together – This guy worked for a company that was hired to help this very large media company sell themselves. In other words, a company that produces both online and offline properties, that you probably read every week, was up for sale.

My seatmate couldn’t have been more clueless. He had his headphones on, enjoying his silence, while flipping pages in this binder, taking notes, not looking up, not aware of his surroundings in the slightest...

He spent an hour of the flight on several pages that were titled “Liabilities” – It was all proprietary information about problems the company was having, and how they planned to fix them. Unreal...

...the man sitting next to me was reading proprietary information, information that could be very, very damaging to this company if in the wrong hands, and he couldn’t have cared less about it. When I landed, I confirmed it. This was extremely private information.

I’ve often said that privacy doesn’t exist, that we all need to be smarter, that instead of working on new ways to gain more fans, perhaps we should take a day and work on situational awareness!

I decided to see how out of it he really was, and also prove a point. Check this out.


Heavily Redacted by Me

This is one of a handful of photos I took with both my iPad and my Droid. Just to see if I could, which obviously, I could.

The man next to me caught a break that day. I’m not a dick. I’m not going to name the company, nor the company he works for (which was on the bottom of every page of the report.) But I have a feeling I’m in the minority here.

Guys, we have to be smarter than this. We simply have to. We can’t afford not to. Here are four tips on how to be:

1) Assume you’re always being watched. Assume everything you do can be watched, and probably is. You have to assume this for everything, from your work life to your personal life. It means you’ll be seen doing anything stupid that could get you in trouble, from doing drugs with people you assume are friends, to meeting someone for insider information in a parking lot. It’s too easy to get caught nowadays.

2) Assume most people are much less nice than me. I knew immediately what I was looking at, and also that I’d never go public with the information... I’m not saying don’t be nice to people you meet – But don’t start sharing information with people until you truly trust them. In other words, enter every interaction with a healthy dose of cynicism. That’s not a bad thing. It’s a smart thing.

3) It’s always little things that will nail you. You have any idea how many times I’ve been in an airport or hotel lounge, when I’ve heard someone spouting off their credit card to the person they’re talking to? Or explaining, step by step, their entire itinerary, while their home address sits on their luggage?... We need to pull our heads out of our collective smart-phone asses and start realizing what the hell is going on around us!

4) As always, alcohol comes into play. Some of the most fun I’ve ever had in my life has come at events where I’ve stayed sober... I still say the best way to get drunk is with a trusted friend, in your own home. Anything else just asks for trouble.

I’d suggest that we make 2012 the year we become smarter – But I’ve been suggesting that for years. And it never seems to happen.

We need to be smarter. (unabridged version)

From our "You Can't Make This Stuff Up" files...

A Polish military prosecutor has shot himself in the head during a break in a press conference at which he was defending his office against allegations of illegal wiretapping. (more)

SpyCam Story #632 - Darwin Award to Video Voyeur

Australia - A man who secretly filmed his housemate showering is ashamed and embarrassed about what he did, a Northern Territory court has been told.

20 year old Jayden Trevitt, 20, cried in the Darwin Magistrates Court as he was given a two-month jail sentence, which was then suspended.

Trevitt had pleaded guilty to filming his housemate on his phone while she was showering. He secretly filmed her from outside a bathroom window on five separate occasions last year. (more)

SpyCam Story #630 - The Road to Woodinville

WA - The husband of a Juanita High School (girl's) volleyball coach has been charged with voyeurism in a case involving many of the coach's players.

Kirkland resident Steve C. Meeks, 23, is accused of videotaping five victims while in a restroom during a non-high school sanctioned team sleepover on Nov. 5, according to charging documents...

Meek's wife, who was a coach for the Juanita High School volleyball team and a former coach of the Kamiakin Junior High volleyball team, arranged for the Rebel volleyball players to have a sleepover at her father's Woodinville warehouse...

During the evening, a hidden video camera was spotted in the ceiling tile of the woman's bathroom by a 17-year-old high school student as she was using the toilet. (more)

Why mention these incidents?

To give show the depth of the problem. (Remember, these are only the failed attempts.)

To give you clues as to where people hide spycams, so you can protect your own privacy.

P.S. King County detectives later found there were actually more than one camera. "We found two hidden cameras – one hidden above the toilet and the other in the ceiling tiles," said Cindi West, a spokesperson for the King County Sheriff's Office, noting the cameras were not wireless and were part of a retail home security system. "There were wires running through the ceiling and it was connected to a DVR (digital video recorder) in another room … There is quite a bit of investigation involved with this case."

P.P.S. Not fur nottin', but... If the warehouse is owned by Ms. Meek's father, and the cameras were part of a hard-wired, overall security system, lawyers might want to check the old man's pockets for depth, and him for culpability. Just a thought. 

Hey, ever see The Road to Wellville? Some things never change, do they?

SpyCam Story #631 - Pfuhl Hides SpyCam at Work

NM - A businessman from Rio Rancho, in jail, accused of using a hidden camera to watch his workers go the bathroom. Richard Pfuhl owns Fine Line Home Inspection...

Back in November, two women who worked for him say they saw a camera behind a vent and called the cops. They say they also found recording equipment inside Pfuhl's bedroom and DVD's of women using the bathroom. (more)

Pocket 3G Spy Car (Yes, it rhymes with noodle.)

This just in...

Click to enlarge.

 from the seller... "See live video on your Mobile phone from anywhere in the world. No time limit no distance limit No internet or IP address needed. Just simply call your 3G camera and see live video of your home, office, car, or even your Nanny." (more)

Why do I mention it?

So you will know what you're up against.

Social Engineering Attacks on the Enterprise in 2012

Amit Klein, CTO for security company Trusteer has just published his predictions for cybercrime trends in 2012... The following is one of his observations for the year ahead:

• Personal information, disclosed on social networks, will be used in social engineering attacks against the enterprise. Fraudsters, all too aware of the valuable intelligence freely available on social networks, are starting to mine these data sources, capturing the personal details needed to successfully complete social engineering attacks. Trusteer predicts this will manifest itself over the coming year as an enterprise issue.

Example: The "mark" might receive an email from someone who claims to be an old high school classmate. The email has a link to an invitation to a class reunion, except that the link really goes to a website that surreptitiously drops a keystroke logger on the unsuspecting person's computer.

Criminals are finding it easier than ever to create a pretext using the unprecedented amount of personal information that people willingly publish about themselves on Facebook, LinkedIn and scores of other social sites...

In the case of attacks against enterprises, every employee is a viable target, from the people in the mailroom to the ones in the corner offices...

Security Tips...

• Train employees to recognize and avoid phishing and other social engineering attacks. Good educational products are available from PhishMe and Wombat Security Technologies.

• Restrict the use of company email addresses for business use only. Encourage employees to use a personal email account for everything that isn't related to company business.

• Implement strict security rules to filter out spam and phishing messages. Wombat has an anti-phishing tool called PhishPatrol that specifically catches phishing and spear-phishing emails. (more)

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

iSnitch, ilLumiaNaughty & RIMshot Cell Out

India - Apple, Nokia and Research In Motion (RIM) gave Indian intelligence agencies secret access to encrypted smartphone communications as the price of doing business in the country, according to what appear to be leaked Indian government documents.

The purported documents, if they are real, indicate that the smartphone giants gave India's Central Bureau of Investigation (CBI) and Indian military intelligence "backdoor" tools that would let the Indian agencies read encrypted emails sent to and from RIM's BlackBerrys, Apple's iPhones and Nokia smartphones...

A "decision was made earlier this year to sign an agreement with mobile manufacturers (MM) in exchange for the Indian market presence," the military intelligence document reads. (more)

More Video Voyeurism Laws Coming

FL - Last summer, Rep. Dana Young heard about the two Bulgarian women who found hidden cameras inside their west Hillsborough apartment.

The part that surprised her most: Video voyeurism is only a misdemeanor.

"You can destroy someone's life, their career, without their even knowing they've been put on video," said Young, a Tampa Republican.

Spurred by that case and others, Young is pushing legislation that would toughen the penalties in video voyeur cases. Currently, a first-time violation is a misdemeanor, punishable by a maximum one-year jail sentence and $1,000 fine. House Bill 215 would make it a third-degree felony, which increases the maximum punishments to a five-year sentence and $5,000 fine. (more)

The Spy Who Helped Us - RIP

 Gevork Vartanian, a Soviet intelligence officer who helped prevent a Nazi assassination plot on the leaders of the U.S., the U.K. and the Soviet Union, died yesterday at the age of 87, Russian state television Vesti 24 reported...

At the age of 19, Vartanian was among the officers responsible for blocking a plot by Adolf Hitler to assassinate Soviet leader Josef Stalin, U.S. President Franklin D. Roosevelt and British Prime Minister Winston Churchill at the Tehran Conference in 1943, Vesti reported on its website. (more)

SpyCam Story #629 - Holy Water Cam, Batman

UK - A church youth leader has admitted spying on a young man while he was in the shower during a visit to a faith camp.

Mark Pennell, 37, admitted filming the man when he attended the East of England Show with other members of the church in August. The court heard how the victim became suspicious of Pennell, a youth leader, after he repeatedly showered next to him... the victim noticed a glow coming from a mobile phone... in a gap between the floor and the cubicle. (more)

How to Handle a Web-site Hack Attack Gracefully

As you may have heard, Stratfor (a respected global intelligence web site) was the victim of an embarrassing hack attack last month. They are now getting back on their feet.

An e-mail I received from them this morning began, "We are happy to announce that our website is back online, and temporarily free for everyone. Visit Stratfor.com..." What followed was a sincere full disclosure and apology from their CEO, George Friedman via print and video.

Take some time today to make sure your web site is locked down. But, should you have a problem some day, this is the way to handle it...

SpyCam Story #628 - How to Push a Perv's Hot Button

An on-line review via The Nerd Gereration

"This is the coolest spy gadget I have ever used. This tiny keychain fob poses as an automatic door unlock/panic for a car. In actuality it is a tiny albeit powerful camera capable of snapping photographs at 640 x 480 resolution and recording video in AVI format. I figured the photos and video I got with this little device would be blurry and useless in real world spying practices.

I took the camera out on a couple secret missions and compiled a plethora of photographs and video files. When I arrived at my home base I plugged the device into my computer and downloaded the files from the 4 GB micro SD card (a small cable allows xfer without worrying about a card reader).

I was absolutely floored with the quality of images and video this camera took!  

I figured the video would not have any audio, but there it was! Crisp and clear! How is this possible? Technology my friends… and it’s awesome." (more)

Security Director Alert — Use of these inexpensive, yet high-quality devices in restrooms, employees showers and changing areas is now a serious workplace issue. The lawsuits are just beginning to roll out.

You are the deep pockets in this scenario, and just one spycam can spawn dozens of employee lawsuits.

FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

Solution — Your organization needs to show pro-active due diligence. Conduct periodic inspections of your facilities. Call us for further advice and pricing.