Friday, February 17, 2012

Hacked: How China is stealing America's business secrets

...condensed version via theweek.com...
What's going on?
American companies are the victim of an "onslaught of computer network intrusions that have originated in China," according to a report by the U.S. government's National Counterintelligence Executive (NCE).

How is the technology stolen?
In the case of cyber-attacks, Chinese hackers may leave malware inside the computer systems of American firms, where the nefarious programs can go undetected for years, slowly bleeding companies of information.

What impact does the theft have on U.S. companies?
It can be devastating. Some say China is stealing $400 billion worth of sensitive information a year. The NCE report cited the case of paint company Valspar, which lost $20 million, or one-eighth of its annual profit, after its proprietary information was stolen by a Chinese rival. 

Are there national security concerns?
Definitely... For nearly a decade, hackers had access to the computer network of telecommunications company Nortel Networks. If, as suspected, China was behind the breach, it likely gained valuable insight into the internet and telephone systems that government agencies, banks, and other businesses rely on.

What has the U.S. done about this?
Surprisingly little so far. (more)

When foreign countries knocked-off our products, and sucked up our jobs with cheap labor, we had our technology to fall back on. Once they have our technology, we'll be their cheap labor. American Business, please stop the espionage before it's too late. We can help you.

SpyCam Story #652 - Today in Video Voyeurism

Canada - The husband of a home daycare operator has admitted he produced and distributed thousands of pornographic images of children. Kim Moskalewski pleaded guilty Thursday to three pornography related charges and one count of voyeurism. Moskalewski told Quebec Superior Court he used his wife's daycare to produce thousands of pictures and videos of boys and girls in sexual positions. Moskalewski worked as a computer analyst at CN rail. Police seized at least five computers from his home and office last August. Crown prosecutor Carolyne Paquin says police have found 5,000 pornographic pictures so far and are still weeding through another 200,000 images. (more)

Florida -  A new bill just passed in the state Senate increases criminal charges related to 'video voyeurism.' In a 40-0 vote, Senators approved the bill after adding an amendment saying people under 19 cannot face felony charges. (more)

Philippines - Neil Mark Romero, who was charged with violation of Republic Act 9995 otherwise known as Anti-Photo and Video Voyeurism Act of 2009, denied the charges filed against him during his arraignment... Romero was accused of taking a video footage of Roliza Patenia, a category development executive of Nestle Philippines Inc. and a resident of Taguig City, inside a hotel's restroom. She claimed she was inside the first cubicle of the hotel's restroom at 11:20 a.m. of June 21 when she noticed that the rattan garbage bin was moving. Upon checking, she claimed she saw a cellular phone with its camera focused on her. (more)

Electronic Frontier Foundation Recommends Stopping Mass Spy Gear Sales to Authoritarian Regimes

Last week, EFF gave its recommendations to EU parliament on what steps to take to combat a growing and dangerous civil liberties concern: Western companies marketing and selling mass surveillance technology to authoritarian regimes. This technology has been linked to harassment, arrests, and even torture of journalists, human rights advocates, and democratic activists in many Middle East countries over the past year...

Privacy International recently released a mapping of companies and countries that have attended the notorious I.S.S. World trade shows, where this technology is bought and sold...

Example: Gamma International and its subsidiary FinFisher first made headlines after the fall of Hosni Mubarak in Egypt last year, when activists found the company’s records in an abandoned state security building, along with troves of surveillance files. The documents on Gamma and FinFisher showed how they provided Mubarak with a five-month trial of their sophisticated spying technology, most notably FinSpy, which can wiretap encrypted Skype phone calls and instant messages—a service once mistakenly trusted by activists for secure communications. (more)

Bugged Charlie Chaplin Put Through Intelligence Wringer

UK -  MI5 opened a file on Charlie Chaplin while he was being hounded by J Edgar Hoover's FBI for alleged communist sympathies.
 
The FBI, which described the star of Modern Times and The Great Dictator as one of "Hollywood's parlour Bolsheviks", asked MI5 for information to help get him banned from the US. The results, including information gathered through eavesdropping, are contained in an extensive personal MI5 file released on Friday at the National Archives. (more)

Adele, and Projectile Privacy

From a recent 60 Minutes Anderson Cooper interview with singer, Adele... 

Cooper: Have you ever thrown up?

Adele: Yeah. Oh yeah. Yeah. A few times.

Cooper: Really?

Adele: Yeah. Projectile. Yeah. 'Cause it just comes (makes noise) it just comes out. It does.

That kind of candid talk is typical Adele. She is naturally generous with the details of her life, but her success is changing that. Fed up with paparazzi staking out her home in London, she's just rented this very large, but very private home in the English countryside.

Adele: This here, this is just safety, this house. Come on Louie!

Anderson: That's why you're out here? Just because...for privacy?

Adele: Yeah.

She's learned about fame, the hard way. In the past, too many personal details of her life ended up in the tabloid press. So she set traps to catch the sources...

Adele: I plant stories and see who leaks them and then I get rid of 'em, yeah.

Cooper: Really? So you would tell them something that--

Adele: I'd tell, like, a group of people who I was suspicious of, I'd tell them a different story with different details in it, but all roughly the same story so I could keep my eye on it. And then when I knew it would come out, yeah, I knew who it was. (more)

When it comes to snoops, electronic eavesdropping and information leaks, Adele is on the right track; keep a low profile, tie the criminal to the crime by testing for leaks, then stomp on their toes (usually with a law suit). There is more to this privacy protection technique, of course. In fact, a whole chapter ("Test for Leaks") is devoted to a privacy protocol I developed for our corporate clients in, "Is My Cell Phone Bugged?" (chapter preview here)

SpyCam Story #652 - Power, Lawyer, Judged

Australia - Prosecutors have asked the Adelaide District Court to jail a former lawyer and judge's associate who indecently filmed teenagers.

Anthony Kurt Power, 28, was a lawyer in 2010 when he set up hidden cameras in his home bathroom, at his church at Golden Grove, where he was a youth leader, and at a church camp. He filmed young people without their knowledge. Police also found thousands of child pornography files on his computer. (more)

Thursday, February 16, 2012

Your Cell Can Tell Burglars When You Are Away... and More

Cellular networks leak the locations of cell phone users, allowing a third party to easily track the location of the cell phone user without the user's knowledge, according to new research by computer scientists in the University of Minnesota's College of Science and Engineering.

University of Minnesota computer science Ph.D. student Denis Foo Kune, working with associate professors Nick Hopper and Yongdae Kim, and undergraduate student John Koelndorfer, described their work in a recently released paper "Location Leaks on the GSM Air Interface" which was presented at the 19th Annual Network & Distributed System Security Symposium in San Diego, California...

"It has a low entry barrier," Foo Kune said. "Being attainable through open source projects running on commodity software."

Using an inexpensive phone and open source software, the researchers were able to track the location of cell phone users without their knowledge on the Global System for Mobile Communications (GSM) network, the predominant worldwide network. (more)

Wednesday, February 15, 2012

Special Agent T-Shirt Contest #1

Contest Closed - We have a winner.

According to a Life Magazine article from 1966, what piece of "eavesdropping equipment" could a person buy for five hundred dollars?
(Enter here.)
(Hint: the answer can be found on spybusters.com)

ANSWER: A martini olive bug.

Click to enlarge.
The prize - our Limited Edition Special Agent Black T-Shirt. (Size: Medium)

("How limited," I hear you say.)  
Well, there are only three in the whole world! (one medium, one large, one x-large) And, they will be awarded in that order. So if you're a big Special Agent, wait for the last contest.

We designed this custom t-shirt ourselves! It's easy, go to ooShirts.com. They have a DIY on-line design lab! All types of t's, all colors, all prices. These are the Champion brand with the logo on the left sleeve.

SpyCam Story #651 - "FL, pass that law quickly!"

FL - A Pensacola man is facing charges accused of taking photos of a woman in a public bathroom. Security video shows the suspect, Johnathan Smith going into the bathroom at Books-a-Million on Davis Highway.

A few minutes later the victim runs out, screaming for help.

Escambia deputies say, Smith took off running with witnesses in pursuit. Smith later told deputies that he knew what he did was wrong. (more)

---
 
FL - Two women who were spied on and videotaped by a former Gainesville police officer have sued the city, the officer and former Chief Norman Botsford, claiming that the city failed to maintain policies and procedures that could have prevented the voyeurism.

The two were among the victims for which officer Brett Robison was charged with seven counts of video voyeurism in 2010. He pleaded no contest last year to a charge of official misconduct in a plea agreement that dropped the seven charges. (more)

---

FL -  A man faces child pornography and double-digit video voyeurism charges after a female victim witnessed him filming her at a Publix grocery store, according to a police report.

Police first arrested the man, 41-year-old Charles Korst. Police say that Korst placed a camera in a hand held basked and used it to film the undergarments of a woman shopping at the Publix located on 1700 North Monroe Street.

Police obtained a search warrant for Korst's home, which was in walking distance from the store, based on the belief that the camera and digital media used in the crime were inside.

On the same day, police executed the warrant. During a search, they found an external hard drive hidden behind a dresser drawer.

After reviewing the files of the hard drive, police say they found evidence that Korst filmed under the skirts of multiple women at many different locations. Some of the locations appear to be Target, Wal-mart, Home Depot and Publix. (more)

SpyCam Story #650 - The Down Under Bus'ted

Australia - Detectives on Sydney’s north shore have arrested and charged a bus driver with voyeurism offences. 

It’s alleged the 48-year-old man installed an upward-facing camera in the floor of a State Transit Authority bus near the front ticket machine last Thursday (9 February 2012) filming unsuspecting passengers.

Police allegedly seized a number of computers and electronic storage devices containing thousands of indecent images of females – taken in public places, including onboard STA buses – dating back to 2009. The victims, which include many schoolchildren, are seemingly unaware they are being filmed. (more)

SpyCam Story #649 - Florida's SpyCam (almost) Law

FL - The Florida Senate has unanimously approved a bill that increases the charges related to the crime known as "video voyeurism."

Senators approved the bill (SB 436) on Tuesday by a 40-0 vote after adding an amendment clarifying that people under 19 can't be charged with a felony.

This bill increases video voyeurism offenses that are now first-degree misdemeanors to third-degree felonies. It also increases current third-degree felony video voyeurism offenses to second-degree felonies. And it makes clear that people have a "reasonable expectation of privacy" inside a home. (more)

Monday, February 13, 2012

CONTEST ALERT - Wednesday Noon (EST) - Next 3 Weeks

The famous Security Scrapbook contest back! 
Every Wednesday (noon EST) for the next three weeks we will post a spy question. The first correct answer received wins! 
Click to enlarge.

We post this alert to give everyone an equal chance, as readers of the e-mail version receive these posts the following next day.

The prize - our Limited Edition Special Agent Black T-Shirt. 

("How limited," I hear you say.)  
Well, there are only three in the whole world! (one medium, one large, one x-large) And, they will be awarded in that order. So if you're a big Special Agent, wait for the last contest.

Did you know you could design custom t-shirts yourself? It's easy. I made these myself at ooShirts.com. They have a DIY on-line design lab! All types of t's, all colors, all prices. These are the Champion brand with the logo on the left sleeve.

ooShirts also provides design help, if needed. They suggested I use brighter colors to have the logo stand out better. They were 100% correct, but I went with muted gray and red for a subtle look (Special Agents don't have to shout it.) The shirt shows the colors correctly. The enlargement is brightened to show the fine detail of the printing, just look at the dots! This was a test run for us. We're thrilled. 

As with all printing, the more you do the cheaper it gets, but even just doing three is affordable enough for special one-time occasions, like showing up with, "Will you marry me?" Happy Valentine's Day! ~Kevin

Deshredding Reveals Massive Cold War Identity Theft

The reconstructed contents of 500 trash bags offer new insights into the extent of spying activities by the East German secret police, or Stasi, in West Germany.

As the German regional public broadcaster RBB recently reported, the Stasi ran an extensive program of stealing identities of tens of thousands of West German citizens to enable their spies to operate freely in the West...

This massive fraud came to light when the agency of the Federal Commissioner for the Stasi records completed the reconstruction of about a million torn-up documents, or the contents of about 500 trash bags. The reconstruction was accomplished, for the most part, through meticulous work by hand. (more)

Spybusters Security Tip: Never use a stripcut shredder. Always crosscut, particle, or pulp shred your sensitive wastepaper. Computerized document reconstruction (de-shredding programs) are available.

Weekend Movie Review - Safe House

by Erin Biglow...
It probably isn’t much of a spoiler to mention that the titular location featured in Safe House, a CIA action thriller starring Denzel Washington and Ryan Reynolds as an unlikely mentor-protégé dynamic duo, turns out to be anything but secure.

Despite being designed as an off-the-grid shelter in which to discreetly perform harrowing interrogation techniques or hide a suspect, the “safe house” in Safe House ends up seeing enough blazing gunfire and breaches of national security to give rookie agent Matt Weston (Reynolds) reason to reassess his stalled climb up the company ladder. (...company ladder, get it? Very funny, Biglow.) (more)

Video: Multi-Billion Dollar Industrial Espionage Explained



Real Life Example: Titanium dioxide is a commonly used substance. It is in paint, but also shows up in sunscreen and food coloring. Hundreds of thousands of tons are shipped around the world every year.

Decades ago, DuPont developed secret processes to make high-quality titanium dioxide in a manner that is less toxic than the traditional production method. The process, which made it the most efficient maker in the world, is a closely held trade secret. Global sales of the product, which is dominated by DuPont, are $12 billion annually.

Titanium oxide makers in China use an older, more toxic, less efficient manufacturing process. But in 2010, Jinzhou Titanium Industry announced that it had achieved high-quality status production like DuPont. That claim may be tied to the apparent theft of DuPont trade secrets. (more)