via the BBC...
Most people have watched a spy film, but few have ever met someone from the intelligence community. So how close are real spies to the Bournes and the Bonds? Peter Taylor looks at the world of the modern day secret agent... (more)
What does a spy look like? There
is no exact answer, but a composite picture was developed by the
Business Espionage Controls and Countermeasures Association... (more)
Sunday, April 15, 2012
The Cybercrime Wave That Wasn’t
via The New York Times...
In less than 15 years, cybercrime has moved from obscurity to the spotlight of consumer, corporate and national security concerns. Popular accounts suggest that cybercrime is large, rapidly growing, profitable and highly evolved; annual loss estimates range from billions to nearly $1 trillion...
Yet in terms of economics, there’s something very wrong with this picture...
Yet in terms of economics, there’s something very wrong with this picture...
...in numeric surveys, errors are almost always upward: since the amounts
of estimated losses must be positive, there’s no limit on the upside,
but zero is a hard limit on the downside. As a consequence, respondent
errors — or outright lies — cannot be canceled out. Even worse, errors
get amplified when researchers scale between the survey group and the
overall population...
The cybercrime surveys we have examined exhibit exactly this pattern of
enormous, unverified outliers dominating the data. In some, 90 percent
of the estimate appears to come from the answers of one or two
individuals. In a 2006 survey of identity theft by the Federal Trade
Commission, two respondents gave answers that would have added $37
billion to the estimate, dwarfing that of all other respondents
combined...
Among dozens of surveys, from security vendors, industry analysts and
government agencies, we have not found one that appears free of this
upward bias. As a result, we have very little idea of the size of
cybercrime losses. (more)
Thus proving once again, fear-mongering is profitable.
• Keep a cool head.
• View the risk holistically.
Your valuable information was/is available elsewhere, before it is ever entered into a computer.
• Balance your security budgets appropriately.
Information risk management isn't solely an IT issue... no matter what the IT security vendors and other vested interests tell you. ~Kevin
Thursday, April 12, 2012
Teen Taps Top Cops
A teenager eavesdropped on highly-sensitive police counter-terror conversations after bypassing technology from the 1980s, hackers have claimed.
The leader of an anarchist group known as Team Poison said it was "easy" to drop "a 24-hour phone bomb" on elite security officers...
The leader of an anarchist group known as Team Poison said it was "easy" to drop "a 24-hour phone bomb" on elite security officers...
Is that, at, at, at you Bryce? |
In another recording officers appear to be discussing counter-terror operations while Team Poison listens in. The group - which uses the Twitter name @_TeaMp0isoN - claimed the calls were made to MI6 - but it is understood they were in fact picked up by the Metropolitan Police's counter-terrorism command.
Trick, reportedly a 17-year-old who launched Team Poison in 2010, emailed the Press Association, saying the group bypassed outdated technology to compromise a server from Malaysia to record conversations. He wrote: "Yes, it was easy :)"
Trick said: "The phone denial of service was done via a custom script for Asterisk which was installed on an overseas server. The conversation was tapped into via a private phreaking method, their phone system is old and we found a way to get in via basic but private phreaking technique." (more)
Trick, reportedly a 17-year-old who launched Team Poison in 2010, emailed the Press Association, saying the group bypassed outdated technology to compromise a server from Malaysia to record conversations. He wrote: "Yes, it was easy :)"
Trick said: "The phone denial of service was done via a custom script for Asterisk which was installed on an overseas server. The conversation was tapped into via a private phreaking method, their phone system is old and we found a way to get in via basic but private phreaking technique." (more)
Privacy Journal 2012 Privacy Law Compilation Updated
With
a surge in the final days of the 2011 session, the California legislature
enacted several new privacy protections that clearly keep the state at the top
of the privacy-protecting states in the U.S., according to a new survey of the
states by Privacy Journal.
The
monthly newsletter reports on new privacy laws enacted by states and Congress
each year. The information is available in its Compilation of State and FederalPrivacy Laws, updated yearly. (more)
Two Cell Phone Eavesdropping Attacks Reported
• Security firm Cryptography Research showed how it's possible to eavesdrop on any smartphone or tablet PC as it is being used to make a purchase, conduct online banking or access a company's virtual private network.
• Researchers at security firm McAfee, a division of chipmaker Intel, highlighted several ways to remotely hack into Apple iOS, the operating system for iPads and iPhones.
McAfee's research team remotely activated microphones on a variety of test devices and recorded conversations taking place nearby. They also showed that it's possible to steal secret keys and passwords, and pilfer sensitive data, including call histories, e-mail and text messages.
"This can be done with absolutely no indication to the device user," says Ryan Permeh, McAfee's principal security architect. (more)
• Researchers at security firm McAfee, a division of chipmaker Intel, highlighted several ways to remotely hack into Apple iOS, the operating system for iPads and iPhones.
McAfee's research team remotely activated microphones on a variety of test devices and recorded conversations taking place nearby. They also showed that it's possible to steal secret keys and passwords, and pilfer sensitive data, including call histories, e-mail and text messages.
"This can be done with absolutely no indication to the device user," says Ryan Permeh, McAfee's principal security architect. (more)
Monday, April 9, 2012
IKEA Apologizes to Workers for Spying
The management of IKEA in France, where workers have sued the company for allegedly spying on employees, admitted that activities contravening its ethical standards had taken place and pledged to put a stop to them. (more)
SpyCam Story #658 - This Week in SpyCam News
SpyCam stories have become commonplace and the techniques used, repetitive. We continue to keep lose track of the subject for statistical purposes, but won't bore you with the details. Only links to the stories will be supplied unless there is something useful to be learned.
Azerbaijan - Sex video used to blackmail Azerbaijani journalist.
UK - Garage ‘spies at the pumps’ could cut off fuel supply for uninsured driver.
UK - Garage ‘spies at the pumps’ could cut off fuel supply for uninsured driver.
Friday, April 6, 2012
UK - Sky News, a 24-hour news channel in the U.K., twice authorized its reporters to hack into emails of suspected criminals but said the actions were "editorially justified" and in "the public interest."
The disclosure adds to the intensified scrutinty of British reporting tactics. Sky News is a unit of British Sky Broadcasting Group PLC, which itself is 39.1%-owned by News Corp., whose U.K. newspapers have been at the center of a storm over reporting methods. (more)
The disclosure adds to the intensified scrutinty of British reporting tactics. Sky News is a unit of British Sky Broadcasting Group PLC, which itself is 39.1%-owned by News Corp., whose U.K. newspapers have been at the center of a storm over reporting methods. (more)
Wheelchair Bug Saves Disabled Child from Cruel Teachers
Two Alabama teachers were caught cruelly taunting and abusing a 10-year-old boy who has celebral palsy after the boy’s mother attached an audio recorder to his wheelchair.
The shocking recording captures two voices chiding Jose Salinas for his ‘disgusting’ drooling and reveals he was left alone with no instruction for long periods of time...
Determined to be sure of what was happening herself she attached a bugging device to Jose’s wheelchair and left it recording over three days. The recording revealed that her son was being cruelly taunted about his disability and ignored for the majority of the day with no-one giving him instruction.
She played the tapes to the school board and the teachers were placed on administrative leave... But within days the teachers were returned to their positions so Salinas and other parents took their children out of the school in protest.
Feeling that ‘nobody was listening’ Salinas took the recordings to her local newspaper and the teachers were placed on leave once again. (more) (audio)
The shocking recording captures two voices chiding Jose Salinas for his ‘disgusting’ drooling and reveals he was left alone with no instruction for long periods of time...
Determined to be sure of what was happening herself she attached a bugging device to Jose’s wheelchair and left it recording over three days. The recording revealed that her son was being cruelly taunted about his disability and ignored for the majority of the day with no-one giving him instruction.
She played the tapes to the school board and the teachers were placed on administrative leave... But within days the teachers were returned to their positions so Salinas and other parents took their children out of the school in protest.
Feeling that ‘nobody was listening’ Salinas took the recordings to her local newspaper and the teachers were placed on leave once again. (more) (audio)
The Woman Who Bugged Her Ex-Boyfriend's Car - Case Closed
WI - Charges are settled for a local woman accused of bugging her ex-boyfriend's car so she could keep tabs on him.
Jamie Mesang was accused of duct-taping a digital tape recorder underneath a car seat that belonged to her ex. Police say he became suspicious when Mesang started sending text-messages to him about his whereabouts. Eventually he searched his car and found the device, which was recording at that time.
On Wednesday, Mesang entered a guilty plea. She also admitted she posted a female rival's picture and contact information on a website which led to that woman getting calls from men seeking sexual relationships. But prosecutors agreed to recommend dismissal of the felonies in one year if Mesang stays out of trouble during that time. (more)
Gordon Ramsay's Phone Calls Believed Bugged Not Hacked
UK - Gordon Ramsay was plunged into a sex tape nightmare last night. Self-proclaimed “professional mistress” Sarah Symonds says detectives probing phone hacking found “very sensitive tapes” of her with the TV cook.
The blonde, who claims she had a seven-year fling with Gordon Ramsay, believes an audio sex tape was among a stash of evidence seized by officers probing investigators for the defunct News Of The World.
Sarah, 41, feared the tape was the result of “bugging’” rather than hacking – which has led to scores of celebrities pocketing damages from the tabloid’s publishers News Corp. (more)
The blonde, who claims she had a seven-year fling with Gordon Ramsay, believes an audio sex tape was among a stash of evidence seized by officers probing investigators for the defunct News Of The World.
Sarah, 41, feared the tape was the result of “bugging’” rather than hacking – which has led to scores of celebrities pocketing damages from the tabloid’s publishers News Corp. (more)
Thursday, April 5, 2012
Espionage Outrage Reaches the Boiling Point ...and a solution.
Gen. Keith B. Alexander, (NSA)
...called the continuing, rampant cybertheft “the greatest transfer of wealth in history.” (bio)
---
Shawn Henry, (FBI)
...current public and private approach to fending off hackers is "unsustainable.'' Computer criminals are simply too talented and defensive measures too weak to stop them, he said. (bio)
---
Richard A. Clark, (presidential advisor)
"Yet the same Congress that has heard all of this disturbing testimony is mired in disagreements about a proposed cybersecurity bill that does little to address the problem of Chinese cyberespionage." (bio)
---
Letter to the Editor - The New York Times
Dear Editor,
Richard A. Clarke’s op-ed piece, “How China Steals Our Secrets,” (4/2/12) states the current business espionage problem perfectly, but we need a solution. Consider this...
The Chinese secrets of: silk and tea production; making porcelain, gunpowder and paper, could not survive Western espionage attacks – not even when protected with death penalties. Espionage killed their economy, and the damage lasted for centuries. Obviously, competitive advantages are also National Interest Assets.
The one-sided, punish-the-spy security model, still being used today, never worked. We need to make it two-sided. There must be a proactive legal responsibility to protect.
The solution... Corporate caretakers must be held accountable for protecting their valuables; our national treasures. We need a law creating business counterespionage security standards, with penalties for inadequate protection. We already successfully employ the same concept with medical and financial record privacy.
Kevin D. Murray
Spybusters, LLC
Richard A. Clarke’s op-ed piece, “How China Steals Our Secrets,” (4/2/12) states the current business espionage problem perfectly, but we need a solution. Consider this...
The Chinese secrets of: silk and tea production; making porcelain, gunpowder and paper, could not survive Western espionage attacks – not even when protected with death penalties. Espionage killed their economy, and the damage lasted for centuries. Obviously, competitive advantages are also National Interest Assets.
The one-sided, punish-the-spy security model, still being used today, never worked. We need to make it two-sided. There must be a proactive legal responsibility to protect.
The solution... Corporate caretakers must be held accountable for protecting their valuables; our national treasures. We need a law creating business counterespionage security standards, with penalties for inadequate protection. We already successfully employ the same concept with medical and financial record privacy.
Kevin D. Murray
Spybusters, LLC
---
If implemented, it will force an increase in traditional spy techniques, such as: bugging, wiretapping, physical intrusions and social engineering. (Remember, computer data is available elsewhere long before it is computerized.)
Protecting our competitive advantages requires a holistic approach; a National Interest Assets law which would also...
• Protect the entire intellectual property timeline, from brainstorming and initial discussions, to the final product or business strategy.
• Impose a responsibility of due care upon the creators and holders competitive advantage information.
• Specify compliance requirements aimed at countering traditional business espionage practices. Technical Surveillance Countermeasures Inspections (TSCM / bug sweeps), information-security audits, and information-security compliance procedures; safeguards which can be easily mandated and monitored.
The cost of keeping National Interest Assets safe is infinitesimal compared to current losses (not to mention the long-term effects). Just ask the Chinese.
~Kevin
Labels:
advice,
business,
computer,
counterespionage,
espionage,
FBI,
government,
law,
NSA,
quote,
trade secret,
wiretapping
Ambassador to Russsia Thinks Cell Phone is Monitored (well, duh)
The Obama administration has complained to Russia about harassment of its outspoken ambassador in Moscow, who has confronted television news crews and taken to social media to raise suspicions that his cell phone and email were being hacked.
Michael McFaul, who has been a frequent target of criticism by state media, seemed to have relished the attention, at least at first. And he may have become a bigger target by taking to Twitter to muse about the alleged surveillance, admitting to learning on the job, correcting his "bad Russian" and engaging in exchanges with a person whose Twitter account was "prostitutkamila."
"There's been a number of incidents since his arrival there that have caused us to have some concerns about his security and safety," State Department spokesman Mark Toner said Friday. "So as we would in following normal protocol, we've raised that with the government of Russia." (more)
Pop Quiz: Should government ambassadors be Tweeting?
Michael McFaul, who has been a frequent target of criticism by state media, seemed to have relished the attention, at least at first. And he may have become a bigger target by taking to Twitter to muse about the alleged surveillance, admitting to learning on the job, correcting his "bad Russian" and engaging in exchanges with a person whose Twitter account was "prostitutkamila."
"There's been a number of incidents since his arrival there that have caused us to have some concerns about his security and safety," State Department spokesman Mark Toner said Friday. "So as we would in following normal protocol, we've raised that with the government of Russia." (more)
Mission Creeps - Cop Tickets via Safety CCTV
Australia - A parking inspector ... has been using a network of security cameras to book drivers. The council says more than 150 tickets were issued in just over a fortnight using the CitySafe CCTV system... But Ipswich Mayor Paul Pisasale says as soon as he heard it was happening he acted. He has decided to not only waive the fines but send a letter of apology as well. (more)
Monday, April 2, 2012
Phones & Polls - Time for the Mexican Tap Dance
The frequency in Mexico of wiretapping politicians' telephones and leaking what's said would make even a British tabloid editor envious. The compressed, three-month presidential campaign leading to July 1 doesn't kick off till Friday, yet already a wiretap scandal is unfolding.
Political commentator Raymundo Riva Palacio calls the drumbeat of leaked wiretaps a "perverse factor in Mexican politics."
In the latest case, the ruling party's candidate, allegedly speaking to an aide on the phone, mocks two top functionaries in her party, among them President Felipe Calderon's highly influential security chief, for her suspicion that they listen in on calls.
In this instance, as in nearly every case of apparent illegal eavesdropping, politicians have greeted the leak with condemnations and demands for a criminal probe. But no successful prosecutions for illegal wiretapping have occurred in recent years. (more)
Political commentator Raymundo Riva Palacio calls the drumbeat of leaked wiretaps a "perverse factor in Mexican politics."
In the latest case, the ruling party's candidate, allegedly speaking to an aide on the phone, mocks two top functionaries in her party, among them President Felipe Calderon's highly influential security chief, for her suspicion that they listen in on calls.
In this instance, as in nearly every case of apparent illegal eavesdropping, politicians have greeted the leak with condemnations and demands for a criminal probe. But no successful prosecutions for illegal wiretapping have occurred in recent years. (more)
Subscribe to:
Posts (Atom)