International Spy Museum Looking for a New Safe House

The International Spy Museum, one of the most popular private attractions in (Washington, DC), would relocate to the former Carnegie Library in Mount Vernon Square under a plan by D.C. officials.

Carnegie Library

Events DC, which manages the District’s convention and sports business, announced Monday that it planned to renovate and expand the historic library building by moving the Spy Museum to the museum’s underground space and building a new “sculpted glass pavilion” on the north side of the building that would house a new visitors center, a café and the Spy Museum store...

In all, the project would add 58,000 square feet to the property, but the idea requires layers of approval from local and federal stakeholders because of the historic state of the grounds and library building, which was completed in 1903 and served as the city’s central library until 1970. (more)

... or, say Beetlejuice three times.

Taiwan - Rumors saying that people can verify if their cellphones or landlines are under surveillance by dialing *960*# and *26 are false, telecommunication experts said recently, as the snowballing controversy surrounding the wiretapping of government officials conducted by the Special Investigation Division (SID) of the Supreme Prosecutors’ Office sparked concern among the public that private citizens are also under surveillance. (more) (sing-a-long)

Russia's Herculean Feat - Eavesdrop on All Olympic Communications

Russia is preparing to monitor the communications of athletes and others taking part in the Sochi Winter Olympics at an unprecedented level, according to official documents.

Government tender documents indicate all communications equipment at the Black Sea resort will be tapped, including wi-fi and mobile phone networks, to allow eavesdropping through the Russian SORM (System for Operative Investigative Activities) interception system, The Guardian reported.

Documents seen by Russian journalists Andrei Soldatov and Irinia Borogan point to deep packet inspection (DPI) being used to filter all communications around Sochi, with intelligence agencies being able to sort these, search for keywords and identify and monitor people.

The monitoring plans were discovered on the Russian government Zakupki ("purchases") procurement agency website. By law, all Russian government agencies must buy equipment through Zakupki. This includes the country's intelligence agencies. (more)

Hey, kids! Want a smart watch? All right. Who said "house arrest ankle bracelet"?!?!

AT&T announced a new smart device that goes on the wrist today, but it’s not the Galaxy Gear. This is the Filip, a pseudo-smartwatch for kids that parents can use to keep tabs on their offspring with an unparalleled level of accuracy. This device acts as a phone, GPS tracker, and a panic button all in one somewhat awkward package.

The Filip plugs into an iOS or Android app that allows parents to set five trusted numbers that the watch can place calls to. The announcement glosses over the phone call functionality, but it appears to be entirely speakerphone-based. The app is also used to pull locations from the watch in real time, send direct SMS, and set up “Safe Zones.” A Safe Zone is basically a geo-fence that the watch is supposed to stay inside of. If it leaves the Safe Zone, an alert will be pushed to the smartphone app. This is truly helicopter parenting gone high-tech...

There are only two buttons on the Filip, one of which is a big red panic button. When it’s held for three seconds, the device will go into emergency mode and start ambient sound recording. It also sends text messages to all five trusted numbers and places a call to the first number in the list. False alarms will be quite the affair.

AT&T will be the exclusive network provider for the Filip, but no pricing has been announced. The closest thing to a release date is “in the coming months.” (more)

Business Espionage: Eavesdropping Discovery at Nortel - Update

The Department of National Defence will have to decide whether it is still worth the risk to move into the former Nortel campus after the discovery of listening devices at the facility, say security analysts.

The DND is not releasing details about where exactly the electronic eavesdropping devices were found or whether they were left over from an industrial espionage operation when Nortel occupied the complex in Ottawa’s west end.

Nortel was the target of a number of spy and computer hacking operations, with the main culprits suspected of being associated with China.

But security analysts say other listening devices could remain in the sprawling campus at 3500 Carling Ave. The question is whether they can all be found and whether they are still active...

Sources say the bugs are believed to have been planted when Nortel occupied the campus. (more)

12 Detained After Bugging Device Found

After it was revealed in the media on Sept. 17 that two listening devices had been found in the office of the Prime Ministry's Overseas Turks Agency (YTB), police have detained 12 suspects in simultaneous operations in the provinces of Ankara, İstanbul and Ardahan, linked to the investigation, Turkish news agencies reported on Monday.

On Sept. 17, the Türkiye daily claimed that two female co-founders and current members of the ruling Justice and Development Party (AK Party) were spying for Iran, reportedly gathering intelligence for Tehran by planting listening devices in the office of the YTB, although the claim was at least partly denied by Deputy Prime Minister Bekir Bozdağ later that day. (more)

Anti-Eavesdropping Just Became Kinky

What if any object around you could play back sound at the touch of your finger? That is the idea behind Ishin-Denshin, an electronic art project that has just won an honourable mention at the ARS Electronica festival in Linz, Austria.


Ishin-Denshin works by getting the user to whisper a message into a microphone, which encodes the sound and then converts it into an electrical signal which modulates an electrostatic field around the human body. When the charged person touches their finger to another person's earlobe, the field causes it to vibrate slightly, reproducing the sound for the touched person to hear. The name comes from a Japanese expression meaning an unspoken understanding. (more)

School Principal's DIY Investigation Ends in Wiretapping Conviction

A middle school principal from Fort Worth, Texas, has been found guilty of wire-tapping after she got her daughter to plant a camera in the locker room of another high school. 

Wendee Long, 47, had her daughter, who was 17 at the time, hide a recording cell phone to catch the basketball coach from Argyle High School yelling at the team.

Long allegedly planted the device after her two daughters had complained the coach shouted too much.

Her teenage daughter Caydan, who did not face any charges, placed a camera phone inside a locker and pressed record.

It did not capture coach Skip Townsend, 61, saying or doing anything inappropriate during the half-time meeting, authorities told WFAA-TV. Someone anonymously sent the video to the superintendent and several board members and Long turned herself in to authorities. (more)

Business Espionage: Eavesdropping Devices Found at Nortel Complex

Canada - Workers preparing the former Nortel complex as the new home for the Department of National Defence have discovered electronic eavesdropping devices, prompting new fears about the security of the facility.

It’s not clear whether the devices were recently planted or left over from an industrial espionage operation when Nortel occupied the complex...

Recently released DND documents indicate that concerns about the security surrounding the former Nortel campus at 3500 Carling Ave. were raised last year...
 
Last year it was also revealed that Nortel had been the target of industrial espionage for almost a decade... (more)

Note: Nortel Networks Corporation was once a major data networking and multinational telecommunications company. The company filed for protection from creditors on January 14, 2009 and later shut its doors.

Commercial Espionage Fears Prompts... a conference?!?!

Jamacia - Commercial espionage affecting Jamaican businesses are to be addressed at a two-day conference on Cyber Security and Digital Forensics, to be staged at the University of the West Indies from September 30 to October 1.

Mr. Robinson said he became aware of the level of corporate espionage occurring in Jamaica recently, and the conference will address this concern in a fulsome way.

“We’re not talking about a man hacking into a website and defacing it. We’re talking about criminals doing this for financial gain, or to prove a point. They can hack into a critical national infrastructure and disrupt the country in a significant way; for example your Air Traffic Control system, and you know the damage that can be done,” the State Minister said.

“There are just so many ways someone with a computer can create havoc and we need to be on top of that as a country,” he emphasized. (more)

The "Let's Talk About This" love boat sailed a long time ago. It's time for action. BTW... Corporate espionage via computers is only one hole in your security dike. Be sure your security program handles it all.

Business Espionage - Bra Biz Ops Man Bugged

Michelle Mone's firm bugged director's office amid fears he was about to jump ship to ex-husband's new company, tribunal hears 

MICHELLE MONE monitored recordings from a bug in a director’s office amid fears he was about quit for a job work with her ex, her new business partner claimed yesterday.

Eliaz Poleg told an employment tribunal he came up with the idea of bugging Scott Kilday’s plant pot.

Poleg – the chairman of the company formed from the sale of Michelle’s MJM firm – said he made the move as he had “extreme concerns” over Kilday’s loyalty to the troubled bra business.

Kilday now works for Michelle’s ex-husband Michael, who was bought out of MJM two days before the sale to MAS Holdings. Kilday walked out on MJM after finding the bug.

Poleg told the tribunal in Glasgow: “I know there was stuff on it because Michelle said she was listening and replacing the machine tapes. (more)

When Business Espionage Doesn't Work the Next Step is Sabotage

Real News or Business Sabotage? You decide...

The following "news story" was found in Yahoo News. It is filled with anonymous quotes, no proof, no substance, no follow-up with the side being attacked.

“Apple’s new operating system is making me nauseous and giving me a headache - just like when you try to read in the car,” says one user.

Others complain of “vertigo” when apps “zoom” in and out - and say that using iOS 7 devices has left them feeling ill for days.

Apple’s new iOS 7 operating system has been downloaded 200 million times - and some users are complaining that the animations make them seasick - or worse. (more)

To our clients... In addition to your TSCM bug sweeps and our other business espionage reductions, keep an eye out for business sabotage. Document it. Go after it.

Yet Another Good Reason to Conduct TSCM Sweeps

Police have arrested eight men in connection with a £1.3m theft by a gang who remotely took control of the computer system of a Barclays bank branch.

A man posing as an IT engineer gained access to the Swiss Cottage branch in north London on 4 April, fitting a keyboard video mouse (KVM) device, which enabled the gang to remotely transfer funds to bank accounts under its control. (more)

Fingerprint Security Appears Risky on iPhone, and Elsewhere

Reason 1. - iPhone's fingerprint biometrics defeated, hackers claim.
Just one day after the new fingerprint-scanning Apple iPhone-5s was released to the public, hackers claimed to have defeated the new security mechanism. After their announcement on Saturday night, the Chaos Computer Club posted a video on YouTube which appears to show a user defeating Apple’s new TouchID security by using a replicated fingerprint. Apple has not yet commented on this matter, and, as far as I can tell, no third-party agency has publicly validated the video or the hacker group’s claim. In theory, the techniques used should not have defeated the sub-dermal analysis (analyzing three dimensional unique aspects of fingerprints rather than just two-dimensional surface images) that Apple was supposed to have used in its fingerprint scanner. (more)

Reason 2. - Mythbusters.



Reason 3. - When You're Busted.
Police can't compel you to spill your password, but they can compel you to give up your fingerprint.

"Take this hypothetical example coined by the Supreme Court: If the police demand that you give them the key to a lockbox that happens to contain incriminating evidence, turning over the key wouldn’t be testimonial if it’s just a physical act that doesn’t reveal anything you know.

However, if the police try to force you to divulge the combination to a wall safe, your response would reveal the contents of your mind — and so would implicate the Fifth Amendment. (If you’ve written down the combination on a piece of paper and the police demand that you give it to them, that may be a different story.)" (more)

Is Your Cell Phone Talking to Your Carrier, or Behind Your Back to a Rogue?

It's not easy to tell, but very important if you want to have a confidential conversation.

What is a rogue or IMSI catcher?
"An IMSI catcher is essentially a false mobile tower acting between the target mobile phone(s) and the service providers real towers. As such it is considered a Man In the Middle (MITM) attack. It is used as an eavesdropping device used for interception and tracking of cellular phones and usually is undetectable for the users of mobile phones. Such a virtual base transceiver station (VBTS) is a device for identifying the International Mobile Subscriber Identity (IMSI) of a nearby GSM mobile phone and intercepting its calls." (more)

Folks with a Cryptophone know...

"Each week an increasing number of Cryptophone customers are becoming aware of disturbing, yet unfortunately not surprising changes to the cellular network in their area.

This screenshot sent in by a customer shows the Cryptophone 500 alerting them to changes in the mobile network. In this case standard network encryption has been turned off. This is often an indication that a rogue base station or “IMSI Catcher” is active in the area.

While this knowledge would be of great to concern to most people, Cryptophone users can rest easy knowing that even in the presence of an ‘active’ attack’s like this, their communications are still completely secure." (more) (more)

Think the problem is theoretical? 

"Recently leaked brochures advertising next generation spy devices give outsiders a glimpse into the high-tech world of government surveillance. And one of the most tantalizing of the must-have gizmos available from a company called GammaGroup is a body-worn device that surreptitiously captures the unique identifier used by cell phones." (more)

"Hacker intercepts phone calls with homebuilt $1,500 IMSI catcher, claims GSM is beyond repair" (more) 

"Septier IMSI Catcher (SIC) has been designed as a tactical solution intended to extract GSM entities. Based on the Septier GUARDIAN infrastructure, Septier IMSI Catcher provides its users with the capability of extracting IMSI and IMEI of GSM Mobile Stations (MS) that are active in the system's effective range.

Septier IMSI Catcher is the perfect solution for both extracting identities from MS in its area of coverage (when these identities are previously unknown) and detecting the presence of known cell phones in the area, notifying the system user about those phones. Septier IMSI Catcher can be equipped with an add-on 3G module that allows identity extraction for 3G cell phones as well. It has several configurations that allow meeting the specific requirements of every operation and are suitable for various working conditions." (more)