Tuesday, December 16, 2014

Sony's Industrial Espionage Grand Slam

The Sony e-mail hack is too irresistible to ignore. The confiding messages trash stars like Angelina Jolie and Adam Sandler. The seven-figure salaries of studio execs, nearly all men, are underlined. Juicy remarks — all the more believable because of misspellings and bad grammar — kid about President Obama’s taste in movies. To top it off, North Korea might be behind it all.

Click to enlarge.
It’s the kind of tinsel town mess that is too good not to be true...

It was theft, a cyber break-in, that led to the disclosures. Hackers broke into the Sony Pictures Entertainment system and stole a boatload of private information: salaries, e-mails and personal data, with only a fraction trotted out so far.

It’s industrial espionage on a grand scale. Repairing Sony’s computer systems will cost tens of millions while some 30,000 Sony employees are left exposed... It’s a mugging, tech-style.

There are takeaways for the rest of us.  
• Never e-mail anything you can’t explain in public. 
• Think twice before hitting the send key. 
• Don’t assume anything remains secret after it’s typed out on screen. (more)

After 50 Years, Charlie is Finally Employed

The US military has been developing a robotic tuna that can infiltrate enemy territory.

The spy fish, which is made to look like a bluefin tuna, weighs a hundred pounds and is 5ft long.

Dubbed Project Silent Nemo, The United States Office of Naval Research is in the process of testing the tuna. The robot is controlled by remote control but can also be programmed to swim a pre-determined route.

Nemo could see active service in as little as a year’s time. (more)

Spy Cartoon - Smoke Screen Excuse for Smoke Signal Tapping


Monday, December 15, 2014

Thus, giving new meaning to watching the submarine "raceys"...

The Navy has issued a new report confirming the involvement of 12 sailors and petty officers in watching a series of secretly recorded videos 

taken over a period of ten months of fellow female shipmates undressing and showering. Only one of the men is accused of recording the videos.

"This was not 11 guys, each with different [cameras]," an anonymous source told the Navy Times. "It was really one guy doing the videography piece and then sharing it with other people." (more) (sing-a-long)

James Bond Held by Hackers - Cue Q

The producers of James Bond films have acknowledged that an early version of the screenplay for the new movie "SPECTRE" was among the material stolen in the massive cyberattack on Sony Pictures Entertainment. 

The producers said in a statement Saturday that they are concerned that third parties who received the screenplay might seek to publish it — and warned the material is subject to copyright protection around the world.

The producers promised to "take all necessary steps to protect their rights against the persons who stole the screenplay, and against anyone who makes infringing uses of it or attempts to take commercial advantage of confidential property it knows to be stolen." (more)

Norway Alerts Politicians After Eavesdropping Devices Found

Norwegian police said Sunday they have warned politicians about possible eavesdropping of cellphone calls after several listening devices were reportedly found in central Oslo, including near government buildings and Parliament.

Siv Alsen from the security police said the National Security Authority has begun an investigation, but could not provide more information pending the agency's report...

Her comments followed media reports that illegal listening and tracking devices were found in fake mobile base stations, which could be used to monitor calls and data, as well as trace the movement of people in the area. (more)

Double Check Your Tech

via Bruce Schneier...
This is a creepy story. The FBI wanted access to a hotel guest's room without a warrant. So agents broke his Internet connection, and then posed as Internet technicians to gain access to his hotel room without a warrant.

From the motion to suppress:

The next time you call for assistance because the internet
service in your home is not working, the "technician" who comes
to your door may actually be an undercover government agent.
He will have secretly disconnected the service, knowing that
you will naturally call for help and -- when he shows up at
your door, impersonating a technician -- let him in. He will
walk through each room of your house, claiming to diagnose the
problem. Actually, he will be videotaping everything (and
everyone) inside. He will have no reason to suspect you have
broken the law, much less probable cause to obtain a search
warrant. But that makes no difference, because by letting him
in, you will have "consented" to an intrusive search of your
home.

Basically, the agents snooped around the hotel room, and gathered evidence that they submitted to a magistrate to get a warrant. Of course, they never told the judge that they had engineered the whole outage and planted the fake technicians. (more)

Woman Hides Spycam in Her Butt - Cookie Monster Digs It

There is an important lesson this spycam will teach all men...

Friday, December 12, 2014

Interesting Spy Stories of the Week

A former computer technician at HSBC Holdings’ Swiss unit, “celebrated as a hero abroad,” was indicted in Switzerland on charges of industrial espionage and violating bank secrecy laws, prosecutors said... accused of stealing client data in 2008 from HSBC’s Geneva office and passing it to French authorities... (more)

Verizon Voice Cypher, the product introduced with the encryption company Cellcrypt, offers business and government customers end-to-end encryption for voice calls on iOS, Android, or BlackBerry devices equipped with a special app. The encryption software provides secure communications for people speaking on devices with the app, regardless of their wireless carrier, and it can also connect to an organization's secure phone system. Cellcrypt and Verizon both say that law enforcement agencies will be able to access communications that take place over Voice Cypher, so long as they're able to prove that there's a legitimate law enforcement reason for doing so. (more)

US-based cyber security solutions firm FireEye has just uncovered a business espionage racket targeting over 100 corporates, to steal information. The FIN4 group, as FireEye calls the hacking outfit, has a deep knowledge of how business deals are reached and how corporate entities communicate within and outside the organization. Unlike in other attacks, the hacker group is said to be very focused. It targets people who might have access to confidential information. (more)

An electrical engineer for a defense contractor was fined $5,000 and sentenced to 180 hours of community service for falsely accusing his boss of spying for another country. (more)

Two Private Eyes, One GPS, One Fake DUI Tip = 200 x "I Take the 5th."

Two private investigators accused of tailing an Orange County councilman with a GPS device and setting up another by calling in a false drunk driving report were charged Thursday with false imprisonment and conspiracy to commit a crime, the district attorney's office said.

Private eye takes the 5th more than 200 times in fake-DUI case
The Costa Mesa councilmen were targeted in the midst of a protracted city-police fight in 2012. The detectives were hired hands for an Upland law firm that had an advertised client list of more than 120 public safety unions and a reputation for aggressive attacks on City Hall, prosecutors say.

Christopher Joseph Lanzillo, 45, of Lake Arrowhead and Scott Alan Impola, 46, of Canyon Lake put a GPS monitor on Councilman Steve Mensinger's car in July 2012, prosecutors say, and tracked him for about a month. (more)

Thursday, December 11, 2014

EU Court Say NO and YES to Private Surveillance Cameras

The European Union's highest court ruled on Thursday that private individuals generally cannot install surveillance cameras to film people on a public path. 

It said, however, that exceptions can be made if they help prevent and prosecute criminal acts.

The case arose after a Czech man installed a surveillance camera under the eaves of his family home from October 2007 to April 2008 after attacks, in some of which windows were smashed. (more)

A Guide to Electronically Stored Information Preservation Responsibilities

The litigation-related duty to preserve relevant evidence, including electronically stored information (ESI), is well established and widely known in the legal community and the business world...

In today’s legal climate, even a company’s seemingly innocent delay in implementing an appropriate method to preserve ESI may be catastrophic...

This white paper guides litigants through their responsibilities to preserve evidence and provides valuable information on implementing a defensible legal hold process. (more) (pdf)

Blackphone Improves - Now with Apps and a Silent Space!

Blackphone, a joint venture between SGP Technologies, Silent Circle, and others, will introduce world's first privacy-focused app store. 

PrivatOS1.1 empowers users to take control of their privacy, without the tradeoffs...

With most smartphones, separating work and play means compromising either privacy or convenience: either work apps and data live in the same place as personal games and social media apps, or users carry two devices to guarantee privacy and separation. Spaces can separate work life from personal life, a "parents only" space from a kid-friendly one, or any other separation users can dream up – no compromises needed.

A "Silent Space" is featured by default and includes the Silent Suite of apps for encrypted communication, Blackphone app store and a bundle of pre-loaded privacy apps. From there, build additional Spaces as you see fit – for whatever purpose you need – with the Blackphone Security Center and PrivatOS keeping you safe across each one.

The accompanying launch of the Blackphone app store ‐ the first one in the world that focuses solely on privacy-focused applications – solidifies Blackphone's position as a global leader in privacy and security.

Available January 2015, the Blackphone app store features curated apps specifically selected by Blackphone as the most secure privacy-optimized apps on the market. Several pre-loaded apps will be immediately available with the latest PrivatOS update in early 2015. (more)

My Kind of Christmas Card

Thanks, Joe!

Friday, December 5, 2014

Update: Jersey Girls Never Say Die and I'm Not a Spy

A New York judge has rejected a 98-year-old woman's request to erase her 1950 conviction for conspiracy to obstruct justice in the run-up to the atomic spying trial of Julius and Ethel Rosenberg.

Manhattan Judge Alvin Hellerstein said Thursday that Miriam Moskowitz's lawyers could not show that newly released records would have changed her trial's result. Moskowitz lives in Washington Township in Bergen County, New Jersey. She served a two-year prison sentence.

She said afterward: "Too bad." She says she's disappointed. (more)