Wednesday, September 14, 2016

Attorney No-Show to Answer Questions About a Vast Eavesdropping Operation

CA - A judge in Palm Springs has issued an arrest warrant 
for former Riverside County District Attorney Paul Zellerbach after he failed to appear at a court hearing to answer questions about a vast eavesdropping operation...

“He should have been there,” said Jan Ronis, the attorney who subpoenaed Zellerbach, according to the newspaper. “But he just blew us off. We could have had court today.”

In a telephone interview Tuesday night, Zellerbach insisted the warrant had been issued in error because of “lies and misinformation.” more

Tuesday, September 6, 2016

Classic Spy Tradecraft: Sexy Spies at G20 Summit

This is a cautionary tale for all business people (men and women) who travel for work...

While Americans in Hangzhou may be worried about red-carpeted stairways, British officials are concerned about something much more important -- honey traps.

The team of officials accompanying new British Prime Minister Theresa May to the G20 summit have been warned to take steps to protect themselves from alluring Chinese spies offering sex during their stay in Hangzhou, the Telegraph reports.

Apparently, British security agents haven't just been reading too many James Bond novels; this kind of thing has happened before and they are taking care that it won't happen again by issuing officials with temporary mobile phones and email addresses.

The scandalous incident occurred during former prime minister Gordon Brown's visit to China in 2008. According to Brown's special advisor Damien McBride, the British officials were “accosted on one side by a beautiful posse of Chinese girls and on the other side by an equivalent group of Russian blondes."

Before they knew what was going on, one of the officials was lured away to his hotel room, where he was drugged and robbed of his Blackberry and "half the contents of his briefcase." more

PS - They can also plant eavesdropping devices and spycams.

How Strangers Can Hack the Phone in Your Pocket

These days no one leaves home without a smartphone. But as 60 Minutes Overtime reports, you may need a "CryptoPhone" if you want to avoid hacking.

“In today’s world, there’s really only two types of companies or two types of people which are those who have been hacked and realize it and those who have been hacked and haven’t.” 

That’s what mobile security expert John Hering tells 60 Minutes correspondent Sharyn Alfonsi about the danger of cellphone hacking on this week’s broadcast. more

Saturday, September 3, 2016

The Five Steps to Countering Business Espionage

Everyone has heard the phrase "loose lips sink ships." 

That's the very essence of military operational security. Commonly shortened into "OPSEC," it is a fundamental—if not the most important—part of military operations...

The business world isn't nearly as life and death but that doesn't mean the same rules don't apply. The military has five basic steps to proper OPSEC, and they're just as useful in the civilian world, especially with the proliferation of tech that makes leaks and security breaches more common.

1. Identify critical information
2. Analyze potential threats
3. Know your own weaknesses
4. Assess risks
5. Apply countermeasures

  • OPSEC requires complete understanding of your company from the inside out. If you're truly going to be as secure as a well-oiled military unit you need to think about—and think like—the enemy.
  • Think about the threats you might face and compare those to your vulnerabilities. The military uses that comparison to figure out where they need to focus on OPSEC—it is no different in the civilian world.
  • Planning is nothing without execution. Make sure you're putting OPSEC lessons into play, and also be sure that everyone in your company is on board. The lowest ranking Private in the Army takes OPSEC classes, and so should the lowest level employee at your company. more  
I want to get started, right now.

The Real Whole Spy Catalog

A confidential, 120-page catalog of spy equipment, 
originating from British defense firm Cobham and circulated to U.S. law enforcement, touts gear that can intercept wireless calls and text messages, locate people via their mobile phones, and jam cellular communications in a particular area.

The catalogue was obtained by The Intercept as part of a large trove of documents originating within the Florida Department of Law Enforcement, where spokesperson Molly Best confirmed Cobham wares have been purchased but did not provide further information.

The document provides a rare look at the wide range of electronic surveillance tactics used by police and militaries in the U.S. and abroad, offering equipment ranging from black boxes that can monitor an entire town’s cellular signals to microphones hidden in lighters and cameras hidden in trashcans. more

The original Whole Spy Catalog.

Relive Watergate by Living in Watergate

Watergate will forever be notorious as the site of the Democratic National Committee break-in. Now for $1.33 million, you can buy your place in its history.

That’s the asking price of the four-bedroom residence where then-Attorney General John Mitchell lived when planning the infamous break-in of 1972. The apartment, located in one of the Watergate’s three residential towers, measures 3,150 square feet and includes a private elevator entrance.

The buildings that make up the Watergate complex have a long list of A-list residents influential in politics, public policy, the arts and business. Current owners include Supreme Court Justice Ruth Bader Ginsburg, former Sens. Bob and Elizabeth Dole, and Jacqueline Mars, heiress to the Mars candy fortune. We take you behind the scenes in the Washington landmark. more

Fun Facts
John Mitchell was the person who evaluated the results of the first Watergate burglary and ordered the five men to return to fix wiretaps and photograph more documents.

• "If it hadn't been for Martha Mitchell,
there'd have been no Watergate."
 ~Nixon

Thursday, September 1, 2016

50% of Email Users Deserve the Problems They Create

Security experts often talk about the importance of educating people
about the risks of "phishing" e-mails containing links to malicious websites. But sometimes, even awareness isn't enough.  

A study by researchers at a university in Germany found that about half of the subjects in a recent experiment clicked on links from strangers in e-mails and Facebook messages—even though most of them claimed to be aware of the risks. more

Sports Smartphone App Accused of Eavesdropping

A putative class action suit filed in a California court on Monday against Oakland’s Golden State Warriors basketball team accuses the team of offering a smartphone app that secretly records the user’s conversations. 

The app, developed by Yinzcam Inc., uses the phone’s microphone to track the user’s location by picking up on sonic beacons built by Signal360, but fails to warn users that it is doing so and that it is picking up nearby conversations in the process, plaintiff Latisha Satchell said.

“Unbeknownst to plaintiff and without her consent, defendants programmed the app to turn on her smartphone’s microphone and listen in. Specifically, because plaintiff carried her smartphone to locations where she would have private conversations and the app was continuously running on her phone, defendants app listened in to private oral communications,” Satchell said.

According to the complaint, the app, which is advertised as a source of scores, game schedules, news, statistics and other information about the Warriors, uses the phone’s microphone to pick up sound tones generated by Signal360 beacons and uses those tones to track the user’s location in the Warrior’s stadium and send the user appropriate notifications and advertisements or track the user’s movements for later analysis. Satchell argued that the app also picks up and temporarily records other nearby sounds, including conversations. more

Wednesday, August 24, 2016

BBC: Are hi-tech spies stealing all your firm's secrets?

Last weekend's reports about the New Zealand rugby team's discovery of a listening device sewn in to a hotel meeting room chair, have illustrated just how much spying technology has advanced in recent years.

These days, you don't need to sit outside in a van with your headphones on, listening to static for an hour before the battery runs out and the tape recorder gives a tell-tale clunk.

Tiny matchbox-sized gadgets are now capable of transmitting audio and video for hours on end to the other side of the world. more

If you are in business, you have information others want.  Don't be an easy target.
Order our 3-point information security assessment (Bug sweep / TSCM, Wi-Fi security and compliance audit & Information Security Survey)

Rugby Bugging Scandal - CEO - Nieve? Negligent? You Decide...

Australian Rugby Union CEO Bill Pulver says... he’d never previously heard of sports teams sweeping rooms for bugs.

“I’m not going to describe the All Blacks as paranoid, it’s up to them to run their team the way they want to,” Pulver said.

“But I can tell you we don’t sweep rooms.” more

Obviously, if you never check, you'll never know. TSCM inspection sweeps work. Just ask the All Blacks.

CNN Report: How is the US / China Cyber Theft Agreement Working Out?

About a year ago, China and the United States formally agreed not to conduct or knowingly support the cyber theft of each other's intellectual property.

So, how is that agreement working out?

Not great, said Adm. Mike Rogers, head of US Cyber Command.

"Cyber operations from China are still targeting and exploiting US government, defense industry, academic and private computer networks," Rogers said last April during testimony before a US Senate committee.

Cyber theft of US trade secrets can easily ruin American businesses and result in higher prices for consumers. Even more worrisome, stolen American military secrets could put US servicemen and women at risk during combat. more with video

See the dramatic story of how the United States caught and convicted an American who was spying for China. Watch CNN's "Declassified," Sunday at 10 p.m. ET/PT.

Eye in Sky Surveillance - “Imagine Google Earth with TiVo capability.”

Baltimore, MD - Since January, police have been testing an aerial surveillance system adapted from the surge in Iraq.

[See excellent video report.]

A half block from the city’s central police station, in a spare office suite above a parking garage, Ross McNutt, the founder of Persistent Surveillance Systems, monitored the city...

Since this discreet arrangement began in January, it had felt like a make-or-break opportunity for McNutt. His company had been trying for years to snag a long-term contract with an American metropolitan police department. Baltimore seemed like his best shot to date, one that could lead to more work.

He’s told police departments that his system might help them reduce crime by as much as 20 percent in their cities, and he was hoping this Baltimore job would allow him to back up the claim. “I don’t have good statistical data yet, but that’s part of the reason we’re here,” he said. McNutt believes the technology would be most effective if used in a transparent, publicly acknowledged manner; part of the system’s effectiveness, he said, rests in its potential to deter criminal activity.

McNutt is an Air Force Academy graduate, physicist, and MIT-trained astronautical engineer who in 2004 founded the Air Force’s Center for Rapid Product Development. The Pentagon asked him if he could develop something to figure out who was planting the roadside bombs that were killing and maiming American soldiers in Iraq. In 2006 he gave the military Angel Fire, a wide-area, live-feed surveillance system that could cast an unblinking eye on an entire city.

The system was built around an assembly of four to six commercially available industrial imaging cameras, synchronized and positioned at different angles, then attached to the bottom of a plane. As the plane flew, computers stabilized the images from the cameras, stitched them together and transmitted them to the ground at a rate of one per second. This produced a searchable, constantly updating photographic map that was stored on hard drives. His elevator pitch was irresistible: “Imagine Google Earth with TiVo capability.” more more videos

Monday, August 22, 2016

Bugging devices 'widespread' According to Prime Minister

NZ - Prime Minister John Key says he too has been bugged, but won't go into specifics about how often that has happened, where it occurred and who might have been responsible.

His comments come as police in Sydney investigate the discovery of a listening device in a hotel meeting room used by the All Blacks.

Example of a digital transmitter.
Mr Key said it had happened to him, but would not give any details, except to say he would only know about a fraction of the times he had been bugged.

"I'm just saying it's not a new concept that people would put in bugging devices ... I'm just saying it's widespread and I think people would be wise to consider those factors." more

When you think about it, we only know about covert bugging, wiretapping and optical surveillance from the failed attempts. 

By definition, all successful eavesdropping is never discovered. (Usually because no one is looking for it.)

This is why smart businesses, like the All Blacks rugby organization, conduct proactive technical surveillance countermeasures inspections (aka TSCM).

If you would like to add TSCM inspections to your security strategy, contact me. I'll recommend a trusted specialist in your area. ~Kevin

Facebook Surveillance Would Make Santa Jealous, or...

...98 personal data points that Facebook uses to target ads to you...

Say you’re scrolling through your Facebook Newsfeed and you encounter an ad so eerily well-suited, it seems someone has possibly read your brain.

Maybe your mother’s birthday is coming up, and Facebook’s showing ads for her local florist. Or maybe you just made a joke aloud about wanting a Jeep, and Instagram’s promoting Chrysler dealerships.

Whatever the subject, you’ve seen ads like this. You’ve wondered — maybe worried — how they found their way to you...

While you’re logged onto Facebook, for instance, the network can see virtually every other website you visit. Even when you’re logged off, Facebook knows much of your browsing: It’s alerted every time you load a page with a “Like” or “share” button, or an advertisement sourced from its Atlas network. Facebook also provides publishers with a piece of code, called Facebook Pixel, that they (and by extension, Facebook) can use to log their Facebook-using visitors. more

Banksy Spy Art Destroyed


This famous Banksy artwork showing "snooping" in Cheltenham has been removed. 

Spy Booth depicts three 1950s-style agents, wearing brown trench coats and trilby hats, using devices to tap into conversations at a telephone box.

On April 13, 2014 the mural first appeared on the house in Fairview Road, Cheltenham.

The graffiti street art - which highlights the issue of Government surveillance - is located on the Grade II listed building near GCHQ, where the UK's surveillance network is based.

Spy Booth was granted listed status by Cheltenham Borough Council but the house itself has been put up for sale in January this year.

A social media post yesterday appeared to show the mural being cut down behind a tarpaulin. more