Friday, October 21, 2016

Sheriff Arrested - Bugged Ex-girlfriend

TX - The sheriff of Palo Pinto County has turned himself in on felony charges 

of spying on his ex-girlfriend.

Ira Mercer is accused of using an electronic device to intercept his former girlfriend's communications. The indictment lists two incidents, one on Jan. 24, 2015 and again on Dec. 10, 2015...

He is not seeking re-election and his term ends at the end of the year. more

Shades of...
Former Lake Co. deputy accused of illegally recording ex-girlfriend

DIY NSA ...at home, in your spare time!

Harold Thomas Martin is alleged to have spent more than 20 years collecting data from multiple government agencies, federal prosecutors said.

My conception photo of his home office.
Court documents say 50 terabytes of data had been seized but it is not clear how much of this was classified...

Mr Martin was employed with Booz Allen Hamilton, the same consulting firm that employed Edward Snowden, who gave documents to journalists exposing NSA surveillance practices...

If the case succeeds, it raises serious questions about NSA security, says Alan Woodward, a computer security expert from Surrey University.

"The only extraordinary thing about this story is the volume of data stolen," he said.

"If someone was taking the data out of the NSA over a very long period of time, regardless of motive, it does raise a few questions about how they were able to do that: if someone is removing data habitually you'd expect that to be spotted." more

ESCAPE THE NET: A 5-step guide to going MIA online

How do I erase myself from the internet? With growing concerns over online privacy and government surveillance, what was once a seemingly unthinkable question is now becoming more common...

The answer, as you may have guessed, is not so simple. As the saying goes, the internet is forever, and smart, dedicated stalkers will always be able to track you down. But if you're committed — and patient — you can come awfully close to removing your digital footprint. Here's how to do it.

Step 1: Delete your social, shopping and entertainment accounts.

Step 2: Search for yourself and cut any remaining ties.

Step 3: Remove outdated search results.

Step 4: Clear your information from data collection sites.

Step 5: Contact your phone company, unsubscribe from mailing lists and delete your email accounts.
(details on each step here)

Congratulations, you no longer exist online. Right? Well, actually ... you probably still do. It's incredibly hard to fully delete your presence on the internet, but by following these steps, you've come as close as you possibly can.

Wednesday, October 12, 2016

Business Espionage Alert: Spying is the New Hacking

Increasingly cybercriminals are using spying techniques better associated with intelligence agencies 
 
to identify relevant information about you and your life and turn that around to attack you.

"There are no hackers, they're all gone -- there are only spies," says Eric O'Neill, national security strategist for Carbon Black and a former FBI counter-intelligence operative.

"The new hackers are using traditional espionage techniques and they're blending it with advanced cyber penetrations in order to steal information," he says, adding "just ask the DNC". more

As predicted back in 2013. Help is available. ~Kevin

Smart Watches Banned from Government Meetings

Apple Watch reportedly banned from UK government meetings due to Russian spying fears.

Virtually all connected devices are susceptible to hacking, which is why the UK government banned smartphones from cabinet meetings over fears that they could be used by foreign agents to eavesdrop on sessions. Now, the ban has been extended to cover Apple Watches and similar wearables.

The Telegraph reports that the UK government's biggest concern is that Russian spies could potentially hijack any smart device to discover national secrets. “The Russians are trying to hack everything,” said one source.

There haven't yet been any reported incidents of cybercriminals, Russian or otherwise, using smartwatches to listen in on sensitive government meetings, but the idea isn’t just a case of being overly paranoid. more

Beans from Boston Accused of Spying

CT - A borough couple is suing their neighbors in federal court, alleging they have used the windows and porches of their newly enlarged home to “launch a full scale threatening attack” on their neighbors by continuously spying on them.

Dave and Reba Williams also allege that their Water Street neighbors, Randall and Elizabeth Bean and their two adult sons, Christopher and Matthew, may also be disseminating their recordings and photographs electronically and in other ways.

They allege the two Bean sons have undertaken the surveillance in an “deliberate, calculated effort to harass them.''...

The Williamses, who are in their 80s and residents of Greenwich, have a summer home at 24 Water St. that is appraised by the town at $1.7 million. They bought the home in 2007.

The Beans, who live in Boston, have a summer home at 28 Water St. that they bought in 2014 and is appraised by the town at $1.4 million. Both homes are on Stonington Harbor. more

Yahoo Email'ers Fed-Up with Hacking and Spying Find Forwarding Door Locked

After back-to-back revelations that hackers had compromised a staggering 500 million Yahoo Mail accounts and that the company had complied with a US government request to open incoming emails for surveillance, 

some users are having a hard time switching to any of Yahoo's competitors.

While it remains unclear how many users intend to leave over the privacy concerns and bad publicity, several told the Associated Press that their ability to do so has been hampered since the beginning of the month, when Yahoo disabled its automated email-forwarding option.

Those who had already set up their forwarding are unaffected, but those who wish to begin forwarding messages now are unable. more

Monday, October 10, 2016

How to Delete Your Private Conversations from Google

Google could have a record of everything you have said around it for years, and you can listen to it yourself.

The company quietly records many of the conversations that people have around its products. 

The feature works as a way of letting people search with their voice, and storing those recordings presumably lets Google improve its language recognition tools as well as the results that it gives to people.

But it also comes with an easy way of listening to and deleting all of the information that it collects. That’s done through a special page that brings together the information that Google has on you.

It’s found by heading to Google’s history page and looking at the long list of recordings. The company has a specific audio page and another for activity on the web, which will show you everywhere Google has a record of you being on the internet. more

Friday, October 7, 2016

Bugged Samovar Leads to Arrest of Russian Officials

Russia's security service arrested three senior officials after recording conversations using a bug hidden in a samovar they had given as a gift of thanks for anti-corruption efforts, it's emerged.

According to the influential Kommersant newspaper, the Federal Security Service (FSB) planted the bug as part of an investigation into senior officials of the Russian Investigations Committee (SKR) who were said to be taking bribes. The samovar - engraved with the letters "FSB" and the organisation's logo - been presented to the head of the Investigations Committee's Internal Security Directorate, Mikhail Maksimenko, and was left sitting in his office, Moscow daily Izvestiya reports.

The three were arrested in July, but details of the bugging operation have only just been revealed as their case comes to court. more

But wait! 
There's more!
This isn't the first time a Russian samovar has been accused of being a bug. 
Check this out.  ~Kevin

Wednesday, October 5, 2016

Business Espionage: Houston Fortune 500 Energy Company Invaded Twice

The Federal Bureau of Investigation says it is looking into the theft of intellectual property from a Fortune 500 company in Houston’s energy corridor.

The company has asked to not be identified for security reasons, but the FBI wants to know why the man took several items from the business during its off-hours last year.

The man was caught on camera during the theft and during another burglary attempt at the same company.



According to the FBI, at approximately 3 a.m. on June 25 the burglar gained unauthorized access into the building through a defective door. After spending a couple of hours inside, the man exited with property belonging to the company and its employees.

On Dec. 30, the same man attempted to enter the same Fortune 500 Company. This time, the man was unable to get into the secure area of the building. He stole a security radio from a desk in the lobby on his way out. more

As IT security becomes better, intrusion, theft and the planting of bugging devices will increase. Conduct periodic technical surveillance countermeasures (TSCM) to reduce opportunities and risk. Read the Facilities Management article,  How to Handle Counterespionage to learn how. ~Kevin

Friday, September 30, 2016

Hackers Infect Army of Cameras, DVRs for Massive Internet Attacks

Attackers used an army of hijacked security cameras and video recorders to launch several massive internet attacks last week, prompting fresh concern about the vulnerability of millions of “smart” devices​in homes and businesses connected to the internet.
The assaults raised eyebrows among security experts both for their size and for the machines that made them happen. The attackers used as many as one million Chinese-made security cameras, digital video recorders and other infected devices to generate webpage requests and data that knocked their targets offline, security experts said. It is unclear whether the attackers had access to video feeds from the devices.

Click to enlarge.
more

"The Cone of Silence" ...as invented at MIT

Once heralded as an ingenious design strategy for saving money and fostering collaboration, the open-plan office has fallen from grace. 
It's increasingly viewed by employees as a stressful, noisy nuisance, but with real estate prices soaring, it's not an easy trend for many companies to reverse. That's why some of the best solutions have been small-scale interventions that reconfigure existing open-plan spaces to fit employees' needs in the moment.
But ask Skylar Tibbits to design a reconfigurable space for your open office and you're going to get a whole different animal. That's what happened after Drew Wenzel, a civil and environmental engineer who is part of the campus development team at Google, met Tibbits and started collaborating with him earlier this year...

The original Cone of Silence.
The lab's latest project brings its wild material experimentation to the everyday office: a wooden pod that lowers down from the ceiling and expands into a temporary work space. Born out of a conversation Tibbits had with Wenzel and others at Google, the transformable workspace offers a real-world application of the lab's future-focused work. more
Could also be used to secure open-area desks and cubicles from after-hours snoops. ~Kevin

Tuesday, September 27, 2016

How The Great Seal Bug Became Your Electronic Toll Tag

The story of the electronic tollbooth begins at the turn of the century, in St. Petersburg, Russia. That's where Leon Theremin was born.

Yes, that Theremin — the creator of the musical instrument you play without even touching.

"Just as World War I was starting, and then the Russian Revolution, he found himself in the middle of that and was pulled into the new Soviet inner circle and told he was now a Soviet scientist," says Albert Glinksy, who wrote the biography Theremin: Ether Music and Espionage.

Playing with electromagnetic fields while working on a gas detection meter, Theremin discovered a trick: Using the radio frequency between two antennas, he'd wave one hand for volume and the other for pitch...

Theremin was sent to New York City, where he performed and continued to invent. But he also had another mission.

"He was carrying out espionage, so he had this sort of double life in New York," Glinsky says.

In 1938, Theremin returns to Russia.

But the political winds had changed, and he was sent to a Siberian labor camp, then transferred to a prison for scientists.

It was there that Theremin took spying to a new level when he was ordered to build a bugging device to spy on the U.S. ambassador in Moscow.

"The brilliance of this device was it had no batteries, it needed no electrical external source," Glinsky says. "And it was perfectly inert until it was activated, when they wanted to externally, by microwave beams from a companion device that was a few buildings down."


The bug was the size of a quarter and placed in the office of the U.S. ambassador in Moscow. It was hidden in a seal of the United States, where it stayed for seven years before being accidentally discovered.  (Not true. It was found during a TSCM search.)

Theremin may have created the first RFID-like device. But it took a Brooklyn inventor to connect another technology — friend or foe radar — with modern computing that gets us to electronic toll collection. more

Industrial Espionage: An update on what it includes.

Industrial espionage comes in many forms; the most commonly seen is the surveillance type methods, usually seen in the secret spy books and television programs. However, the truth is far from the glamour of the fictitious man who find out about the wrong, puts it right and gets the girl. In the real world this problem is a very real thing and one of the worst types of industrial espionage is the selling of trade secrets.
But this is only one cell of a much bigger definition, in recent years the definition of what is seen as industrial espionage has increased to cover such areas as; attempts to sabotage a corporation, in some cases, malware and spyware has even entered the arena of corporate espionage. And as earlier mentioned there are the more obvious kinds of industrial espionage such as theft of trade secrets, bribery, blackmail, and technological surveillance. more

Keep all this in mind when you suspect business espionage. The attack vectors are many; about half people, half technological. Solving the problem requires a holistic strategy, and working with specialists who have holistic mindsets. ~Kevin

Two answers to, "How can corporate espionage firms exist when hacking people is illegal?"

Answer #1. You have to prove the espionage firm did something illegal. This is sometimes much harder than it might seem.

I was once interviewed by an IT manager of a major telecoms company. They had security like nothing I had ever seen - it was like the introduction of the old spy comedy Get Smart - layer after layer of heavy doors, big muscle doormen, ID checks, cameras…

 

I asked why they had all the security. The IT manager said “our main rival is hiring investigators to learn anything about us, any way they can”. Of course, his firm was doing the same to the rival firm - so they were in no position to complain about illegal tactics.

And of course, if the other firm had snuck someone in, someone who planted say a radio network bug, to give the spy direct access to the firm’s internal network - how could anyone prove who they were, and why they were there? I’m sure that “copping a trespass charge” was part of the deal for spies who entered the premises illegally.

Answer #2. Simple : Spying is not limited to hackingmore