A cybersecurity expert and former Google privacy analyst’s urgent call to protect devices and networks against malicious hackers.
New technologies have provided both incredible convenience and new threats. The same kinds of digital networks that allow you to hail a ride using your smartphone let power grid operators control a country’s electricity—and these personal, corporate, and government systems are all vulnerable.
In Ukraine, unknown hackers shut off electricity to nearly 230,000 people for six hours. North Korean hackers destroyed networks at Sony Pictures in retaliation for a film that mocked Kim Jong-un. And Russian cyberattackers leaked Democratic National Committee emails in an attempt to sway a U.S. presidential election.
And yet despite such documented risks, government agencies, whose investigations and surveillance are stymied by encryption, push for a weakening of protections. In this accessible and riveting read, Susan Landau makes a compelling case for the need to secure our data, explaining how we must maintain cybersecurity in an insecure age. more
Monday, January 15, 2018
Saturday, January 13, 2018
Ikea Spying Trial Recommended by French Prosecutors
French prosecutors are recommending that Ikea France and 15 people, including police officials, be put on trial on charges of spying on employees and customers.
Three former senior Ikea executives including two ex-chief executive officers (CEOs) are among those charged after an investigation that dates back to 2012. more
Three former senior Ikea executives including two ex-chief executive officers (CEOs) are among those charged after an investigation that dates back to 2012. more
Creepy Peeper Spied 1000+ Computer Mics and Cameras... for 13+ years!
The technical description of the “Fruitfly” malware is “spyware.” But given the way it has allegedly been used, a better label would be creepware...
According to a 16-count indictment unsealed on Wednesday in US District Court for the Northern District of Ohio, its creator, Phillip R. Durachinsky, 28, used it to spy on thousands of victims for more than 13 years. Durachinsky spent this time not only collecting personal data but also watching and listening to victims through their webcams and microphones, and using some of what he collected to produce child abuse imagery...
The victims ranged from individuals to companies, schools, a police department and government entities including one owned by a subsidiary of the US Department of Energy.
According to the DoJ:
According to a 16-count indictment unsealed on Wednesday in US District Court for the Northern District of Ohio, its creator, Phillip R. Durachinsky, 28, used it to spy on thousands of victims for more than 13 years. Durachinsky spent this time not only collecting personal data but also watching and listening to victims through their webcams and microphones, and using some of what he collected to produce child abuse imagery...
The victims ranged from individuals to companies, schools, a police department and government entities including one owned by a subsidiary of the US Department of Energy.
According to the DoJ:
(It) enabled him to control each computer by accessing stored data, uploading files, taking and downloading screenshots, logging a user’s keystrokes, and turning on the camera and microphone to surreptitiously record images and audio.It said he saved millions of images, kept detailed notes on what he observed, and designed it to alert him if a user typed words associated with pornography. more
(He) used the malware to steal the personal data of victims, including their logon credentials, tax records, medical records, photographs, banking records, internet searches, and potentially embarrassing communications.
Spycam Found in Mall Family Restroom
MD - Authorities say a man set up a spy camera that recorded both children and adults in the family restroom of a Baltimore-area mall.
The Baltimore Sun reports a patron at White Marsh Mall found the camera Dec. 23, and the incident was made public Thursday, when Baltimore County police released footage of the suspect. The camera was found at a restroom located near the food court. more
Like most spycamers, this guy gets our Darwin Award... for taking a video of himself while installing the camera.
Do you offer restrooms to employees, visitors and the public. A spycam incident will put you at risk of being sued. Proactive due diligence is your best defense. Click here for the complete solution.
The Baltimore Sun reports a patron at White Marsh Mall found the camera Dec. 23, and the incident was made public Thursday, when Baltimore County police released footage of the suspect. The camera was found at a restroom located near the food court. more
Like most spycamers, this guy gets our Darwin Award... for taking a video of himself while installing the camera.
Do you offer restrooms to employees, visitors and the public. A spycam incident will put you at risk of being sued. Proactive due diligence is your best defense. Click here for the complete solution.
Friday, January 12, 2018
Top Ten Unusual TSA Finds of 2017 & 2016
Imagine what went on before the days of airport security checks...
Thursday, January 11, 2018
TSCM History: Wiretapped Phone Found at Nuclear Regulatory Commission’s Predecessor
According to the FBI file, a few months before it was abolished, a bug was discovered in the Honolulu offices of the Atomic Energy Commission. The device would not only let someone listen in on phone calls, but any conversations held around the phone - even when it wasn’t in use.
According to the file, the bug was discovered by one Lt. Colonel Harry Tear Jr., assigned to Army counterintelligence at Fort Shafter. While performing a regular electronics sweep in June of 1974, Tear discovered a modification to the phone of Williams Hills, who was the Director for the Atomic Energy Commission’s Pacific Area Support Office, reporting to the Nevada Operations Office.
When it was discovered, the phone wasn’t being used to monitor the room. The file notes, however, that it easily could be. When connected, the phone wouldn’t just transmit the conversation being held, but every conversation in the room that happened to be in range of the phone’s receiver. They were unable to determine when it had been installed or how often it had been used, but noted that the wiring appeared to have been done professionally. They were also able to confirm that the device could pick up conversation in the room in practice, not just in theory...
And now for some good advice if you find an electronic surveillance device...
...Simply knowing what information has gotten out does little good without an idea of who will have it, and it’s next to impossible to judge how information will be used without knowing who has it. This is one of the primary reasons for law enforcement to leave a bug in place. While counterintelligence officers would also be interested in the same information, a clever officer or group of officers would use the bug as a way of feeding the listener specific information and misinformation in order to manipulate them in various ways. more
According to the file, the bug was discovered by one Lt. Colonel Harry Tear Jr., assigned to Army counterintelligence at Fort Shafter. While performing a regular electronics sweep in June of 1974, Tear discovered a modification to the phone of Williams Hills, who was the Director for the Atomic Energy Commission’s Pacific Area Support Office, reporting to the Nevada Operations Office.
When it was discovered, the phone wasn’t being used to monitor the room. The file notes, however, that it easily could be. When connected, the phone wouldn’t just transmit the conversation being held, but every conversation in the room that happened to be in range of the phone’s receiver. They were unable to determine when it had been installed or how often it had been used, but noted that the wiring appeared to have been done professionally. They were also able to confirm that the device could pick up conversation in the room in practice, not just in theory...
And now for some good advice if you find an electronic surveillance device...
...Simply knowing what information has gotten out does little good without an idea of who will have it, and it’s next to impossible to judge how information will be used without knowing who has it. This is one of the primary reasons for law enforcement to leave a bug in place. While counterintelligence officers would also be interested in the same information, a clever officer or group of officers would use the bug as a way of feeding the listener specific information and misinformation in order to manipulate them in various ways. more
Wednesday, January 10, 2018
Krebs Arraigned for Wiretapping (Joshua, not our esteemed Brian.)
What a teacher's lounge should look like. |
Court papers allege Krebs electronically eavesdropped on conversations in the elementary school faculty break room in April 2016...
On April 5, 2016, it is alleged that Krebs, with the assistance of Pleasant Valley School District Technology Supervisor Alex Sterenchock planted a video and audio recording device in the teacher’s lounge, in order, Krebs later said, to catch a custodial staff member in dereliction of their duties.
The device, was discovered a day later, positioned to capture audio and video in the seating area of the lounge. more
Tuesday, January 9, 2018
The Case of the Spying Judge, or Your Honor's Poor Judgement
Two state judges have sued the New Mexico Judicial Standards Commission, demanding secret surveillance recordings they say were made by another judge who was spying on them.
Plaintiffs Trudy Reed-Chase and Barry Sharer are magistrate court judges in Aztec, New Mexico, the seat of San Juan County. Aztec, a town of about 6,000 is in a remote area of northeastern New Mexico. The nearest large town is Farmington.
Reed-Chase, Sharer and nine other court employees sued Magistrate Court Judge Connie Lee Johnston, her husband and sister-in-law and the state in February 2016, claiming that Johnston had planted listening devices around the Aztec Municipal Courthouse, including in the offices of Reed-Chase and Sharer. They claimed that electronic surveillance equipment also was placed in the court manager’s office and other workspaces, in inmate holding facilities and in at least one bathroom. more
Plaintiffs Trudy Reed-Chase and Barry Sharer are magistrate court judges in Aztec, New Mexico, the seat of San Juan County. Aztec, a town of about 6,000 is in a remote area of northeastern New Mexico. The nearest large town is Farmington.
Reed-Chase, Sharer and nine other court employees sued Magistrate Court Judge Connie Lee Johnston, her husband and sister-in-law and the state in February 2016, claiming that Johnston had planted listening devices around the Aztec Municipal Courthouse, including in the offices of Reed-Chase and Sharer. They claimed that electronic surveillance equipment also was placed in the court manager’s office and other workspaces, in inmate holding facilities and in at least one bathroom. more
One Million License Plates Misread by Spy Cameras in UK... every day!
UK - A network of ‘Big Brother’ spy cameras is misreading 1.2million number plates a day – meaning innocent motorists could be caught up in police investigations while criminals and terrorists escape scot-free.
A bombshell report by Britain’s surveillance tsar has warned of problems with Automatic Number Plate Recognition (ANPR) technology, which senior officers insist is invaluable in preventing and solving serious crimes
Around 9,000 cameras across the country take photos of up to 40million number plates each day. more
A bombshell report by Britain’s surveillance tsar has warned of problems with Automatic Number Plate Recognition (ANPR) technology, which senior officers insist is invaluable in preventing and solving serious crimes
Around 9,000 cameras across the country take photos of up to 40million number plates each day. more
Unresolved Bugging of Employees Haunts Accused CEO
The newly-appointed acting CEO of the Passenger Rail Association of
South Africa (Prasa), Cromet Molepo, was facing disciplinary proceedings
for bugging telephones — including that of a senior shop steward — when
he resigned as the head of Umgeni Water... attorney Julian von Klemperer, was tasked by the board to investigate the phone tapping allegations.... The “bugging” scandal received widespread publicity at the time... Von Klemperer found that the telephones of three people — two former
employees and the shop steward — were bugged on the instructions of
Molepo...
Payments — totaling R51 000 — for the illegal surveillance were made through an attorney’s office in order to conceal them. When the attorney discovered the truth, he withdrew his services and blew the whistle. more
Payments — totaling R51 000 — for the illegal surveillance were made through an attorney’s office in order to conceal them. When the attorney discovered the truth, he withdrew his services and blew the whistle. more
Reward if Found?
Lost in Space: Highly Classified Spy Satellite
An expensive, highly classified U.S. spy satellite is presumed to be a total loss after it failed to reach orbit atop a Space Exploration Technologies Corp. rocket on Sunday, according to industry and government officials.
Lawmakers and congressional staffers from the Senate and the House have been briefed about the botched mission, some of the officials said. The secret payload—code-named Zuma and launched from Florida on board a Falcon 9 rocket—is believed to have plummeted back into the atmosphere, they said, because it didn’t separate as planned from the upper part of the rocket. more
An expensive, highly classified U.S. spy satellite is presumed to be a total loss after it failed to reach orbit atop a Space Exploration Technologies Corp. rocket on Sunday, according to industry and government officials.
Lawmakers and congressional staffers from the Senate and the House have been briefed about the botched mission, some of the officials said. The secret payload—code-named Zuma and launched from Florida on board a Falcon 9 rocket—is believed to have plummeted back into the atmosphere, they said, because it didn’t separate as planned from the upper part of the rocket. more
What Becomes of Industrial Espionage?
Ever wonder what happens to all the intellectual property that is collected by corporate espionage snoops? An article in Wired Magazine gives some clues in Tesla's Latest Chinese Competitor Takes Screens to an Extreme...
Keep an eye out to see where your intellectual property is popping up. Better yet, keep an eye out for the easiest-to-spot, early warning sign you are under attack, electronic eavesdropping.
Smart businesses conduct regularly scheduled Technical Surveillance Countermeasures bug sweeps, aka TSCM. It's a standard security practice. You can learn more about it, here.
Chinese car startup Byton unveiled an SUV... if the company manages to sell for the quoted $45,000 price, will excite people who can’t wait for a Tesla Model 3...Ostensibly, this is an article about a new car, but the espionage undertones are obvious.
“What’s significant here is they seem to have done a thorough job of answering all the questions,” said Stephanie Brinley, Senior Analyst at IHS Markit, as we pushed through the crowds trying to take pictures of the crazy interior through the windows. “They seem to have learnt from some of the others who had more ideas, and less detail.”...
The SUV should be good for over 300 miles of range from a 71- or 95-kwh battery back, quite similar to what Tesla offers. The battery can be fast charged to 80 percent in 30 minutes, totally plausible with current technology. It will come with single, or dual motors, just like Tesla cars.
Keep an eye out to see where your intellectual property is popping up. Better yet, keep an eye out for the easiest-to-spot, early warning sign you are under attack, electronic eavesdropping.
Smart businesses conduct regularly scheduled Technical Surveillance Countermeasures bug sweeps, aka TSCM. It's a standard security practice. You can learn more about it, here.
Sunday, January 7, 2018
Corporate Espionage Alert - Whale Phishing in 2018
Phishing scams are becoming ever more sophisticated...
“We need to focus on people patching and the human firewall,” said Anthony Dagostino, global head of cyber risk at Willis Towers Watson. “This requires more effective training and awareness campaigns to make sure people aren’t clicking on things...
“We will see more whale phishing in 2018, where cyber criminals will target individuals based on things like their LinkedIn or Facebook profiles,” Dagostino told Insurance Business. “General counsel, chief financial officers and even board members are being very specifically targeted just for hackers to get certain information they have.
“It doesn’t necessarily have to be for a data breach – it’s really corporate espionage driven. They either want to get information on an up-coming acquisition, or future business plans that they can use for insider trading.” more
“We need to focus on people patching and the human firewall,” said Anthony Dagostino, global head of cyber risk at Willis Towers Watson. “This requires more effective training and awareness campaigns to make sure people aren’t clicking on things...
“We will see more whale phishing in 2018, where cyber criminals will target individuals based on things like their LinkedIn or Facebook profiles,” Dagostino told Insurance Business. “General counsel, chief financial officers and even board members are being very specifically targeted just for hackers to get certain information they have.
“It doesn’t necessarily have to be for a data breach – it’s really corporate espionage driven. They either want to get information on an up-coming acquisition, or future business plans that they can use for insider trading.” more
Subscribe to:
Posts (Atom)