Wednesday, March 15, 2023

Spy History: Evolution of Aerial Spying Over the Past 200 Years

Last month, the US government shot down a Chinese spy balloon floating near a South Carolina beach. 

The Pentagon said it was there gathering intelligence. China said it was doing civilian research. Regardless, it was nothing new.

Governments have been spying on each other for hundreds of years...Here's how surveillance from the sky has developed over the years...

The first record of aerial surveillance happened toward the end of the 18th century. During the Revolutionary War, the French successfully used hot air balloons to monitor combat during the Battle of Fleurus against Britain, Germany, and Holland. more

From Phone Bugging to Kidnapping...

 ...these are the biggest security concerns of the super-rich...

Armed burglaries, kidnapping, offshore bank account hacking - when it comes to security risks of the super-rich, nothing is off the cards.

‘UHNWs often have unique security concerns due to their wealth and high profile’, says David Webb, Managing Director at Valkyrie, a specialist security consultancy firm. ‘These issues are not just specific to them but can also involve their families and close friends...

In addition to the investigation we conducted a TSCM sweep (Technical Surveillance Counter Measures aka bug search), cyber review and device compromise check, as it was believed the blackmailer had access to the clients systems and possibly had planted eavesdropping devices in his house and office – which ultimately proved true.’ more

KamiKakaBot: Corporate Espionage & Eavesdropping Tool

Suspected government-backed hackers are attacking...with malware called KamiKakaBot that is designed to steal sensitive information.
Researchers from Amsterdam-based cybersecurity firm EclecticIQ attributed the attacks to the advanced persistent threat (APT) group Dark Pink...

Dark Pink's main goals were to conduct corporate espionage, steal documents, capture sound from microphones of infected devices, and exfiltrate messaging data, according to research by cybersecurity firm Group-IB. more

UK: No More Mr. Nice Guy, Spy

The day's headlines
• UK intelligence ramps up efforts to counter Russian spies
• MI5 to establish new security agency to counter Chinese hacking, espionage


According to the report, a new department of national security will be established within MI-5. Its goal will be to advise companies, research organizations, and universities that may be victims of industrial espionage. In addition, private and public entities will be able to contact the new body for advice on how to interact with partners from China and or how to safely use Chinese-made equipment...

London is also preparing to announce a $24 million increase in BBC funding to counter Chinese and Russian disinformation in vulnerable countries. In addition, funding for a Chinese language training program for UK diplomats will be doubled. more

Spy Coffee and You're In

FL - A 31-year-old man was arrested and accused of placing a hidden camera inside the men’s bathroom at the “We Spy Coffee & More” shop in Tarpon Springs, according to authorities.

On Monday, the Tarpon Springs Police Department said a customer was using the men’s restroom at the “We Spy Coffee & More” shop, located at 505 Dodecanese Blvd., when they noticed they were being recorded by a camera placed underneath the sink.

“it was an iPhone that was propped underneath the sink and it was upside down. He picked the phone up and he looked at it and he saw that it was actually actively making a video recording,” said Detective John Melton.
The victim confronted 31-year-old Spyridon Voulgarakis, who is an employee of the store. Authorities said Voulgarakis later admitted to hiding the camera and recording other men using the restroom. more

Friday, March 10, 2023

From Those Wonderful Folks Who Brought You Spy Balloons & Trojan Horse Cranes...

...Spy Buoys
Months before a Chinese spy balloon drifted across Alaska and Canada, the Canadian military discovered and retrieved Chinese spy buoys in the Arctic, a region of long interest to Beijing. The Chinese buoys were monitoring U.S. submarines and the melting of ice sheets. Retired Canadian Armed Forces (CAF) Lieutenant-General Michael Day said the buoys would likely have been used to monitor U.S. nuclear submarine traffic in the Arctic, and for mapping seabeds and ice thickness. more

How to Spot a Chinese Spy on Social Media

National security experts say foreign adversaries are using popular job sites like LinkedIn and Indeed to recruit spies and extract trade secrets from U.S. workers...

There are a few things to look out for if you think you’re being targeted on social media. 
  • Urgency: Be cautious of anyone who connects on social media and makes it seem like they need information quickly.
  • Do your research: Be skeptical of anyone who claims to be part of a company or think tank where there is little or no information available on the organization.
  • Probing questions: Be wary of social media accounts that connect and follow up with a lot of questions pertaining to industry specifics.
“They’ll offer that person an opportunity that is difficult to turn down,” said MacIntyre. “For example — an all-expense paid trip, a high paying new job — all of these can be appealing to people and then once they get that person over into their country to agree to do that, those people are often put in compromising situations or are pressured to provide information that they shouldn’t provide.”

Both experts said it’s best to follow the old adage: if the offer sounds too good to be true, then it probably is. more

Odd-Ball Spy News

Fifth of Government Workers Don't Care if Employer is Hacked
(Probably true for all businesses.)
Ivanti, the security vendor polled 800 public sector workers worldwide to compile its new Government Cybersecurity Status Report. It found a “not my job” attitude is exposing governments to excessive cyber-risk. Just a third (34%) of workers recognized that their actions impact their organization’s security posture. Nearly two-fifths (36%) said they haven’t reported phishing emails in the past, while a fifth (21%) said they don’t even care if the organization is hacked. more (This may help.)
Extra Credit: Seven years ago this month... Survey revealed 1 in 5 employees would sell their passwords.

Sweaters That Fool Facial Recognition
Protect your facial biometric data with knit wear? As absurd as that sounds, designer Rachele Didero, of the Italian startup Cap_able, has patented textiles that do just that. The patterns trick facial-recognition cameras into thinking it's not looking at a person. The pieces in the Manifesto Collection which include sweaters, pants, a dress, and a shirt, start at ~$300.
The idea has been around for a while.
Cheaper alternate designs; some with next day delivery!

Famed Manhattan Showroom Loses Peephole Camera Appeal
Manhattan appeals court on Thursday revived the brunt of a lawsuit against the renowned New York Design Center over a video camera... Cast your mind back to 2014... A camera hidden in the wall of a ladies' room at the New York Design Center secretly documented customers and employees for a month, a new lawsuit alleges. According to court documents obtained by the Post, the camera was found behind a broken wall tile on the sixth floor bathroom in April; the custodian who discovered it said it was trained on one of the stalls. more

Who Is Anthony Pellicano?
Infamous Hollywood private investigator Anthony Pellicano is the subject of a new documentary Sin Eater: The Crimes of Anthony Pellicano. The two-part special debuts on March 10 at 10 p.m. on FX and will stream on Hulu. Pellicano...gained a reputation as a fixer who could dig up dirt on his clients’ enemies to make them go away. But Pellicano’s ruthless methods were eventually his undoing, as he served extensive prison time for weapons charges as well as racketeering, wiretapping, and other crimes. more & as previously reported here.

Chinese Rocket that Delivered Military Spy Satellites Breaks Up Over Texas
The second stage of a Chinese rocket that delivered a trio of military surveillance satellites in June disintegrated over Texas on Wednesday, USNI News has learned. The four-ton component of a Chang Zheng 2D ‘Long March’ rocket punched through the atmosphere on Wednesday over Texas at 17,000 miles per hour and disintegrated, two defense officials confirmed to USNI News on Thursday... The debris field is over the least populated counties in the state, according to the Texas Demographic Center. more

The 10 Best Spy Movies That Aren't James Bond
When it comes to pure action-packed entertainment, few genres serve up as many thrills as spy movies. Spy films have been a mainstay of cinema all the way back to the medium's earliest days, like 1914's silent film The German Spy Peril. The genre kicked into high gear during the Cold War... more

SafeHouse Chicago, Spy-Themed Restaurant and Bar, Abruptly Closes
After six years of catering to secret agents and curious spies across Chicago, a spy-themed establishment has closed its doors. SafeHouse Chicago, a restaurant and bar featuring all things espionage-related, announced its abrupt closure online Monday, saying the business has "completed its last mission in Chicago." "We want to thank all of the spies who visited our Windy City headquarters and for your loyalty and support. It has been an absolute pleasure to welcome and serve spies from around the globe," SafeHouse said, in part, in a message posted on its website. more
Spybusters Tip #692: Head to Milwaukee. Best kept secret since 1966.

Monday, March 6, 2023

A New National Cybersecurity Strategy

State-sponsored cyberattacks and corporate espionage are becoming a bigger concern with each passing year,
often resulting in millions of dollars in damages. Attackers are making off with critical data as governments, businesses, and cybersecurity experts struggle to protect citizens and customers. As of now, individuals and small businesses are on their own when attacked, but the Biden administration wants to change that and make multibillion dollar tech firms more accountable for Americans' digital safety.

The White House on Thursday unveiled a new National Cybersecurity Strategy to make cyberspace more secure for Americans. The new policy puts the onus on tech firms and large organizations to make their systems more secure, so that they are better able to resist the increasingly more sophisticated cybersecurity threats from around the world.

Explaining its stance, the Biden administration said that the "organizations that are most capable and best-positioned to reduce risks" should do more to ensure the online safety of American citizens rather than shifting the burden of cybersecurity to individuals, small businesses, and local governments. more

"Impose a legal responsibility to proactively protect National Interest Assets. Hold the corporate caretakers of our economic future accountable for protecting their valuables. Create standards of protection. Provide penalties for inadequate or negligent protection. Enforce compliance before the theft occurs."

Legal Claim: Glimpse into World of Corporate Espionage

Covert cameras and alleged hacking: how bust payments company Wirecard ‘hired spies and lawyers to silence critics’
... 

The claim, which has just been lodged in London’s high court, details allegations of covert surveillance by Kroll, and hacked communications and proposals for hi-tech attacks to intercept mobile phone data by other unknown operators.

Through its lawyers Kroll said that it had “acted entirely in accordance with all applicable laws and regulations”, that Earl’s claim was “misconceived” and that the company denied the claim in full. Jones Day did not respond to requests for comment.

Whether or not the legal claim against Jones Day or Kroll succeeds, the case, and emails disclosed in it, provide a rare glimpse into the murky world of corporate espionage and reputation management – and the lengths to which some companies will go to try to silence critics. more

Spy Bots: Last Month, Balloons - This Month, Trojan Horse Cranes

According to The Wall Street Journal, Pentagon officials are concerned that the ship-to-shore cranes — made by the China-based manufacturer, ZPMC — have emerged as a possible spying tool for the Chinese government. 

The ZPMC cranes, according to the Journal, possess "sophisticated sensors that can register and track the provenance and destination of containers, prompting concerns that China could capture information about material being shipped in or out of the country to support U.S. military operations around the world."

There are also worries of the cranes providing remote access to other parties disrupting the flow of goods in America, the Journal reports. "Cranes can be the new Huawei," said Bill Evanina, a former top U.S. counterintelligence official. more

History: Early Anti-Eavesdropping / Wiretapping Invention

November 10, 1892...
Wiretapping telegraph lines was a known problem back then. Problem was... it was risky, detectable, and the tap always lead to the tapper. In some instances, all this could be circumvented by simply eavesdropping. If one could hear the telegraph clicking—and knew code—one could jot down the message, just like the telegraph employee.

This is how the problem was solved...


Non-Disclosure Agreements That End Up in the Toilet

The need for a Non-Disclosure Agreement used to be a hard pill to swallow. Not anymore. 
NDA is an edible confidentiality agreement that protects all information exchanged within 30 minutes of ingestion.

Contract Summary
NDA is an edible non-disclosure agreement that protects in perpetuity all information exchanged within 30 minutes of ingestion. Every NDA is comprised of a size 00 gelatin capsule imprinted with a QR code leading to this website and filled with powder made from copies of this agreement printed onto rice paper with ingestible ink. NDA can be executed by any number of people at once. Simply provide every party with their own capsule before executing the agreement. Parties can extend the duration of effect by consuming additional NDA. more

Saturday, March 4, 2023

"Technical Surveillance Countermeasures Market (TSCM) Is Likely to Experience a Tremendous Growth by 2029"

(Orion Market Research reports, with explanation links added.)
Technical surveillance countermeasures market (TSCM) is anticipated to grow at a significant CAGR during the forecast period.
The emergence of wireless technology and Internet of Things technology, growing adoption of espionage device detecting systems in various sectors such as commercial, government, industrial, defence and aerospace, and rising demand for modern surveillance technologies are some of the major factors, that are expected to fuel the technical surveillance countermeasures (TSCM) market demand, during the forecast period.

TSCM, also referred to as digital bug sweeping, entails detection and identification of the presence of technological surveillance hazards and devices, including hidden microphones, cameras, or other electronic devices. It offers thorough instrumented, and, physical and visible evaluation of a facility's technical security status. This system not only detects and locates espionage devices, however, additionally identifies various regions, where an enterprise has a risk factor to lose any vital information through illicit eavesdropping devices or systems such as electronic bugs, hidden cameras, listening devices, cellular interception, Bluetooth interception, burst transmitters, laser microphones, among other devices. more
• Security Companies: Add TSCM to your services menu.
• Corporate Security Departments: Add TSCM to your enterprise services.
In-house, or contract... Contact Murray Associates TSCM for free turnkey advice.

The Secret, Insecure Life Of Security Cameras

Smart" cameras are one of the most ubiquitous IoT devices in the business world today, but they’re also one of the riskiest regarding cybersecurity.

What makes these devices so problematic—and a hacker’s dream—is that they fail at basic cybersecurity, are often accessible from the internet and almost always have outbound access to the internet, too...

Corporate Espionage
A more serious threat with smart cameras is that hackers can use them to spy on a company through video and audio feeds.

Sophisticated hackers can use this type of access to monitor susceptible areas in the company, such as boardrooms, executive conference rooms and manufacturing facilities. I’ve recently seen over half a dozen corporations compromised this way. The hackers remained undetected for years while they had direct access to important meetings and manufacturing operations.

Sneaky Data Theft
Smart cameras also make it harder for companies to detect stolen data leaving their networks. In a typical IT attack, hackers run the risk of getting caught when they try to exfiltrate data from the network. However, cameras and other types of IoT are a prominent blind spot for IT teams since they typically don’t monitor the cameras’ network traffic or block them from connecting to new IP addresses. This makes cameras a perfect conduit for data theft. more