How common is corporate espionage against nonprofits?
Most of the cases of corporate espionage we know about in recent years have been uncovered by accident. There has been no comprehensive, systematic effort by federal or state government to determine how much corporate espionage is actually occurring, and what tactics are being used. It is likely that corporate espionage against nonprofits occurs much more often than is known.
Who actually conducts the espionage?
When a nonprofit campaign is so successful that it may impair a company’s profits or reputation, companies may employ their own in house espionage capabilities, or they may retain the services of an intermediary with experience in espionage...
The intermediary may hire a private investigations firm that either has multiple espionage capacities or that specializes in the particular kind of intelligence needed – such as human intelligence and the infiltration of nonprofits, or electronic or physical surveillance. These private investigations firms may subcontract out espionage to experienced operatives, which gives corporations access to specialized talent while further increasing the level of plausible deny-ability...
Corporations may also hire the services of experienced nonprofit infiltrators who may pose as volunteers, to scout out workplaces and to steal documents left unattended or unguarded. Corporate spies may also plant bugs to obtain and transmit verbal communication. Both offices and homes may be targeted for the gathering of physical intelligence. (more)
Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."
Infographic via David Schilling, Industry Tap.
According to the FBI, competitors criminally seek economic intelligence by aggressively recruiting employees and conduct economic intelligence through bribery, cyber attacks, theft of property, dumpster diving and wiretapping.
They also establish seemingly-innocent business relationships between foreign companies and U.S. industries to gather economic intelligence, including trade secrets.
Technologies Used for Espionage
Many of the technologies now used for espionage are just updated versions of previous technology: smaller, lighter and orders of magnitude more powerful.
- Spying Equipment
- Spy Cameras
- Lock Picks
- Computer Hacking
- Network Intrusion
- Video Pen Cameras
- Miniature Cameras
- Mobile Phone Spy Gadgets
- Call Recorders
- SIM Card Readers
- Stun Guns Looking Like Cell Phones
- Telebugs
- Bionic Ear Boosters
- Voice Changers
- Audio Jammers
- Wireless Video Cameras
- Pinhole Video Cameras
- Google Glass type sunglasses, or glasses that record video, pictures and sound
- Asset Tracking Devices
- GPS Tracking Devices
Equipment to Protect You from Spies
- Cellphone Detectors
- Bug Detectors
- Thermal Vision
- Surveillance Cameras (more)
And, of course, us.
Click here for statutes.
|
Click to enlarge. |
Data is the currency of surveillance, and it's not just the NSA and GCHQ looking to cash in. As a newly released cache of documents and presentation materials highlights, the private surveillance industry is booming. More shocking is that many firms claim in their own corporate PowerPoints that they've got capabilities that rival that of the government giants.
The document trove, called the Surveillance Industry Index (SII) and released by Privacy International, and contains 1,203 documents from 338 companies in 36 countries, all of which detail surveillance technologies...
Of course, that world isn't open to average consumers, which is why SII—and previously, Wikileaks' Spy Files, among others—is eye-opening. What's even more concerning than systems that guarantee "complete data inflow from all networks" is who's buying it. And while all the brochures I've read so far are careful to specify that surveillance tech is only for legal data collection, "legal" is a very fluid term worldwide...
There's a very good reason that the UN High Commissioner called privacy a human right earlier this year: The vast tools available to people with enough money and network access are more capable of accessing private information than ever before...
"There is a culture of impunity permeating across the private surveillance market, given that there are no strict export controls on the sale of this technology, as there on the sale of conventional weapons," Matthew Rice, a research consultant with Privacy International, told The Guardian. (more)
French police are questioning top executives of the Swedish furniture chain IKEA after allegations that the company illegally used police files to spy on staff and customers.
The arrests of the chief executive officer of IKEA France, Stefan Vanoverbeke, his predecessor, and the chief financial officer, come after more than a year and a half of investigations.
Police searched the company’s head office outside Paris 11 days ago. (more)
Researchers at the University of Surrey, UK have successfully used readily available and inexpensive electronic components, combined with a shopping cart antenna, to eavesdrop on NFC and HF RFID contactless communication.
The shopping cart did not perform as well as a small inductive loop antenna (that could be concealed with the electronics in a backpack) but neither are likely to arouse suspicion.
The researchers say that the eavesdropping distance can be as much as 100cm but is dependant on the strength of the magnetic field generated by the victims device.
Companies like VISA, Mastercard and Google who have already developed platforms for contactless payments can now add eavesdropping to the existing security threats of skimming and relay attacks. Original paper here (PDF).
If you're walking around downtown Seattle, look up: You'll see off-white boxes, each one about a foot tall with vertical antennae, attached to utility poles. If you're walking around downtown while looking at a smartphone, you will probably see at least one—and more likely two or three—Wi-Fi networks named after intersections: "4th&Seneca," "4th&Union," "4th&University," and so on.
That is how you can see the Seattle Police Department's new wireless mesh network, bought from a California-based company called Aruba Networks, whose clients include the Department of Defense, school districts in Canada, oil-mining interests in China, and telecommunications companies in Saudi Arabia.
The question is: How well can this mesh network see you? (more)
What happens in Vegas stays... with the authorities?
Las Vegas is
installing Intellistreets, which are street lights that have many
talents -- including the ability to record sound and shoot video. (video report)
In September 2012 FBI agents in Kansas City, Missouri, arrested two Chinese nationals, Huang Ji Li and Qi Xiao Guang, after they paid $25,000 in cash for stolen trade secrets pertaining to an American company’s manufacture of cellular-glass insulation, or foam glass.
Huang trespassed onto the company’s flagship plant in Sedalia, Missouri, 3 months prior and asked suspiciously detailed questions about the facility’s manufacturing process for the insulation. It also is believed he approached an employee at the company’s corporate headquarters in Pittsburgh, Pennsylvania, just days before seeking to build a foam-glass factory in China.
A judge sentenced Huang to 18 months in prison and a $250,000 fine in January 2013 and Qi, Huang’s interpreter, to time served, a $20,000 fine, and deportation. During sentencing, company officials estimated the value of the targeted trade secrets at $272 million.
The threat of economic espionage and theft of trade secrets to U.S.-based companies is persistent and requires constant vigilance. Even after Huang was arrested, pled guilty, and was sentenced, investigators believed the company’s trade secrets still were at risk for targeting by would-be competitors. (more)
Corporate espionage from a German perspective...
At a trade fair, the head of a company discovers a machine developed by his own employees - but at the stand of a competitor, where the new item is proudly displayed. Looking through his company's inventory, he sees four new printers, even though he in fact ordered five. And to top things off, he's having problems with the state prosecutors, who say his firm is implicated in a bribery charge. His company, in short, has fallen victim to industrial espionage - three times over.
Since 2001, some 61 percent of German companies have fallen prey to these or similar crimes. In 2013, by comparison, just 45 percent of German firms were entangled in such an affair. Those were the conclusions of a study conducted by business consulting giant PricewaterhouseCoopers (PCW) together with Martin Luther University in Halle-Wittenberg (MLU). For the study, more than 600 German companies, each with at least 500 employees, were examined every two years...
...in the areas of "industrial espionage, economic espionage and the leaking of work and business secrets," there have been frighteningly high numbers of suspected cases. And there could be far more, the analyst added, since being spied upon doesn't necessarily mean that you know it's happening. Corruption ends with prosecutors knocking at the door; an inventory check usually clears up theft. But with spying, "Nothing is gone." (more)
Part of the Security Scrapbook's reason for being is that last sentence. Tracking some of the business espionage stories per year indicates the size of the problem.
Example: If 1% of business espionage is discovered, and 1% of discovered business espionage becomes news, then 50 business espionage news stories equals 500,000 business espionage attacks — 499,950 of which were successful. Adjust the percentages to suit yourself, but you get the idea.
The point is, you won't know when your intellectual and strategic pockets are being picked. Especially, if you are not checking regularly.
Call me. I can help.
India - The Central Crime Branch (CCB) police arrested two persons, who allegedly used a software to collect confidential and personal data of cellphone users, for detective purposes...
The preliminary investigation has revealed that several mobile numbers of clients all over India have been snooped upon over the past year, the police said.
[The] firm was allegedly involved in using snooping software on Android and Blackberry based mobile phones. The firm was allegedly monitoring phone calls and messages of people, on behalf of their clients for detective purposes...
Once the software is installed and whenever user starts using the mobile, all data pertaining to his calls including conversation recordings / messages / e-mails, chats, picture and videos on the mobile phone would be automatically uploaded to a server hosted somewhere else using the target mobile phone’s GPRS data.
Even the exact geographical movements of the target in terms of latitude and longitude would be recorded and sent to the server in real time. The clients of detective agencies would be provided with a login username and password to view the data and movements of target’s mobile phone on a web browser and Google maps. (more)
Efforts to steal trade secrets from U.S. companies continue at a high level and are hitting new targets, in spite of major efforts to stop such industrial espionage. Losing trade secrets hurts the economy by discouraging investments in the research critical to growth. Some new players are getting into the fray, and the attacks hit a huge variety of businesses from high tech to high fashion.
Plans for a fighter jet are an obvious target for corporate and other kinds of spies, but experts say industrial espionage also has been aimed at high fashion designers and toymakers, innovative steel makers, food and beverage companies, clean energy research and wind turbine makers. Corporate spies also are seeking information about the management practices that guide successful businesses. (think boardroom bugging) (more)
"We offer our clients a bullet-proof suit to keep them safe during their travels to dangerous places for work. We wanted to create a lightweight garment that not only looks professional, but can also act as reliable body armor. The idea was to create a stylish and discreet alternative to wearing a bulky bullet proof vest underneath a suit. This way, our clients, wouldn’t have to worry about looking awkward during meetings, and they can travel to work feeling comfortable, safe, and confident.
This past year, Garrison Bespoke worked alongside suppliers for the US 19th Special Forces in developing the custom bulletproof suit. Using nanotechnology, it’s comprised of the same carbon nanotubes designed for the US troops’ uniforms in Iraq. Yet, the patented suit material is a lot thinner and flexible; fifty percent lighter than Kevlar (the material commonly used in bullet-proof gear). The entire suit acts like a shield, with nanotubes in the fabric hardening to block force from penetrating through.
The Garrison Bespoke bullet proof suit was made to fulfill three important expectations: First, to be modern and stylish. Second, to be light and comfortable. And, third, to be reliable and safe. After putting the suit to test, we can proudly say that all expectations have been met." (more)
Prices start around $20,000.00.
Among the five people added this week to the FBI's list of "most wanted" cyber criminals is a former San Diego college student who developed an $89 program called "Loverspy" or "Email PI." Sold online from his apartment, the program was advertised as a way to "catch a cheating lover" by sending the person an electronic greeting card that, if opened, would install malicious software to capture emails and instant messages, even spy on someone using the victim's own webcam.
|
Click to enlarge. |
The case of Carlos Enrique Perez-Melara, 33, is noteworthy because he appears to have made relatively little money on the scheme, unlike others on the FBI list who were accused of bilking millions of dollars from businesses and Internet users worldwide. But Perez-Melara, a native of El Salvador who was in the United States on a student visa in 2003 when he sold the spyware, allegedly helped turn average computer users into sophisticated hackers who could stalk their victims...
In addition to hacking-for-hire services, there is an established
commercial market for snooping software that domestic violence advocates
warn can also be used to stalk victims. Software such as ePhoneTracker
and WebWatcher, for example, are advertised as ways to monitor kids'
online messages and track their location. For $349 a year, Flexispy of
Wilmington, Del., promises to capture every Facebook message, email,
text and photo sent from a phone, as well as record phone calls. These
services generally would be legal only if the person installing the
software also owned the device or were given consent by the owner. (more)