Bail for Bug Killer Spy?

MA - A federal judge in Worcester is pondering whether to grant bail to a 45-year-old Westborough man who, in a highly unusual case, is accused of economic espionage for allegedly sending trade secrets about insecticides to China.

Kexue Huang faces a dozen counts of economic espionage to benefit a foreign government or instrumentality, as well as five counts of interstate or foreign transport of stolen property.

Assistant US Attorney Scott Garland said only six or seven people had ever been charged with the crime. He said the value of the information that Huang allegedly passed on exceeded $100 million. (more)

Sounds outrageous, but in fairness, bail is only meant to assure the accused shows up for trial. In the article his lawyer mentions, "...his client had a wife and two children in Marlborough and they would all be willing to give up their passports as well as use the $275,000 to $300,000 equity in their home to secure his bail. "It's hard to picture the whole family moving without passports to Canada or any other foreign country," he said. "It's unlikely they would be on the lam for more than 10 minutes. ... This is a responsible person, a well-educated person [with] a good job, assets."

Really? Accused spies have a habit of evaporating recently. (more)

Your Very Own "Ex" Files

What do you do when your 'ex' pops up in your Web browser like a nightmare jack-in-the-box?

Create an "Ex" file!

Ah, privacy and sanity restored.

Stalkers are disposed, one "Ex" at a time.

Reduced chance of post-break-up remorse.

It's easy. It's free. It's a no-brainer that zaps your old no-brainers to the bit bin of your Internet world window.

(blockyourex.com)

When correctly viewed, Everything is lewd. (I could tell you things about Peter Pan, And the Wizard of Oz, there's a dirty old man!)

CA - An Orange County man is expected to enter pleas in federal court to charges he hacked into hundreds of computers to extort sexually explicit videos from women and teenage girls. 

Prosecutors say 31-year-old Luis Mijangos of Santa Ana is due in a Los Angeles courtroom today. A 16-count indictment charges him with conspiracy, mail fraud, aggravated identity theft, extortion, wiretapping and other charges.

Mijangos allegedly tricked about 230 people into downloading a virus that allowed him to take over their personal computers.

Prosecutors say Mijangos looked into computers for sexually explicit pictures, then threatened to e-mail the files to victims' mailing lists to coerce them into sending him videos of them engaged in sex acts. (more) (Smut)

Spies Escaping (shocking)

A Lebanese man suspected of spying for Israel successfully escaped from Lebanon to Israel on Friday by crossing the border near Bint Jbeil, the Lebanese newspaper A-Nahar reported on Sunday. (more)

The alleged paymaster of a Russian spy ring in the United States spoke no more than necessary. He stayed in modest hotels and dressed for the Mediterranean heat: shorts and untucked shirts. He wore spectacles and a clipped mustache. Just another foreign tourist on a budget, it seemed, in a waterfront city in Cyprus where foreign tourists on budgets are a summertime fixture.

To American officials, the man identified as Christopher Robert Metsos is the spy who got away, a footloose operative who funneled money to U.S.-based accomplices, 10 of whom are in custody. Metsos, the FBI says, was a key player in an underworld of coded instructions, false identities, buried banknotes and surreptitious bag swaps.

“If you saw him on the road, you would say, ‘Good morning’ and you would keep walking,” said Michael Papathanasiou, a lawyer who represented Metsos until he jumped bail in Larnaca last week. “There was really nothing strange about him. He was a very normal, usual guy.” (more)

CALEA VoIP Taps In

The FCC has been moving to treat broadband Internet the same as phone services and with those moves, the FBI's wiretapping authority might be becoming more nebulous.

The agency is lobbying the communications commission to make sure its changes in regulation do not hinder the Communications Assistance for Law Enforcement Act which demands that telecom companies allow law enforcement to use wiretaps on phone lines and VoIP calls.

VoIP wiretapping has been challenged in court a few times unsuccessfully, but changes in regulations could hinder wiretap efforts. It seems like at this moment, however, the FCC has no plans to interfere with the wiretapping rules. (more)

Bizarre Tale of Cop v. Cop

NY - A retired police officer claims that his next-door neighbor, also a cop, stalked and threatened him, falsely accused him of being a pedophile, and illegally wiretapped his computer. He claims that the intrusive cop, Monroe County's first deputy trained in computer forensics at Quantico, Va., was convicted of felony eavesdropping and misdemeanor official misconduct. (long but interesting)

"Now Hear This!" by Winston Arrington - Available again!

Now Hear This! Electronic Eavesdropping Equipment Designs by Winston Arrington - Sheffield Electronics - 1997 (NOS)

(Click pictures to enlarge.) 
Winston Arrington's electronic eavesdropping and countersurveillance design book is available again. 

Technically excellent, with some very unusual designs, it contains about 125 schematics; all may be built with a moderate level of experience. There is also a (now dated) countermeasures section which was contributed by me.

This book was never easy to purchase. The first printing had to be ordered directly from Winston, himself. This revised and expanded second edition was only sold briefly via the now shuttered Sheffield Electronics website. And, once in a looong while, a used dog-eared copy would show up on eBay to quickly sell in the $50.-$75. range. None have appeared there recently, however.

The picture of Winston's signature is from my copy of the book. Sadly, Winston is no longer with us to sign more of them.

"Now Hear This!" is a collector's item with historical significance, and a lucky find. 

Long out-of-print, and thought to be no longer available, some "new, old stock" copies are available at amazon.com, for the very first time.

It is not known how many copies are available.

Now Hear This! Electronic Eavesdropping Equipment Designs

10 Years, gone in a flash.

Wales - A reward is being offered for the safe return of a stolen laptop containing 10 years of a company's work.

Thieves broke into DB Liquid Ltd in Ruthin and made off with two laptops. One contained specialised software in which the firm had invested over £250,000. Company director Geoffrey Williams said the programs would be no use to anyone else, but means systems of work spanning 10 years could be lost to the database constructing firm...

“We’d developed a lot of our system software on the laptop which was backed up on a flash drive,” he said. “But unfortunately that was stolen too which means 10 years of work has gone down the drain.

(more)

10 years of work and only a flash drive back-up?!?!

The flash drive was stolen, too!?!?

An investment of over £250,000?!?!

"...would be no use to anyone else..." ?!?!

I'm not buying it. 

Are you? 

I wonder who did, and for how much?
Yours truly, Johnny Dollar.

Lady Gaga meets Mr. Data

The soldier accused of downloading a huge trove of secret data from military computers in Iraq appears to have exploited a loophole in Defense Department security to copy thousands of files onto compact discs over a six-month period. In at least one instance, according to those familiar with the inquiry, the soldier smuggled highly classified data out of his intelligence unit on a disc disguised as a music CD by Lady Gaga. (more)

Spyware on Infected USB Sticks

via Krebsonsecurity.com

Researchers have discovered a sophisticated new strain of malicious software that piggybacks on USB storage devices and leverages what appears to be a previously unknown security vulnerability in the way Microsoft Windows processes shortcut files...

Independent security researcher Frank Boldewin said he had an opportunity to dissect the malware samples, and observed that they appeared to be looking for Siemens WinCC SCADA systems, or machines responsible for controlling the operations of large, distributed systems, such as manufacturing and power plants.

“Looks like this malware was made for espionage,” Boldewin said. (more)

The under surveillance comics...

Click here.

Special-Ops vs. Special-Ops

FL - The thieves hit on a weekend when no one was around. The target: a military contractor for the super secret Special Operations Command, the elite commandos who help coordinate the war on terror. The intruders entered through the roof, gaining access to iGov Technologies, which occupies suite 110 in the beige corporate center at 9211 Palm River Road. For the next nine hours, they loaded up more than 3,000 laptop computers and other equipment into two waiting semitrailer trucks. (more) 

Think your company could withstand an info-theft like this? If not, contact the counterespionage consultant who hosts this Security Scrapbook on their Web site.

Two Polls

This poll reflects the opinions of our Security Scrapbook readers.  

Which privacy invasions concern you the most? 

(Pick three.)

26% - Mobile Phone Spyware

18% - Computer Spyware

14% - Bugging

12% - GPS Tracking

11% - Covert Video (SpyCams)

6% - Wiretapping

6% - Covert Voice Recording

5% - Physical Eavesdropping

1% - Other (unspecified)

The following poll asked about smartphone security concerns. It was independently conducted by one of our Security Scrapbook readers. 

They placed their poll on two very different Web sites; one sports oriented, one more military oriented.

What's your approach to smartphone security? 

(Poll allowed users to check more than one.)

29.3% - I just don't do financial stuff with it.

15.5% - Whatever came with it is good enough. I hope.

13.7% - I added a special security program.

13.7% - OK, but who'd want to hack/eavesdrop on me?

12% - Haven't even thought about it.

10.3% - I double-check all apps before downloading.

5.0% - Not worried - Apple's got my back.

Granted, neither poll is scientifically sound or statistically significant, but the answers are interesting on an informal level. 

Thanks to all who participated. 

If you have any ideas for future Security Scrapbook polls please let me know. ~Kevin

Inception - An Industrial Espionage Dream Job

Inception opens July 16th in theaters and IMAX

Dom Cobb is a skilled thief, the absolute best in the dangerous art of extraction, stealing valuable secrets from deep within the subconscious during the dream state, when the mind is at its most vulnerable. Cobb's rare ability has made him a coveted player in this treacherous new world of corporate espionage... (more) (more)

As we've been saying all along, the final frontier of eavesdropping is mind reading. Think of the movie Inception the same way you think of _this one_ ...just with a shorter flash to bang.

Bluetooth Bites Again

UK - A British woman's lawsuit against her ex-husband claims he bugged her car to record her private conversations during the final months of their marriage.

Baksho Devi Gora of Walsall, England, filed a High Court lawsuit seeking "substantial damages" from ex-husband Harvinder Singh Gora for allegedly violating her privacy by recording private telephone conversations from her car and playing them for family and friends, The Daily Telegraph reported Friday.

They were probably made via a small device secretly attached to the Bluetooth system in Mrs Gora's car in May 2008, said her barrister, Mr Eardley. (more) (how they do it)

Spies Demise

Moscow - The 14 alleged spies deported from Russia and the U.S. remained out of public view over the weekend amid uncertainty over where they had been taken and how they would restart their lives...

Nuclear scientist Igor Sutyagin phoned his family from an unidentified hotel near London, where he is apparently confined by British authorities until a decision is made about whether he will remain in the U.K., his mother said.

The whereabouts of the others, including the 10 Russian agents expelled from the U.S. to Moscow, were unknown. (more)

Quis custodiet ipsos custodes?

via Wired.com...

We’re not sure what’s more humorous: That California Rep. Jane Harman, the ranking member of the House Intelligence Committee, maintains two unencrypted Wi-Fi networks at her residence, or that a consumer group sniffed her unsecured traffic in a bid to convince lawmakers to hold hearings about Google.

A representative for Consumer Watchdog — a group largely funded by legal fees, the Rose Foundation, Streisand Foundation, Tides Foundation and others — parked outside Harman’s and other lawmakers’ Washington-area residences to determine whether they had unsecured Wi-Fi networks that might have been sniffed by Google as part of the internet giant’s Street View and Google Maps program.

The group wants the House Energy and Commerce Committee, of which Harman is also a member, to haul Google executives before it, so they can publicly explain why, for three years, Google was downloading data packets from unencrypted Wi-Fi networks in neighborhoods in dozens of countries.(more)

Bad Guys Bug Back

Pakistan - The Farozabad Police have arrested three suspected persons and recovered bugging devices and cameras, which could have been used for terrorism. (more)

"What to do?" The First Responder Blues

The Cell Phone

dum-di-dum-dum (makes a great ringtone)

...he’s looking at a homicide. For one thing, there’s that bullet in her head. He immediately realizes that another sort of witness to this crime might be on the other end of that phone connection. He reaches through the open car window to grab the phone and thumb through its recent call history. Then he stops himself...

...He knows better than to disturb a crime scene. And he’s never seen that particular model of phone—he could potentially push the wrong buttons and destroy evidence. He needs to get that device to a forensic lab, where the information can be extracted properly, in a way that preserves not only the contacts, call histories, text messages, e-mail, images, and videos but also their admissibility in court. (more)

"What would you do?" (click here)

The Bug in the Boardroom

(music to find bugs by)

It's a hot summer Monday morning. In the offices of Mongo Industries a secretary readies the Boardroom for the weekly strategy meeting. The air conditioning has been off all weekend, and just kicked in. Then...THUNK! 

Startled, she stares under the massive table. Her eyes adjust to the dark. A small dark object with gooey strips of masking tape near the Director's chair stares back.

"What would you do?" (click here)

The employees are picking your pockets...

Thirty-five percent of companies believe that their organisation's sensitive information has been given to competitors, according to a new survey. 

Cyber-Ark Software's "Trust, Security and Passwords" global survey also found that 37 percent of IT professionals surveyed cited former employees as the mostly likely source of this loss. 

The IT security company questioned more than 400 senior IT administrators in the UK and US in the spring of 2010 for the fourth annual survey.

The survey found that the most popular sensitive information to be shared with competitors was the customer database (26 percent) and R&D plans (13 percent). (more)

"Who's your DB daddy? Say it. Say IT."

TX - A former IT senior database administrator at a Houston electricity provider was sentenced Tuesday to one year in prison for hacking into his former employer's computer network, the US Department of Justice said...

On April 30, 2008, after he was fired, Steven Jinwoo Kim, 40, of Houston, used his home computer to connect to Gexa's computer network and to a database containing information on about 150,000 Gexa customers, the DOJ said. Kim damaged the computer network and the database in the process, the DOJ said. 

Kim also copied and saved to his home computer a database file containing personal information on the Gexa customers, including their names, billing addresses, Social Security numbers, dates of birth and drivers license numbers. Kim's actions caused a $100,000 loss to Gexa, the DOJ said. (more)

USB coffee-cup warmer could be stealing your data

via New Scientist...

Are you sure that the keyboard or mouse you are using today is the one that was attached to your computer yesterday? It might have been swapped for a compromised device that could transmit data to a snooper.

The problem stems from a shortcoming in the way the Universal Serial Bus (USB) works. This allows almost all USB-connected devices, such as mice and printers, to be turned into tools for data theft, says a team that has exploited the flaw.

Welcome to the murky world of the "hardware trojan". Until now, hardware trojans were considered to be modified circuits. For example, if hackers manage to get hold of a microchip when it is still in the factory, they could introduce subtle changes allowing them to crash the device that the chip gets built into. (more)

Security Directors - You already know about the dangers of plugging in dirty USB memory sticks. Now, you need to consider the possibility that foreign governments are loading other "legitimate" USB devices with spyware at the chip level. (Hey, they did it with hard drives.) Alert the employees. Convince them to resist the "Oh, isn't it cute. Let's plug it in," temptation.

Indians Put Squeeze on BlackBerrys... again

India - Security concerns associated with the services of BlackBerry, the smartphone used by nearly a million customers in India, have come to the fore again, raising the possibility of a fresh standoff between the Canadian service provider and the government.

The government plans to give BlackBerry maker Research in Motion (RIM) 15 days to ensure that its email and other data services comply with ‘formats that can be read by security and intelligence agencies’ after its spooks recently raised a red flag against the popular handset, said department of telecom (DoT) officials familiar with the matter. (more)

Seoul Suckers Drain Life from Businesses

South Korean industrial spying cases have risen consistently, largely in the electronics industry, a center tied to the chief national intelligence agency said.

During the past six years, 203 cases have involved current and former employees who stole and tried to sell South Korean technologies abroad, the National Industrial Security Center said in a report. (more)

Spy High

UK - A university is offering a degree - in SPYING.

Students are studying organised crime and terror groups for an MSc in Intelligence Data at Coventry University.

The 12-month postgraduate course - the first in the UK - has been set up because so many students want to work in intelligence. Applications to join MI5 and MI6 have risen 90 per cent in 10 years.

The university said: "We don't teach students how to hide behind newspapers with holes cut out for eyes, but how to interpret data and build criminal profiles for police and anti-terror organisations." (more)

Interesting...

• The course is available online and can be studied either part-time or full-time. 

• Colombo is the Senior Lecturer for the Criminology portion. (Just coincidence?) 

• "...and conduct your own research project"

• Those wishing to study this course can apply online by completing this online application form. "Unfortunately we cannot process online applications from international applicants at this time. Please check our website for details of how to apply.

Answer - "You lacked a counterespionage plan."

A cautionary tale...

CA - The leaders of the California Nurses Association had barely wrapped up a news conference recently slamming GOP gubernatorial candidate Meg Whitman when they learned Whitman's campaign had been watching them the whole time.

A volunteer for the Republican had sneaked into the event held at the union's downtown Oakland headquarters and sent live streaming video back to the campaign nearly 50 miles away in Cupertino. Within hours, Whitman aides were blasting to supporters an e-mail response to the event that featured clandestine video snippets.

"I wonder who it was," union Co-President Deborah Anne Burger said after learning about the Whitman spy. "How did they get in?" (more)

Tamatebako - The Hara Kiri Thumb Drive

Losing your memory?  Get this...
Fujitsu’s has a new Secure USB Memory Device, called Tamatebako. It has 2GB capacity and supports AES 256-bit encryption and will delete its stored data after 10 minutes up to one week. 
 
It will also commit hara-kiri if told the wrong password or forced to have intercourse with an unauthorized computer. (more)

Eavesdropping on The Auditors

IA - Four employees and the owner of a failed farm implement dealership have pleaded guilty in connection with a financial scheme.

Authorities allege Walterman Implement in Dike scammed lenders through a double financing scheme, which created both real and fake loans on single pieces of farm equipment.

Leon Walterman was the former owner. The 60-year-old pleaded guilty on Thursday to mail fraud, money laundering and illegal wiretapping. (more)

Court records allege auditors' phone lines were tapped during the investigation. (more)

Eyes in the Sky: Eisenhower, the CIA, and Cold War Aerial Espionage

FREE LUNCHTIME AUTHOR DEBRIEFING AND BOOK SIGNING  

Dino Brugioni, retired senior analyst with the CIA and one of the world’s premier experts on aerial reconnaissance, reveals details of the previously untold story of President Eisenhower’s secret Cold War program to develop cutting-edge spy planes and satellites to gather intelligence. Told from his insider perspective, Brugioni sheds new light on this breakthrough program and one president’s efforts toward building an effective and technologically advanced intelligence capability.

He briefed presidents from Eisenhower through Ford. As a founder of the CIA’s National Photographic Interpretation Center, during the Cuban Missile Crisis he was a key member of the team that provided President Kennedy the evidence that the Soviets were installing missiles in Cuba.

Eyes in the Sky: Eisenhower, the CIA, and Cold War Aerial Espionage

Free!
No registration required!
Join the author for an informal chat and book signing.

International Spy Museum, 800 F Street, NW Washington, DC 20004 (more)

Is it possible that these spies were thwarted at least in part by their reliance on out-dated steganography programs?

Steganography is becoming the tool of choice for a whole cadre of criminals a lot more daunting than these putative Borises and Natashas. It’s been used to exfiltrate sensitive data in corporate espionage, state sponsored espionage, and oddly enough--by gangs. 

What’s odd here is that the SVR went with such an old-school steganography method, one that leaves traceable evidence. Because there’s a lot better stuff out there....

Instead of leaving behind an artifact of your wrong-doing for the Justice Department to download, new stego programs use ephemeral channels that disappear when the communication has been completed. It’s called network steganography. You can do it in real time, you can transmit huge amounts of data, and you can do it without leaving behind any artifacts to implicate you.

If the Russian spies had known about these new protocols, they might not have gotten caught so handily. You can bet that the non-Russian spies in the United States (insert your own xenophobia here) are using more sophisticated methods to phone home. (more)

Password Tip from Russian Spy

The FBI's case against an alleged deep cover Russian spy ring relies heavily on surveillance of their use of ad hoc Wi-Fi networks, bespoke software, encryption and the web...

The Illegals were given a steganography program by the SVR's Moscow Centre, it says. The software is not commercially available, and investigators discovered the alleged spies held copies of it by clandestine searches of their properties...

A New Jersey search uncovered a network of websites, from which the alleged spies had downloaded images.

Similarly, a search in Boston led to websites carrying steganographic messages. The texts had also been encrypted, and both the Boston and New Jersey hard drives required a 27-character password. (more)

P.S. One of the most glaring errors made by one of the spy defendants was leaving an imposing 27-character password written on a piece of paper that law enforcement officers found while searching a suspect's home. They used the password to crack open a treasure trove of more than 100 text files containing covert messages used to further the investigation. (more)

FBI arrest 10 alleged Russian spies in biggest espionage swoop since Cold War

THE FBI arrested 10 people for allegedly serving for years as secret agents of Russia's intelligence service, the SVR, with the goal of penetrating US government policymaking circles...

 

Intercepted messages showed they were asked to learn about a broad sweep of topics including nuclear weapons, US arms control positions, Iran, White House rumours, CIA leadership turnover, the last presidential election, the Congress and political parties.

The court papers made public on Monday (PDF and PDF) include details of 21st century spycraft more high-tech than anything Jason Bourne knew about... used private Wi-Fi networks, flash memory sticks, and text messages concealed in graphical images to exchange information... (more)

After a secret multi-year investigation, the Justice Department announced the arrests in a blockbuster spy case that could rival the capture of Soviet Colonel Rudolf Abel in 1957 in New York. (more)

Colonel Abel, who hide his microfilm inside a hollowed out nickel, inspired one of our client gifts... The Official Espionage Spybuster Spy Coin! Our coin holds a microSD chip and contains the official FBI story about Abel's nickel. 
(click photos to enlarge)

Russia Denounces Arrests over Alleged Espionage

Russia angrily denounced the U.S. arrest of 10 alleged Russian spies as an unjustified throwback to the Cold War, and senior lawmakers said some in the U.S. government may be trying to undercut President Barack Obama's warming relations with Moscow. (more)

Germans Concerned About Industrial Espionage

Companies failing to protect themselves from external attack risk losing their competitive edge. In the information age, the threat of industrial espionage is all too real, with thousands of jobs at stake in Germany.

Some might describe the Cold War era as the good old age of espionage. Everything was clear cut: it was West versus East, capitalism versus communism... the fine art of spying is not dead...

And when it comes to economic espionage – something that is common in this day and age – the methods are generally a touch more subtle, and the prying eyes may be more familiar than you'd think. (more)

Russians Deny Industrial Espionage in Germany

The Russian government rejected Monday claims made by Berlin that its intelligence services were actively involved in industrial espionage in Germany.

The accusations, made in the annual security report published by the Berlin Interior Ministry on June 21, were "from the Cold War era," Russian Foreign Ministry Spokesman Andrei Nesterenko said according to the Interfax news agency. (more)

Meanwhile, in the Ivory Towers...

The Netherlands' three Universities of Technology have no plans to take extra steps to prevent spying by foreign delegations, the Nederlands Dagblad reports on Tuesday.

The paper say in April the security service AIVD warned that foreign secret services are sending students to Dutch universities to gather information. In one case, half a delegation was made up of security officials, the AIVD said. 

Delft, Twente and Eindhoven Universities of Technology are most vulnerable to spying because of their focus on nuclear science, biotechnology and nano technology, the paper said.

University officials told the paper combating spying is not a task for academics. (more)

Corporate Espionage... There's an app for that.

A new report from SMobile Systems who specializes in security issues on mobile phones and in the wireless infrastructure, 20% of the available applications on Android Market allow third parties access to personal information of users.

The report says that 20% of Android applications enable third parties to access private or sensitive information that could be used by crooks for malicious purposes including identity theft, mobile banking fraud and corporate espionage. (more)

The SpyCam & Computer Tapping Neighbor

NY - A North Syracuse man was indicted today on charges he spied on one neighbor and illegally used the computer access of another neighbor.

Jesse Reed, 29, of 115 Crystal Drive, was indicted on a felony charge of second-degree unlawful surveillance and a misdemeanor count of unauthorized use of a computer.

Assistant District Attorney Geoffrey Ciereck said the investigation began with Syracuse police looking into the downloading of child pornography. The person initially under scrutiny turned out to have been the victim of someone using his computer access to obtain the pornography, the prosecutor said.

That led authorities to Reed, Ciereck said. While police were investigating the child pornography matter, they also discovered equipment had been set up in Reed’s home to spy into the bedroom window of a female neighbor, the prosecutor said. (more)

Proof DIY TSCM Doesn't Work

Former Detroit Mayor Kwame Kilpatrick was charged Wednesday with fraud and tax crimes as the government accused him of enriching himself and others by milking $640,000 from the Civic Fund, a tax-exempt charity that he created as a good-works effort to enhance Detroit and improve the city's image.

Kilpatrick instead used it to pay for yoga, golf, camp for his kids, travel, a video about his family's history, cars, polling, college tuition for relatives and much more, including "counter-surveillance and anti-bugging equipment," according to the indictment. (more)

SpyCam Story #580 - The Cardial Infarction

NY - A North Hills cardiologist has been convicted of illegally installing a hidden camera in the office bathroom of his Manhasset practice to secretly spy on patients and employees, Nassau County District Attorney Kathleen Rice announced on Monday.

Vincent Pacienza, 54, was found guilty of unlawful surveillance in the second degree, a felony. He will face up to four years in prison in his July 30 sentencing...

...Pacienza told his female employees that he would be installing an air purifier in the office restroom shared by employees and patients. However, the air purifier, which faced the toilet, contained a hidden wireless camera with a direct video feed to a monitor under Pacienza’s desk.

He was caught later that same month when an employee opening the office mail discovered a receipt for the camera and purifier from a website specializing in surveillance equipment... (more)

Dammit Jan...

Transsexual who waged five-year spying campaign on neighbors faces jail...

UK - Jan Krause, 44, videotaped the family and posted the recordings on YouTube, crashed into their cars and erected a roof-mounted device which emitted a high-pitched whine in their direction. One Christmas morning, nurse Carol Story opened the curtains to find Krause sitting outside dressed all in black and wearing a balaclava while taking notes. 

The campaign left 53-year-old Miss Story, a mother of three, upset and angry and she even put the family home on the market.

But she hopes her ordeal is over after Krause, a transsexual, was convicted of harassment at Chester Magistrates' Court. She was remanded on bail for sentence and banned from keeping cameras or recording equipment. (more) (cap)

How To Make a Cell Phone a Spy Phone For Free

In the early days of cell phones simply turning off the ringer and activating an auto-answer feature turned mobile phones into a spyphones.  
Times changed. Manufacturers adjusted the software to counter criticism. Now, as a publicity stunt to sell Internet speedup software, a Scottish firm created this work-around...
1st: You will need the 'Spy' ringtone: Click on the type of ringtone you want and then upload the ringtone to your phone just as normal.

1. Download the Spy.mp3 Ringtone

2. Download the Spy.wav Ringtone

3. Download the Spy.rtx Ringtone

2nd: On your phone select the Spy ringtone, turn off call alert lights (if you can), turn off vibration alert and set your phone to auto-answer; (note - some phones are set up in such a way that you must attach the 'handsfree' wire to allow auto-answer to work.)

That's it! You're done! You now have a top quality, undetectable, spy bugging / listening device that equals the quality of the best and most secret on the market. (more) 

Why mention it?

So you will know what you're up against.

The old auto-answer spyphone trick is back!

Hot Kid Spy Gear

This spy-kid toy is getting rave reviews. 

via thingiemajig.com

"The Ultimate Spy Watch is equipped with 8 thrill seeking features. First is the motion sensor with alarm and date stamp to protect your valuables and to alert intruders whenever they might come. Second is the message decoder to read messages from your fellow spies. For sending messages, it can drop message capsules with a spy paper. A night vision light is included to gain an advantage against your enemies during night time covert operations. A crosshair can definitely make a shot hit or miss, making it an indespensable tool for a spy, is built in too. Of course, watch functions are also a must such as world time for some international missions, stopwatch for time critical missions up to the last mili second, and a wake up alarm which can be very handy for some early morning operations or training. As for an added feature, this 10 inch watch is protected by a locking armor for increased durability - a must for tough agents."

Need more Paper for your Capsules? 

Download and Print Spy Messaging Paper Here." 

(more) (instructions)

Blagojevich Wiretaps in PDF

The federal government's case against Rod Blagojevich centers on recorded conversations involving the former Illinois governor and his associates. Prosecutors are also making those recordings available to the public.

The FBI wiretaps are being played in federal court but anyone with an internet connection can also listen (PDF transcipts at this point in time). Prosecution evidence is posted on the U.S. Attorney's website. (more)

Some things just can't be covered-up.

France's convoluted L'Oréal family fraud scandal became even more convoluted and even more gripping yesterday. Tapes of bugged conversations involving the L'Oréal owner, Liliane Bettencourt, 87, implied that President Nicolas Sarkozy had meddled in legal proceedings in which a society photographer is accused of defrauding France's richest woman of almost a billion euros.

The tapes, leaked to a French investigative website, also suggest that the supposedly senile billionairess was involved in elaborate schemes to hide some of her money abroad. There are cryptic references to campaign payments to ensure the "friendship" of two cabinet ministers, including the employment minister, Eric Woerth.

Ms Bettencourt's former butler was arrested yesterday and faces charges of "invasion of privacy", for allegedly bugging conversations between the L'Oréal heiress and her financial adviser. He has not been named. Tapes of the conversations were sent last week to Ms Bettencourt's only daughter, Françoise, who sent them to the police. (more)

SpyCam Story #579 - "Step right this way."

AL - Shocking allegations against the tourism director for the Eastern Shore Chamber of Commerce. Police say Justin Hasting set up a hidden camera in a public restroom and video taped women.

Police say the crime happened in the employee restroom at the scenic overlook in Daphne.

Investigators say they were tipped off when two women went in to use the restroom, but Hastings stopped them and told them it was out of order and they would have to use the employee restroom...

Hasting is charged with two counts of criminal eavesdropping and installing an eavesdropping device, which is a federal offense. Hasting is a former radio-host. (more)

Bug Building is Back in Style

As seen on TV...
Building homemade bugs is back in style.
YouTube

Why mention it?
So you will know what you're up against.

Keep those TSCM bug sweeps current.

NSFW OSS FUBARs

The OSS Simple Sabotage Field Manual from 1944

 "The purpose of this paper is to characterize simple sabotage, to outline its possible effects, and to present suggestions for inciting and executing it."

Sample Tips

"Fuel lines to gasoline and oil engines frequently pass over the exhaust pipe. When the machine is at rest, you can stab a small hole in the fuel line and plug the hole with wax. As the engine runs and the exhaust tube becomes hot, the wax will be melted; fuel will drip onto the exhaust and a blaze will start."

"Jam paper, bits of wood, hairpins, and anything else that will fit, into the locks of all unguarded entrances to public buildings."

And, every teen's favorite... "'Misunderstand' orders. Ask endless questions or engage in long correspondence about such orders. Quibble over them when you can." (more)

So, who's minding your intellectual property store?

More than half of Fortune 1000 companies lack a full-time chief information security officer, only 38% have a chief security officer, and just 20% have a chief privacy officer. As a result, a majority of companies are failing to adequately assess and manage the risks that information security and privacy issues pose to their business. 

Those findings come from "Governance of Enterprise Security," a new study released yesterday by Carnegie Mellon University's CyLab. The report is based on a survey of 66 board directors or senior executives who work at Fortune 1000 companies. Nearly half of respondents work at critical infrastructure companies. CyLab conducted a similar survey in 2008. (more)

If you business does not have a C-level IP warden in the watchtower, at least engage a good counterespionage consultant. You can find one here, or at one of the several URLs which hosts Kevin's Security Scrapbook.

Employee monitoring: When IT is asked to spy

With staff surveillance on the rise, high-tech types can be put in the awkward position of having to squeal on their fellow workers.

As corporate functions, including voice and video, converge onto IP-based networks, more corporate infractions are happening online. Employees leak intellectual property or trade secrets, either on purpose or inadvertently; violate laws against sexual harassment or child pornography; and waste time while looking like they are hard at work.

In response -- spurred in part by stricter regulatory, legal and compliance requirements -- organizations are not only filtering and blocking Web sites and scanning e-mail. Many are also watching what employees post on social networks and blogs, even if it's done from home using noncompany equipment.

They are collecting and retaining mobile phone calls and text messages. They can even track employees' physical locations using the GPS feature on smartphones. 

 Long story, but here is the bottom line...

It's more common that the IT manager doesn't know how to correctly preserve evidence, and probably doesn't even know what information might be legally relevant, says Jason M. Shinn, an attorney with Lipson, Neilson, Cole, Seltzer & Garin PC who specializes in electronic discovery and technology issues in employment law. (more)