Wednesday, January 5, 2011

Kevin's FREE Counterespionage Consulting Day


Let's solve some common counterespionage problems...

1. "How can I stop shoulder surfers from reading my computer screen? The polarized screen thing makes me look like a paranoid dork."

Kevin says... Funny you should ask. I recently purchased some computer screen security software for testing, PrivateEyes from Oculis Labs. It works eerily well. All you need is a computer screen with a video camera and Windows. 

During the simple setup, the software learns who you are by looking at your face. From that point on, the screen automatically blurs unless you are looking directly at it. Turn to answer a phone call, or talk to someone nearby – BLURRR goes the screen. 

"What if someone sneaks up behind me?" I hear you say. No problem. When it sees an extra set of eyes – BLURRR.

Pro: The BLURRR effect changes quickly.
Con: Doesn't work as well in a high contrast environment.

PrivateEyes would also make an awesome IT guy gag. "I don't know. Your computer screen looks sharp and clear to me. Maybe you should get your eyes checked."

FREE 30-day trial.


2. "How can I document the identity of who enters my sensitive secure areas like: the executive suite, computer center, phone closets, elevators and boardroom? Card keys and pin codes don't do this. Biometric and CCTV solutions are not always cost-effective."

Kevin says... Consider installing a high-sensitivity digital surveillance camera that can capture high-resolution color images in low light conditions when motion is detected within its field of view. Images are stored on a removable memory card for easy viewing on your computer. The camera can also be started by a door opening or other trigger, and it can be configured to capture images on a time-lapse basis.

'Set and forget’ operation... Most cameras of this type can store up to 65,000 images and will optionally overwrite the oldest images when the memory card is full. (Example)
 

2. "Our corporate aircraft flies internationally and parks unattended for long periods of time. How can I tell if foreign nationals have boarded the plane to plant bugging devices? Murray Associates inspects the plane for us upon return, of course, but can't more can be done?"

Kevin says... Yes. Consider installing a covert digital surveillance camera – similar to the above camera's specs – in the cockpit, and at either end of the passenger compartment. Raw board cameras are small, battery powered (6-9 months!) and can be place covertly behind panels or within normally seen objects. Easy and cost-effective! (Example)



3. We have some remote locations we need to keep an eye on but it is not cost-effective to send a guard unless there is a problem. What can we do?

Kevin says... Send pictures to the guard on his cell phone! Digital surveillance cameras come in a variety of styles including outdoor mounting and solar-powered. Photos may be sent time lapse, upon being triggered by movement or an alarm, or upon demand. The guard is alerted immediately, and only when necessary. (Example)


Full Disclosure: I do not sell security hardware, or accept commissions when a purchase is made. My income comes solely from my clients when they hire me for independent consulting. My recommendations usually come with several security hardware choices. Clients do not need to "mention my name" when they make a purchase.

Bonus... 
Clients know my recommendations are based solely upon their needs. ~Kevin

My thanks to Barry Bouyer, of Moreton Bay Systems Pty Ltd. for the use of his photos.

Tuesday, January 4, 2011

"I'm infested. You know what I mean. I can't nibble on my secretary's ear without everyone knowing. Send them exterminator guys over."

Italy - Rome prosecutors on Monday opened an investigation into the alleged bugging of the home and offices of Northern League leader Umberto Bossi. 

Bossi, who is minister for reforms in Premier Silvio Berlusconi's centre-right government, revealed Monday that bugs had been found in his house and his office at the ministry "a couple of months ago".

The bugs were discovered, he said, by a private firm "we called in when my secretary got suspicious because too many people knew what I'd said to her alone".

The minister, Berlusconi's longtime key ally, said he then called his party colleague, Interior Minister Roberto Maroni, "to send a few guys over" to remove the devices. (more)

"C'est la vie", say the old folks, it goes to show you never can tell.

Back in 2001, European leaders accused the United States government of operating a vast industrial espionage network that was eavesdropping on European businesses and giving trade secrets to American companies.

According to the latest WikiLeaks cable release, they should have been looking internally.

France is the country that conducts the most industrial espionage on other European countries, even ahead of China and Russia, according to leaked U.S. diplomatic cables, reported in a translation by Agence France Presse of Norwegian daily Aftenposten's reporting.

"French espionage is so widespread that the damages (it causes) the German economy are larger as a whole than those caused by China or Russia," an undated note from the U.S. embassy in Berlin said. (more) (sing-a-long)

"Go cheap on the sweep so we can party."

IL - The cash-strapped Chicago Public Schools spent more than $800,000 on items ranging from bug sweeps to alcohol for parties, an inspector general said.

Inspector General James M. Sullivan released a report containing a list of questionable spending under two former board presidents that included $3,000 to sweep offices for eavesdropping devices and $12,624 for holiday parties, the Chicago Sun-Times reported Tuesday.

A source familiar with the sweep said it occurred in July 2009, the same month that the board and board president were subpoenaed as part of a federal probe into admissions at elite Chicago public schools. (more)

Polar Bear TSCM vs. BBC SpyCams

via engadget.com...
Iceberg Cam, Snowball Cam, Blizzard Cam and Drift Cam were the arctic photographer's best friends -- high-tech spy robot cameras designed to resist cold and traverse sub-zero terrain. Then they got crushed to death by giant polar bears while attempting to make friends. Seriously, that's the basic gist of Polar Bear: Spy on the Ice, a new BBC documentary which began airing last week, and which just so happens to be narrated by David Tennant. (more) (video) (video)

Next out of the lab... DNA stealing mosquitos!

A vulture tagged by scientists at Tel Aviv University has strayed into Saudi Arabian territory, where it was promptly arrested on suspicion of being a Mossad spy, Israeli and Saudi media reported Tuesday.

The bird was found in a rural area of the country wearing a transmitter and a leg bracelet bearing the words "Tel Aviv University", according to the reports, which surfaced first in the Israeli daily Ma'ariv.

Although these tags indicate that the bird was part of a long-term research project into migration patters, residents and local reporters told Saudi Arabia's Al-Weeam newspaper that the matter seemed to be a "Zionist plot."

The accusations went viral, with hundreds of posts on Arabic-language websites and forums claiming that the "Zionists" had trained these birds for espionage.

The Sinai regional governor last month suggested that a shark that killed and maimed tourists on its Red Sea port may have been intentionally released by Israeli agents in order to sabotage the country's tourist industry. (more)

Keeping the nation safe ...ish.

Canada’s National Intelligence Security Agency (NISA) has a team of competently incompetent agents trying to keep the country safe and (accidentally) succeeding. Fortunately, this is all a fictional premise for the new action-comedy series, InSecurity, bowing tonight on CBC.

InSecurity is mix of 24 without Jack Bauer; CSI minus the science; and James Bond — if James Bond were Mr. Bean.

It’s a comedy relevant to our post-9/11 world of high alerts, terrorist plots and attacks, controversial airport-security measures and overall anxiety. (more) (video about their spy gadgets)

FutureWatch - Somewhere in the United States another TV comedy is in gestation. Terminal Security Service Airpatrol (TSSA). Oh, oh. Red flag. When the grounds of public opinion shift, the results first materialize as satire. Time to review the mission plans? 

Just A Modest Proposal to Dr. Strangelove. ~Kevin

Monday, January 3, 2011

Friday, December 31, 2010

Hedgers Hedging Bets Teach Lessons

The arrests of three technology company workers who allegedly sold secrets about Apple Inc., Dell Inc. and Advanced Micro Devices Inc. signal the U.S. may be closing in on the hedge funds that paid for their expertise.

The men, who worked at AMD, Flextronics International Ltd. and Taiwan Semiconductor Manufacturing Co., were arrested yesterday on securities fraud and conspiracy charges for a scheme that Manhattan U.S. Attorney Preet Bharara said operated from 2008 to early 2010...

A corrupt network of insiders at some of the world’s leading technology companies served as so-called consultants who sold out their employers by stealing and then peddling their valuable inside information,” Bharara said in a statement yesterday. (more)

The Lessons...
As in the real spy world, the people who eavesdrop and steal your intellectual property will most likely be agents – a layer of insulation between you and the people who will ultimately use your information against you. This allows your enemy a degree of plausible deniability if their operations are exposed.

Pro-active countermeasures work.
Don't wait. Start the New Year right. Add a counterespionage strategy to your corporate security program. I would be pleased to assist you.

Happy New Year!
 Kevin

"Here's you hat. What's your worry?"

Clothes Hook SpyCam 
and Recorder 
with Motion Detection!

from the creepy minds at Brando.com
for only $36.00

Why do I mention it?
So you will know what you're up against.

Ready for the rest of their creepy spy tools?
(141 in all) Click here.

aka Mr. Paul Poltergeist

UK - Authorities allege a Midland parolee hid a baby monitor under a dresser in his neighbor’s bedroom in order to spy on the couple.

Paul A. Rivard is charged with second-degree home invasion, larceny in a building, eavesdropping and aggravated stalking, according to reports.

Investigators also allege Rivard, 36, burned and buried clothing belonging to the neighbors, broke furniture and re-arranged items inside the house, according to reports. (more)

Pssst... Talk to the Chaos Computer Club

Botswana - The spying GSM equipment that was purchased by the government is lying idle since the government could not use it on private conversations by members of the public because cellular phone providers have upgraded their systems.

This was revealed at the Lobatse High Court before Chief Justice Maruping Dibotelo after the company that had supplied the equipment, Dukef Holdings, took the Botswana Police Service to court over the failure to pay US$1,529,000 for breach of contract. (more)

Cell Phone Eavesdropping on the Cheap

Speaking at the Chaos Computer Club (CCC) Congress in Berlin on Tuesday, a pair of researchers demonstrated a start-to-finish means of eavesdropping on encrypted GSM cellphone calls and text messages, using only four sub-$15 telephones as network “sniffers,” a laptop computer, and a variety of open source software.

While such capabilities have long been available to law enforcement with the resources to buy a powerful network-sniffing device for more than $50,000 (remember The Wire?), the pieced-together hack takes advantage of security flaws and shortcuts in the GSM network operators’ technology and operations to put the power within the reach of almost any motivated tech-savvy programmer. (more)

Friday, December 24, 2010

According to Crispin Sturrock, there are yet no statistics available about the scale of corporate espionage in the UK, the recent studies in the US and other countries indicate that it may range to ’billions and billions of dollars’. “We have seen a dramatic increase from countries such as China and Russia, a high volume of new techniques come from these countries into our market, and we get a lot of reports and statistics saying that there are attacks coming from this direction,” Mr Sturrock explains.

He also indicates that while the sectors struggling with industrial espionage are traditionally high-tech start-ups, banks and pharmaceuticals, there is a massive increase of such cases in the legal sector. “It is about protecting the conversations between clients and their lawyers, which may have a great deal of value for the third party, and we are seeing an immense growth in this sector”, says Mr Sturrock.

Daily Business states that although corporate espionage has become increasingly common, companies tend to forget that simple old-fashioned eavesdropping and bugging are still the most popular ways to gather confidential information. Mr Sturrock explains that spying equipment has become much cheaper, more accessible and easier to deploy. “In the UK, a small GSM bug can cost only GBP150 and it works incredibly well. Most companies spend a lot of money on IT systems and firewalls to protect themselves against corporate espionage, where as they spend very little money protecting their key conversations,” says the founder of a company that counters unauthorized surveillance, information leaks and other forms of commercial espionage. 

BBC World Service interviewed Crispin Sturrock, the Founder and CEO of WhiteRock, for the Daily Business program. (audio interview available until 1/1/11)

Thursday, December 23, 2010

Business Espionage: Insiders Sell Out

CA - A key cooperator aiding a major federal investigation into insider trading admitted this month to obtaining and selling confidential information about Marvell Technology Group Ltd. and other companies, according to documents unsealed in federal court.

The documents unsealed Thursday relate to Karl Motey, a California-based investment consultant, and they provide insight into how he was ensnared in the investigation and within months began to help authorities in their probe into the activities of analysts, hedge funds, mutual funds and investment bankers, among others. The extent of Mr. Motey's activity suggests that the insider-trading probe could expand in coming months. More arrests are expected next year. (more)

Voicemail Hacking Pays $3,270.00 Per Week?!?!

Actress Sienna Miller is seeking damages from the U.K.’s News of the World newspaper for hacking the voice mail on three of her phones to get personal information, according to court documents.

Miller claims the newspaper, owned by Rupert Murdoch’s News Corp., paid private investigator Glenn Mulcaire 2,500 pounds ($3,270) a week to eavesdrop on personal messages between her, her friends and business associates. The actress, who also works as a model and fashion designer, claims news editor Ian Edmondson approved the work contract. (more)

Business Espionage: Hhonors

Hilton Worldwide Inc. will be banned for two years from creating a luxury "lifestyle" hotel chain under an agreement to settle a corporate-espionage lawsuit.

The settlement stems from a suit filed last year by rival Starwood Hotels & Resorts Worldwide, which accused Hilton officials of stealing confidential Starwood documents to develop a new boutique-style chain that would appeal to modern tastes...

The lawsuit alleged that Ross Klein and Amar Lalvani, two former Starwood executives who had joined Hilton, took more than 100,000 documents to recreate the success of Starwood's W Hotel. Neither man could be reached for comment; both left Hilton after the suit was filed. Starwood said it discovered Hilton had the documents only after Hilton returned them. Hilton officials have said they returned the documents out of "an abundance of caution." (more

Don't count on your competitor to "do the right thing." 
Develop a counterespionage strategy. 
Need help? 
Call us.

Santa Claus Is Tapping Your Phone

Sung to the tune of... 
"Santa Claus is Coming to Town"

You better watch out,
You better not cry,
You better not pout,
I'm telling you why,
Santa Claus is tapping
Your phone.

He's bugging your room,
And reading your mail,
He's keeping a file
And running a tail
Santa Claus is tapping
Your phone.

He hears you in the bedroom
Surveills you out of doors
And if that doesn't get the goods
Then he'll use provocateurs.

So you mustn't assume
That you are secure
On Christmas Eve
He'll kick in your door
Santa Claus is tapping
Your phone.

Wednesday, December 22, 2010

Business Espionage: If you're not a client, you will remain bugged.

UK - From the top of the Gherkin building in London, Crispin Sturrock points out an anonymous-looking office block in the swirling snow below. “There’s a device in there,” says the chief executive of WhiteRock Defence Systems, an information security consultancy that helps companies protect themselves against spies. “They’re not clients of ours, but whenever we scan for transmissions in nearby buildings, we pick it up. It’s been there for ages, just streaming information out.” The building in question is bugged with an electronic device transmitting information about one of its tenants. In the era of WikiLeaks, it is tempting to view all leaks as news headlines. But in general, corporate leaks tend to be of interest only to a very small group of people – an organisation’s competitors or potential buyer. “The reasons people engage in competitive information gathering are usually financial gain and leverage,” says Mr Sturrock. (more) (free business espionage newsletter)

Workplace Bugging - If it works, don't call it primitive.

Officials in the Vermont town of Charlotte say they found listening devices in the Town Hall that would have allowed someone to eavesdrop on both public and private town business sessions.

Town Planner and Selectboard assistant Dean Bloch says the bugs were discovered in October during a retrofit of a dropped ceiling.

A small dynamic speaker, which may also be used as a microphone.

Shelburne Police, who serve Charlotte, say the devices weren't working and they could have been up to 10 years old.

Officer Chris Morrell tells the Burlington Free Press the spying device were "primitive." He says the two microphones were connected to battery-powered, wireless transmitters that might have carried a signal into the parking lot. (more) (more)

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

"Now do you believe in Santa Claus?"

Nine months after declaring the Bush administration's warrantless surveillance program illegal, a federal judge ordered the government on Tuesday to pay for wiretapping an Islamic charity without a warrant.

Issuing his final ruling in the lawsuit of the Al-Haramain Islamic Foundation, U.S. District Court Judge Vaughn Walker said the government should pay $2.5 million in attorneys fees and more than $20,000 for each of the two officials of the charity who were wiretapped. (more)

Workplace Bugging - The Amorous Rhinelander

WI - A Rhinelander man accused of stalking a former co-worker is scheduled to go on trial March 14.

According to online court records, Stanley F. Pecor, 57, will be tried on 69 felony counts including stalking, intercepting wire communications, misappropriation of personal identification information and bail jumping...

Pecor is accused of closely monitoring the activities of a former co-worker, bugging her office, recording some of her phone calls and gathering personal information about her.

Police searched Pecor’s residence and found, among other things, several minute-by-minute logs of the alleged victim’s activities, phone-tapping and voice-altering equipment, the alleged victim’s personal financial records and audio recordings of her at work.

Pecor remains in the Oneida County jail on $200,000 cash bail. If convicted of all charges, he could spend the rest of his life in prison. (more)

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

Sunday, December 19, 2010

Business Espionage: "at Apple you can get fired for saying K48."

In their most significant move yet in a sweeping insider-trading investigation, federal prosecutors charged four corporate managers with peddling financial details about prominent technology companies and with leaking secrets about popular consumer products such as Apple Inc.'s iPhone in exchange for cash. (more)

...according to a criminal complaint unsealed Thursday, a Flextronics director named Walter Shimoon had a telephone conversation with an an unnamed "cooperating witness" (CW-2) employed by a hedge fund. During this conversation, secretly taped...he dropped his two bombshells:

..."coming out next year" with a new iPhone that's "gonna have two cameras"...

..."they [Apple] have a code name for something new ... It's ... It's totally ... It's a new category altogether... It doesn't have a camera, what I figured out. So I speculated that it's probably a reader. ... Something like that. Um, let me tell you, it's a very secretive program ... It's called K, K48. That's the internal name. So, you can get, at Apple you can get fired for saying K48." 

The iPad -- code named K48 -- was unveiled four months later. (more)

If the company with one of the best counterespionage strategies around has these problems, imagine what is happening at your company. Kick off 2011 with a counterespionage strategy. Call us.

Friday, December 17, 2010

SpyCam Story #595 - Brazos Taping

TX - A former manager of the Brazos Valley Bombers is behind bars, accused of secretly video taping several of his female employees while they were changing.


Kfir Jackson, 32, was arrested Friday. He is charged with five counts of improper photography or visual recording.

According to Bryan police, Jackson asked several female employees to change into some uniforms he was considering them wearing for their job. The victims became suspicious they were being videotaped and called police 


Bryan police say on Wednesday, the Criminal Investigation Division executed a search warrant at 405 Mitchell St. in Bryan. That's listed as the Brazos Valley Bombers' office. Several electronic items including computers were seized. These items were forensically analyzed at the Bryan Police Department. Images found on the hard drive of one of Jackson's computers were consistent with the victims account. (more)

Thursday, December 16, 2010

Ultimate TSCM Smackdown

The explosion heard in Lebanon late Wednesday was an Israel Air Force operation aimed at destroying an espionage device it had installed off the coast of the city of Sidon, the Voice of Lebanon radio station reported on Thursday.

The report comes a day after the Lebanese Army said it had uncovered two Israeli spy installations in mountainous areas near Beirut and the Bekaa Valley, The installations included photographic equipment as well as laser and broadcast equipment...

On December 3, Hezbollah activists found Israeli wiretapping equipment near the southern Lebanese town of Tyre. After it was discovered, the equipment was destroyed by remote control in a blast that injured two Lebanese civilians...

Hezbollah said the installations were used to tap into the independent fiber-optic communications network that the Islamic organization set up throughout Lebanon in 2008.

In October of last year, Hezbollah operatives uncovered another wiretapping installation near the southern Lebanese village of Houlah. According to Lebanese security officials, the facility had tapped into Hezbollah's independent landline telephone system. ...the equipment consisted of underground Israeli wiretapping installations that Israel blew up by remote control out of concern that they were about to be discovered. 

Israel has neither confirmed nor denied that the equipment served as a surveillance installation... (more)

"Bug-in-a-Book" project at the Spy Museum

via David Simpson
We all love spy gear, from the wacky Maxwell Smart rotary-dial shoephone to the grab bag of goodies Bond always so nonchalantly snares from Q. Thank you, MAKE, for Volume 16, the "Spy Tech" issue, which featured Mad Magazine's iconic Spy vs. Spy on the cover. In that issue, you can find my wireless "Bug-in-a-Book" project. The guts come from readily available Radio Shack components (a mini FM transmitter for listening to your iPod through the car stereo and a grandpa-tech amplified listener). 

Fast forward: I'll be leading that workshop at the Spy Museum at the end of January.
The session will open with an "NCIS-like" briefing, laying out an impeding threat and mission, but I can't divulge the full details here. Let's just say that this whole thing was triggered by an encrypted message intercepted by an allied listening post off the coast of Algeria on one of the long wave frequencies known to be used by a US-based black market arms dealer and certain intermediaries representing a radical militant religious group targeting pro-western nations. Maybe by now it's becoming clearer; the well-being of the free world lies in the hands of the young makers that attend this workshop and the intelligence they're able to gather during surveillance using their field-made Bug-in-a-Book. (more)

Attic'ed to Love

Authorities apprehended a man who camped out in his ex-girlfriend's attic to spy on her every move.

Merced County Sheriff's Department was called when the girlfriend feared her ex had been in her home.

"One of our deputies actually crawled up into the attic and found him there hiding under some insulation," Merced County Sheriff's Department Deputy Tom MacKenzie said, "and evidence appeared that he had been there for some time."

The girlfriend first thought something was out of place when she noticed her cell phone was missing.

"The scary part is he came down sometime at night to steal her cell phone while it was charging to see if she had been calling any new guys or new boyfriends," MacKenzie said. (more) (creepy, but sing-a-long anyway)

Why You Shouldn't Use Outlook Rules to Intercept Your Boss's E-mails

Big surprise! Turns out that forwarding your boss's e-mail to yourself with Outlook rules is quite illegal. Ars Technica reports that David Szymuszkiewicz, now a former IRS worker, learned this the hard way after being convicted on wiretapping charges under the U.S. Wiretap Act.

Already in hot water for driving drunk with a suspended license, Szymuszkiewic's job required he drive to the homes of delinquent tax payers. Out of fear for his job, Szymuszkiewicz set up a rule on his supervisor Nella Infusino's Outlook application that forwarded any e-mails sent to her...

Despite the rather serious charges, Szymuszkiewicz was sentenced to a relatively lenient 18 months probation. (more)

...we are hemorrhaging trade secrets, patents, trademarks, confidential consumer data...

"...Our leadership in the development of creative and innovative products and services also makes us a global target for theft... (intellectual property) thieves impose substantial costs. They depress investment in technologies needed to meet global challenges. They put consumers, families and communities at risk. They unfairly devalue America's contribution, hinder our ability to grow our economy, compromise good, high-wage jobs for Americans and endanger strong and prosperous communities."
-- From the 2010 Joint Strategic Plan On Intellectual Property Enforcement, published earlier this year by the newly established Office Of The U.S. Intellectual Property Enforcement Coordinator (IPEC), which is part of the U.S. Office of Management and Budget (OMB)

This grim assessment and the publication in which it appears is very much in line with President Obama's campaign promise to crack down on intellectual property theft. The unfortunate reality is that the President is responding to a crisis that has worsened despite the enactment over several decades of numerous federal and state laws aimed at deterring the theft of intellectual property.

Prominent among these laws is the Uniform Trade Secrets Acts (UTSA). Enacted in 1970, UTSA makes it illegal to use protected information gathered from others, or that is deliberately stolen or obtained through blackmail. Under UTSA such theft is punishable by civil law, but it is also criminal behavior as defined by the Economic Espionage Act of 1996.

Sadly, these (and other) well-intentioned pieces of legislation have not stanched the bleeding of the U.S.'s estimable trove of intellectual wealth. If anything, we are hemorrhaging trade secrets, patents, trademarks, confidential consumer data and classified government files (consider "WikiLeaks"). 
Fraud Examiner Newsletter Article, by Peter Goldmann, CFE (more)

Tuesday, December 14, 2010

What part of this story is stupid?

CA - Despite PG&E's earlier claims that he acted alone, a former executive who monitored online discussion groups by activists opposed to SmartMeters widely shared what he gleaned with other PG&E employees.

Internal PG&E documents turned over to state regulators and made available to the Mercury News on Monday also reveal that PG&E went beyond mere online monitoring. A series of e-mail exchanges show that PG&E sent an employee to monitor a SmartMeter demonstration in Rohnert Park in October. The employee, whose name was redacted, took at least four photographs of protesters, writing in an e-mail, "This is fun, no one said 'espionage' in the job description."

"It's quite creepy to know that we were actually being spied on by PG&E," Sebastopol resident Sandi Maurer said. "They were at our protest, watching, taking photographs and sending notes back to PG&E." (more)

What part of this story is stupid?
A. That PG&E spied on an activist group?
B. The PG&E employee's comment?
C. That one of the protesters thought spying was "quite creepy?"
D. None of the above.
E. All of the above?

Answers...
A. It is not uncommon for businesses to infiltrate / monitor the activities of activist groups. In many cases it is justifiable.
B. The PG&E employee was not hired for their investigative skills. Unprofessional comments and a blown cover should be expected.
C. Typical knee-jerk reaction. A lawsuit will be the next thought.
E. Logic flaw, trick answer.
D. None of the above is the correct answer. The stupid part was PG&E not handling their business investigation in a professional manner. DIY investigations (like DIY TSCM) is like DIY laser eye surgery – blindingly stupid.

Who knows why they did it: too cheap to hire a professional investigator, a rogue operation by some mid-level manager, etc.??? The story is still unfolding down the Stairs of Fiasco like a drunken slinky. Stay tuned.

What we do know...
This is costing PG&E (and ultimately) their consumers a ton of money and bad publicity. The worst may yet be headed toward the fan... "It is of serious concern to the CPUC that a senior PG&E official may have been involved in unethical behavior," commission representative Terrie Prosper said Monday. "The allegations of misconduct, if proven to be true, could warrant possibly severe sanctions by the CPUC." 

Moral: Always hire the best professional you can for the job.

...followed by an evening sojourn to Cafe de la Paix to obtain their secret croissant recipe!

Budding secret agents will be given a license to thrill when the first ever Spy Camp at Disneyland Paris is staged on 8th October 2011.

In the most exciting event of its kind ever staged in Europe, Spy Camp at Disneyland Paris will offer youngsters aged 8 to 16 an exclusive chance to emulate their movie heroes by taking part in a spy-themed adventure at the resort.

Spy Camp is divided into two phases, starting with induction training in the morning and moving up to more advanced training in the afternoon. (more)

Monday, December 13, 2010

Chemical Company is Catalyst for Activists Lawsuit

LA - The U.S. division of South Africa’s Sasol chemical plant is facing a lawsuit for industrial espionage and sabotage, filed by environmental activists Greenpeace.

The case, which also involves the Dow Chemical Co. and two public relations firms, was filed in Federal Court in Washington, DC.

Greenpeace claims the two companies hired private investigators to steal its documents, tap its phones, and hack into its computers. Central to the complaint is a community's battle against the pollution of Lake Charles, in Louisiana, near the Sasol plant. (more)

Business Lobbyist Drowned in Leaked Wiretaps

India - A fresh batch of leaked recordings of wiretapped phone calls between an Indian corporate lobbyist and her high-profile political and media contacts are aggravating the political turmoil that has paralyzed Parliament.

The tapes show how Niira Radia, a lobbyist for two of the nation's largest conglomerates, industrial titan Tata Group and oil-and-petrochemicals company Reliance Industries Ltd., advanced her clients' interests with friendly journalists and sought to use her connections to influence the formation of the Indian government's cabinet after last year's national elections.
 
Associated Press
Lobbyist Niira Radia being questioned in New Delhi.
The recordings have fueled the unfolding controversy in India over the way the government allocated mobile-phone spectrum to companies in 2008—a process critics describe as a multibillion-dollar heist of taxpayers, in which a few favored companies got bargain prices for a valuable public resource. The tapes have given rise to a debate over the extent to which powerful Indian industrial houses have been favored by close government ties in one of the nation's biggest industries, mobile telecommunications.

The tapes are being examined by investigators to see if they shed light on the spectrum-allotment controversy. (more)

Sunday, December 12, 2010

SpyCam Story #594 - Tap Cappy Defender

Turkey - The lawyer of former Eskişehir police chief Hanefi Avcı -- who is suspected to have illegally wiretapped dozens of individuals -- is accused of having installed a hidden camera in the management room of the apartment building where he currently resides.

Lawyer Fidel Okan, who resides in the Baymak Apartment in Ankara’s Eryaman neighborhood, is said to have installed the camera to record building management meetings. The residents of the building noticed the camera during a recent meeting. (more)

SpyCam Story #593 - Cops Play Hardball

OK - A former Oklahoma City high school coach has admitted to police that he secretly videotaped his girls’ softball team while players changed clothes in the locker room, a police detective reported Wednesday...

Police have been investigating him since May, when the new coach found Hestand’s personal Sony video camera and tapes in the softball equipment room...

Police officers also viewed the tapes and found evidence the girls were recorded on different days in the locker room and that the hidden camera was repositioned to capture a better angle, the detective reported. The officers discovered numerous teenage softball players were recorded in various stages of undress.

“After the softball players leave the room … a male voice asks, ‘Is everyone out?’ After receiving no answer, a hand is shown and the video ends,” the detective wrote. (much more)

Doh! Another spycam'er shoots himself.

Cop Bugs Exam Room - Caught, Testing 1-2-3-4

UK - A senior officer in Scotland Yard's anti-terrorist squad has been sacked after trying to cheat in a promotion exam.

The detective inspector bugged an examination room where rival candidates were being interviewed — but the recorder was discovered when the tape holding it to the bottom of a table came unstuck and it fell to the floor...

The senior officer conducting the interview called the Yard's internal investigations unit to launch an inquiry. The detective inspector had tested the machine earlier by using his own voice and was quickly recognised by colleagues. (more)

Doh! Another bugger shoots himself.

A Brief History of U.S. Tap and Bug Law

Congress enacted the first federal wiretap statute as a temporary measure to prevent disclosure of government secrets during World War I. Later, it proscribed intercepting and divulging private radio messages in the Radio Act of 1927, but did not immediately reestablish a federal wiretap prohibition. By the time of the landmark Supreme Court decision in Olmstead v. United States, 277 U.S. 438 (1928), however, at least forty-one of the forty-eight states had banned wiretapping or forbidden telephone and telegraph employees and officers from disclosing the content of telephone or telegraph messages or both. (more

Extra Credit:

Friday, December 10, 2010

...thus giving Santa a run for his money in the spying department.

If the popularity of spy toys as holiday gifts is any indication, the future of our TSCM services to business and government is secure for decades to come. Kids learn through play.

The only thing that has changed since my last big review in December, 2006 is the sophistication of the toys themselves. There are some amazing gadgets out there this year.

Check out this toy... 
"The Spy Net Secret Mission Video Watch is the ultimate infiltration tool and comes packed with high-tech features. The working video camera and microphone record over 20 minutes of video, 2,000 photos or 4 hours of audio. The watch's full color 1.4" TFT screen lets you watch recorded videos and provides live playback. Onboard memory lets you store your secret evidence, which you can then load onto your home computer with the included USB cable. Video missions are available for download on the cool Spy Net website."

 Only one of their many spy tools for kids...
"Spy Net takes high end electronics and interactive gadgets and puts them in the hands - and on the wrists! - of burgeoning young secret agents. For undercover surveillance, detection and communication, Spy Net provides all the technology you'll need to tackle any secret mission!"

Think this is a myth meme? 
Google "spy toys for kids" you will see about 756,000 results in .2 seconds. (sing-a-long)

Third Man Spy Gets First Memorial Plaque

Russia on Thursday unveiled a memorial plaque to British double agent Kim Philby at the headquarters of the Foreign Intelligence Service in Moscow, the Echo of Moscow radio station reported.

Philby, who died in 1988, was a decorated member of British intelligence who worked as a spy for the Soviet Union. He was exposed in 1963 as one of the so-called Cambridge Five spy ring and defected to Moscow. (more) (historical video) (The Third Man)



SpyCam Story #592 - The Eggman, superhero.

Anonymous for Animal Rights, an Israeli nonprofit dedicated to exposing cruelty in factory farms, has done something truly revolutionary. Instead of sending in an undercover volunteer to collect horrific footage at slaughterhouses and Confined Animal Feeding Operations (CAFOs), the group has installed a web camera at an egg farming facility to stream the cruelty live. 
 

And because factory farms are so enormous and indistinguishable, the farmers can’t find the camera.

This ingenious move is part of a larger, ongoing campaign by Anonymous to outlaw battery cages for egg laying hens in Israel. These cages mean that hens spend their entire lifetime in a space smaller than even a page of a trade paperback book—about 550 square centimeters. Click on the link and you’ll see the daily life of egg laying hens, crammed three (or more) to a cage. They can’t spread their wings, bathe in dust, forage, fly, run, or engage in any of their natural behaviors. They don’t even get to stand on solid ground — their feet poke through the gaping wire mesh they’re forced to stand on, twenty four hours a day, seven days a week. (more)

SpyCam Story #591 - The Nappyman, supercreep

Nappie fetish copycat.
Australia - A man who filmed naked boys in a changeroom at a swimming centre with a camera hidden in his bag has been sentenced to at least 18 months' jail.

The Adelaide District Court heard Julius Fabian Ohmer, 31, had been secretly filming children at the Elizabeth Aquadome for some time before he was arrested by police last November.

Ohmer was also found to have more than 200,000 images and films of child pornography at his home and the court heard he had a sexual fetish for nappies.

Judge Rosemary Davey said she was revolted by the offending. (more)

Wednesday, December 8, 2010

Hamlet with Headphones

Canada - A file folder opens to reveal surveillance photos of a young couple embracing. Around the periphery of a government office, blocky security guards stand vigilant, occasionally opening their briefcases to reveal eavesdropping equipment. The forces of paranoia have won.

If each generation gets the Hamlet it deserves, then the National Theatre’s much-lauded version, which will be shown in Canadian movie theatres Thursday, is WikiLeaks set in Denmark. The older generation, desperate to maintain power, feels the world shifting irrevocably beneath its feet. (more) (trailer)

Kevin's advice... "Give thy thoughts no tongue."
- William Shakespeare, Hamlet, 1.3

Security Director Budget Booster - The Value Of Corporate Secrets

Here are the findings from a Forrester Consulting paper on the value of corporate secrets.

Secrets comprise two-thirds of the value of firms’ information portfolios. Despite the increasing mandates enterprises face, custodial data assets aren’t the most valuable assets in enterprise information portfolios. Proprietary knowledge and company secrets, by contrast, are twice as valuable as the custodial data. And as recent company attacks illustrate, secrets are targets for theft.

Compliance, not security, drives security budgets. Enterprises devote 80% of their security budgets to two priorities: compliance and securing sensitive corporate information, with the same percentage (about 40%) devoted to each. But secrets comprise 62% of the overall information portfolio’s total value while compliance related custodial data comprises just 38%, a much smaller proportion. This strongly suggests that investments are over-weighed toward compliance.
 
Firms focus on preventing accidents, but theft is where the money is. Data security incidents related to accidental losses and mistakes are common but cause little quantifiable damage. By contrast, employee theft of sensitive information is 10 times costlier on a per-incident basis than any single incident caused by accidents: hundreds of thousands of dollars versus tens of thousands.
 
The more valuable a firm’s information, the more incidents it will have. The “portfolio value” of the information managed by the top quartile of enterprises was 20 times higher than the bottom quartile. These high value enterprises had four times as many security incidents as low-value firms. High-value firms are not sufficiently protecting data from theft and abuse by third parties. They had six times more data security incidents due to outside parties than low-value firms, even though the number of third parties they work with is only 60% greater.
 
CISOs do not know how effective their security controls actually are. Regardless of information asset value, spending, or number of incidents observed, nearly every company rated its security controls to be equally effective — even though the number and cost of incidents varied widely. Even enterprises with a high number of incidents are still likely to imagine that their programs are “very effective.” We concluded that most enterprises do not actually know whether their data security programs work or not. (more)

Need help. Call us.

SpyCam Story #591 - You can stop saluting now.

Australia - An army corporal has gone on trial accused of putting a tiny camera in women's showers at his barracks.

Prosecutors told Adelaide Magistrates Court Nathan William Freeman disguised a tiny camera as a car remote control and put it in the women's showers at Woodside army barracks in the Adelaide Hills last December.

A police analysis of the footage allegedly showed Freeman putting the device in the shower. (more)

Doh! Another spycam'er shoots himself.

Stolen Laptop Reward... Drugs

PA - A Philadelphia man used his skills as an advertising executive to devise a unique way of getting back his stolen laptop... Surveillance video captured the robbery on tape... Refusing to take the robbery lying down, Kurt Shore devised a campaign to find the missing notebook.

First, he posted the surveillance video on the Philly-based website wheresthefairness.com with hopes of getting attention for his cause. The same video also went to YouTube, announcing a reward of an ounce of marijuana.

He then printed and posted posters offering a “fabulous drug stash” to whoever returned the computer.

Shore isn’t actually offering drugs. The bottom of the poster reads “Actual reward may vary.” (more)

The Wrong Question

I am asked some really odd security questions. Take this one from a media editor, for example…

“I’ve been reading various articles in which experts are quoted as saying that terrorism is a threat that is just as important as malware to corporations. But I’m not sure whether that is the case, or if it is, what terrorism means in the enterprise context. Also, how can corporate terrorism be guarded against?”

She was right. The debate didn’t make sense. She smelled a rat and was double-checking. I asked her to bear with me while I steered the discussion back to sanity. I began…

Malware is annoying and can be damaging, but keep it in perspective. It won’t sink your ship. A “terrorist spending vs. IT spending” debate also misses the mark... The welfare of the employees and their companies is better served with an “intellectual assets spending vs. IT spending” debate. (more)