Secret WW1 Spy Files Have Been Made Available Online

UK - Interrogation reports and photographs are among secret MI5 files about World War One spies being made available online for the first time.

Among the spies detailed are Swallows and Amazons author Arthur Ransome and Dutch spy Mata Hari, who was executed for spying for the Germans.

More than 150 files are being made available in the digitized release.

It is part of a series by the National Archives to mark the centenary of World War One. (more)
The files can be accessed at the National Archives link - First World War 100.

Turkish government rocked by illegal wiretapping

Turkey - Some150 officials were dismissed from the various government agencies regarding illegal wiretapping, the Turkish Interior Minister Efka Ala says.

At present time, the measures are being taken for identification of the organizers of illegal wiretapping, the Turkish Anadolu newspaper quotes the minister as saying.

Turkish media reported on Feb. 25 that in 2011 telephone conversations of about 7,000 people associated with the representatives of both the ruling and opposition parties, including family members of the PM were wiretapped, as part of the anti-terrorist operation carried out by the Istanbul prosecutor's office against the Salam terrorist organization. (more)

Irish government rocked by exposure of secret police wire-tapping

Ireland - A major scandal over a long-running programme of secret surveillance by the Garda (police) has engulfed the Fine Gael/Labour Party government in Dublin.

Leaks show that for over 30 years Garda stations and prisons across the country have been bugged with listening devices, which have been used to record outgoing and incoming telephone calls. The phones of journalists involved in investigations relating to police activity have been tapped.

Among the thousands of calls on record are hundreds between suspects and their solicitors, a grave infringement on the basic right of defendants to consult in private with a legal representative. According to the information so far made public, such practices continued until November last year before former Garda Commissioner Martin Callinan supposedly stopped them. (more)

Special ed student records proof of bullying, threatened with charges of wiretapping

PA - A special education high school student made an audio recording of a bullying incident and was later threatened with charges of wiretapping.

School administrators agreed to reduce the sentence, and March 19 the student, from South Fayette High School in McDonald, Pa., was charged with disorderly conduct.

The student and his mother, Shea Love, testified in front of District Judge Maureen McGraw-Desmet that he had been repeatedly shoved and tripped at school, and that a fellow student had even attempted to burn him with a cigarette lighter. (more)

SpyCam Found in NYC Subway

Be careful on the subway. Sure, the platforms are safer than ever, and the cars are even pretty clean. But credit card thieves seem to come up with a new way to steal your personal information every day. The latest ploy: a card-reading spy camera, hiding above the MetroCard machine. 

The MTA just put out a call for customers "to be vigilant" when buying MetroCards, after finding the hidden camera inside of a power outlet in the heavily trafficked 59th St-Columbus Circle station. A passenger noticed the device and ripped it down before taking it to the station agent. The MTA also found a card-skimming device installed on one of the machines. (more)

SpyCams Found in Leeds United Stadium Boardroom... and Toilets

UK - Police have begun an investigation at Leeds United after spy cameras were apparently found at the Elland Road stadium in a security sweep ordered by controversial new boss Massimo Cellino.

West Yorkshire Police would not confirm details of their inquiry but, according to reports, officers were called to the ground on Wednesday after surveillance equipment was found in the boardroom and toilets.

The police inquiry centered around an allegation of theft, relating to the club funds apparently used to buy the cameras. (more)

In-Flight Wi-Fi: Privacy Going GoGoing Gone

The NSA is harvesting the online data of millions of airline passengers who use inflight WiFi across the U.S., a secret letter has revealed.

Gogo, the main supplier of WiFi to airlines in the U.S., are among a host of network providers that have been handing over information gleaned from air travelers' browsing history.

The news has enraged privacy campaigners who say the data exchange may be in violation of U.S. law.

A letter, leaked to Wired, Gogo admitted violating the Communications Assistance for Law Enforcement Act (CALEA) - a 1994 wiretapping law that gave a backdoor to government agencies to monitor telecom and broadband activity.

But Gogo states in the letter that it added a raft of new measures to its service that made spying on users easier for the authorities. (more)

NSA Issues "Best Practices for Keeping Your Home Network Secure"

All right. Stop giggling. 

If you can get past the double irony (recommendation #5 being the second), this 8-page pdf document is really quite good. (more)

App Scam: Top Ranked Anti-Spyware App Removed from Google Play

Until Sunday night, the top new paid app on the Google Play store was a complete scam. Google Inc. quickly removed “Virus Shield” from the Google Play store, but not before thousands of people downloaded the fake anti-malware app, exposing a major flaw in the open strategy Google has taken with its mobile app marketplace.

"Virus Shield" claimed that it protected Android smartphone users from viruses, malware and spyware, and that it even improved the speed of phones. It touted its minimal impact on battery life and its additional functionality as an ad blocker. At only $3.99, "Virus Shield" sounded like a pretty good deal to the tens of thousands of people who downloaded it in less than two weeks. 

 
Virus Shield downloads Google Play Store (screenshot by Android Police)

Those 10,000 people even seemed to enjoy "Virus Shield," as the app maintained a 4.7-star rating from about 1,700 users. Another 2,607 users recommended it on the Google Play store, helping “Virus Shield” get ranked as the No. 1 new paid app and third overall top paid app. (more)

Coming soon to Google Play, something that really works.

Red Flag - Doing Business in China? Using Your Intellectual Property? Take Note...

Knowles, a supplier of microphones to Apple and Samsung Electronics, said its lawyers were shut out of court proceedings in an intellectual property suit filed by a Chinese rival, highlighting the uncertainties foreign companies can face in China’s legal system.

Itasca, Ill.-based Knowles is the world’s largest supplier of micro-electrical-mechanical systems (MEMS) microphones, which are widely used in smartphones. The company has a factory in Suzhou, near Shanghai. Since 2012, Knowles has faced stronger competition from business with Apple from Chinese competitors Goertek and AAC Technology Holdings. Knowles and Goertek have been locked in legal battles in the U.S. and China since June, with each accusing the other of patent infringements...

Knowles said Wednesday the Weifang Intermediate People’s Court in China denied its lawyers access to the courthouse as the trial against Goertek proceeded on March 31.

“The Weifang Court’s decision to bar Knowles from the legal proceedings makes a fair trial impossible,” said Knowles Chief Executive Jeffrey Niew.

Intellectual property has long been a major issue for foreign companies that operate in China...

Lawyers in China said the situation Knowles is alleging is unusual and raises questions of whether other companies could face such a situation. (more)

If You Don't Sweep, Don't Try to Sweep it Under the Rug When it Happens

Days after the chief financial officer of a Tampa maintenance company was accused of recording videos of female employees using the bathroom and showering, the former information technology employee who exposed the chief financial officer's alleged actions has sued the company and his ex-boss.

On March 28, Jeremy Lenkowski, the former information technology director for MaintenX , filed a lawsuit accusing the company's president and vice president, among others, of failing to act after Lenkowski showed them videos he'd discovered on CFO James Stanton Jr.'s laptop in 2010. (more)

Nearly Invisible, Lens-Free Camera is the Future of Spying

The camera modules used in today's smartphones are typically pretty small, as you can see from the image below. However if you look to the left, you'll see something even smaller that's set to be the future of spying.  

Researchers at Rambus have developed a miniscule camera with a 200 micron (µm) sensor, which is smaller than the tip of a pencil. It's also completely lens-free, with the tiny sensor mapping out light signals before a processor compiles the data into a viewable image. (more)

Sports Spying (aka business espionage): Spying on Earthquakes

Mexico's Deportivo Toluca has been handed a $5,000 fine by CONCACAF's disciplinary committee for spying on a San Jose Earthquakes training session.

San Jose Earthquakes claimed that Toluca had filmed, without authorization, parts of a closed training session on March 18 at Estadio Nemesio Diez, before the return leg of their Champions League quarter final...

The Mexican/US spygate scandal is not the first time one club has been caught illegally watching another's training session. 

In a slightly more light-hearted incident in Italy last year a coach from Genoa was caught "spying" on local rivals Sampdoria of their derby clash. The agent was dressed in Rambo-style camouflage and hiding in the training ground bushes.

Sampdoria said in a statement he was hiding "like Rambo" but "failed to overcome Sampdoria's intelligence and counter-intelligence operations". (more)

Moral: Have a counter-intelligence strategy. Professional counterespionage help here.

Privacy: On-line Search Privacy Options

Explore services that allow you to search online without compromising your privacy.

Covert Video Nails Greek Politico

The Greek prime minister’s chief political adviser has resigned over a secretly filmed video in which he allegedly says the government was behind a judicial clampdown on the far-right. Panayiotis Baltakos was reportedly filmed last autumn during a meeting at the Greek parliament with an MP from the ultra-nationalist Golden Dawn party. (more)

Murray Security Tip #416 - Evil Photo Double Extension Trick

                     Isn't this the cutest kitty?

Click CuteKitty.jpg to enlarge.

DON'T CLICK, it might be the old double extension trick. 

Although this photo does NOT contain a virus, others might.

Many Windows computers will display emailed CuteKitty.jpg.exe – an executable program – as CuteKitty.jpg – which seems harmless.

When you click, you might be shown a cute kitty... while a virus is loading in the background.

Tip 1 - Don't click on stuff if you don't know where it has been. 
Tip 2 - If you want to click anyway, open Windows search; enter "folder options"; select Folder Options; View tab, uncheck "Hide extensions for known file types." Check for the double extension trick.

Privacy - The Diamond Principle

Privacy is a multifaceted gem. Like a diamond, the sum of its part is what makes the whole. Lose clarity, lose value. Lose the right color, lose value. Lose weight, lose value.

Electronic surveillance privacy is only one facet of your privacy diamond. Get to know the folks make up some of privacy's other angles...

Why Is Privacy So Damn Important Anyway?
Privacy is so much more than the right to keep information secret within yourself. It provides the right to express yourself and expose yourself within small groups of trusted associates precisely because confidentiality is respected within the group. The current collection of online executives belittle privacy as no longer relevant in the new digital age. And they are precisely the ones who protect their privacy with the most vehemence. Look how revealing Mark Zuckerberg is not, on his own Facebook page. He sued in Massachusetts to keep information about his career secret.

Privacy is essential for mental health, for a quality of life. And so it is not about whether you “don’t have anything to hide.” It’s about all of us, and the value to society in having autonomous, assertive individuals with the opportunity to learn and take risks and make good decisions in dignity and uninterrupted contemplation. Call it privacy. 

~Robert Ellis Smith, author / publisher, expert witness on privacy, credit reporting, surveillance, medical confidentiality, Social Security numbers, and identity theft. Keep current on privacy topics with his newsletter Privacy Journal, and all of his books. (more) 

Ultimate Privacy... How to Become Invisible.
In 1959, J. J. (Jack) Luna sold his outdoor advertising business in the Upper Midwest and moved with his wife and small children to the Canary Islands off the coast of West Africa. Outwardly, he was a professional writer and photographer. Secretly, he worked underground in an activity that was at that time illegal under the regime of Generalissimo Francisco Franco.

In 1970 Franco yielded to intense pressure from the western world and moderated Spain's laws, leaving Luna free to come in from the cold. By that time, however, privacy had become an ingrained habit. In the years that followed he started up various one-person low-profile businesses, built them up and then sold them.

Luna is especially interested in designing and building secret spaces and hiding places. He currently has a 3300-square foot three-level safe house for sale that is set in an almost-invisible location despite being within city limits. The exterior is complete but the interior is unfinished, awaiting a buyer who will decide which spaces or rooms are to have secret entrances. The approximate price, when finished according the buyer’s instructions, will be $795,000, plus (if desired) the cost of a secret escape tunnel into the adjoining forest. The location is in the Pacific Northwest. (...or so we are told. Remember, we are dealing with the Invisible Man here.) (more)
~JJ Luna, International Privacy Consultant, and author — How to Become Invisible.

Smartphone kill-switch could save consumers $2.6 billion per year...

...and why you will probably never see it.
Technology that remotely makes a stolen smartphone useless could save American consumers up to $2.6 billion per year if it is implemented widely and leads to a reduction in theft of phones, according to a new report...

Americans currently spend around $580 million replacing stolen phones each year and $4.8 billion paying for handset insurance... (more)

Do you really think phone and insurance companies are going to kill this goose?

Nikola Tesla Redux - Wireless Power Finally Arrives

via one of our top Canadian Blue Blaze irregulars...

TODAY
"We're going to transfer power without any kind of wires," says Dr Hall, now Chief Technology Officer at WiTricity, a startup developing wireless "resonance" technology.

"But, we're not actually putting electricity in the air. What we're doing is putting a magnetic field in the air." ...

In the house of the future, wire-free energy transfer could be as easy as wireless internet.

If all goes to WiTricity's plans, smartphones will charge in your pocket as you wander around, televisions will flicker with no wires attached, and electric cars will refuel while sitting on the driveway. (more)

YESTERDAY
In 1891, Nikola Tesla gave a lecture for the members of the American Institute of Electrical Engineers in New York City, where he made a striking demonstration. In each hand he held a gas discharge tube, an early version of the modern fluorescent bulb. The tubes were not connected to any wires, but nonetheless they glowed brightly during his demonstration. Tesla explained to the awestruck attendees that the electricity was being transmitted through the air by the pair of metal sheets which sandwiched the stage. He went on to speculate how one might increase the scale of this effect to transmit wireless power and information over a broad area, perhaps even the entire Earth. As was often the case, Tesla's audience was engrossed but bewildered. (more)

TOMORROW
No more replacing batteries in wireless bugging devices, voice recorders and spycams! 

Interesting side note... Leon Theremin invented a wireless bugging device that didn't need batteries back in the 1940's. (more)

FCC Frees More Bandwidth - Wireless Eavesdropping Becomes Harder to Detect

The Federal Communications Commission approved measures on Monday that will free up more airwaves for Wi-Fi and wireless broadband...

Unlike the airwaves used for mobile phone traffic, which are licensed to a specific company, unlicensed spectrum can be used by anyone. Previous establishments of unlicensed airwaves led to innovations like garage-door openers, baby monitors, wireless microphones* and Wi-Fi networks. (more)

* Want to hear a Broadway play, live, for free? Park your butt near any Broadway theater at showtime. Bring along a scanning radio receiver and search for the wireless microphones. This trick will work in most other cities as well, as long as the wireless microphones are using frequency modulation (FM). Most still do.

The same trick works near Boardrooms, and hotel conference centers...

The Tale of the Eavesdropping Husbands, or Peek-A-Boo, SEC You

A man is being charged with violating a duty of trust by trading during a blackout window after he overheard work calls made by his wife.

“Spouses and other family members may gain access to highly confidential information about public companies as part of their relationship of trust,” said Jina L. Choi, director of the SEC’s San Francisco Regional Office. “In those circumstances, family members have a duty to protect and safeguard that information, not to trade on it.”

Tyrone Hawk of Los Gatos, Calif., overheard his wife, a finance manager at multinational computer technology corporation Oracle Corp speaking of her company’s plan to acquire Acme Packet Inc. Hawk also had a conversation with his wife in which she informed him that there was a blackout window for trading Oracle securities because it was in the process of acquiring another company, the SEC said.

In an unrelated case, the SEC alleges that Ching Hwa Chen of San Jose, Calif., profited from gleaning confidential information in mid-2012 that his wife’s employer, Informatica Corp., would miss its quarterly earnings target for the first time in 31 consecutive quarters. During a drive to vacation in Reno, Nev., Chen overheard business calls by his wife, who previously advised Chen not to trade in Informatica securities under any circumstances. (more)

P.S.
Hawk agreed to pay more than $300,000 to settle the SEC’s charges.
Chen agreed to pay approximately $280,000 to settle the SEC’s charges.

Business Espionage: Invisibility & Examples of Tactics

There are three primary reasons that we don't hear more about corporate espionage:

1. Because businesses often don’t realize they’ve been compromised. 
2. If they do find out, a public announcement would be counterproductive, eroding investor confidence. 
3. Finally, industrial espionage works both ways — companies may keep compromises quiet to preserve their own business intelligence gathering activities.

Five recent court cases highlighting business espionage tactics...

• Buying Trade Secrets
• Digging Up Dirt, Literally
• Employee Poaching
• Classified Ads
• Cyber Theft

Click on more for all the details. (more)

Murray Security Tip # 415 - iPhone - The Spy in Your Pocket

Did you know, your iPhone keeps track of where you go? 

Check it out. Buried deep in your Settings menu is the proof. To see it, navigate this path:

• Settings
• Privacy
• Location Services
• System Services
• Frequent Locations
• History

WOW! Locations, dates, times, number of visits, and a map!
You can turn it off and clear the history.
One more reason to use quality password protection.
~Kevin

Business Espionage: BAT Spies Smoking Gun

Sensational recordings and documents show how South Africa’s largest JSE-listed company, cigarette giant British American Tobacco (BAT), appears to be committing “industrial espionage” on a grand scale, running a network of “agents” placed to spy inside rival organisations.

This evidence, uncovered as part of a year-long Business Times investigation, raises questions about the tobacco company’s ethics, and highlights shady dealings that are understood to have been reported to the authorities in South Africa and the UK, where it is headquartered.

One agent, who was placed in a senior position within BAT’s rivals, said that BAT’s “worldwide” practice of making secret payments to agents could be considered “international money-laundering”.

“They had a deal to pay me for industrial espionage, and may I say I’m not the only one in our little circle. There are [government intelligence agents] who have left the state, and gone to work for BAT,” said the agent.

The claim that BAT was involved in spying on rivals is corroborated by affidavits, audio and video recordings, copies of financial transactions and the accounts of five cigarette manufactures, a state informant, sources close to the South African Revenue Services and one of BAT’s senior agents...

Business Times has a recording of a conversation between a senior BAT official and one of its secret agents, in which the tobacco executive tells the agent not to “sell us out” by spilling the beans on the spying. (more)

History - Nixon's Plumbers Tap More Pipes

Jeff Stein provides new information that suggests the Nixon White House may have bugged the Pentagon telephones of senior American military officials.

Why is this man laughing?

Stein managed to track down Dave Mann, a former member of the Pentagon’s Counterintelligence Force, who in 1971 stumbled upon a classified report claiming that listening bug signals had been detected emanating from offices in the Joint Chiefs of Staff. The signals had been picked up by a technical surveillance countermeasures (TSCM) team during a routine sweep of the Pentagon, in search of unauthorized interception devices. 

Mann ran some tests to verify the TSCM team’s report, and discovered that the bug signals originated from the personal office telephone line of General William Westmoreland, who was then the US Army’s Chief of Staff.  He also discovered that the telephone of his assistant had been compromised, as well as the telephone lines belonging to the US Army’s assistant secretary, its logistics director, and at least one general. 

Mann’s personal conclusion was that the phone lines were most likely bugged with the cooperation of the Chesapeake and Potomac Telephone Company, which was at that the time considered an operational wing of the FBI, under Director J. Edgar Hoover...

Mann, who is now semi-retired from the military and lives in Tennessee, told Stein that “there was a lot —and I mean a lot— of pressure to prove GRAPPLE TRIP to be a fluke or a miswired telephone”. Which is precisely what happened: the investigation concluded that the bug signals were emitted due to “crossed wires in the telephone system”.  (more)

NY Private Detective Firm Keeps Corporate Spies at Bay

Private investigators are most commonly associated with scorned spouses and cheap motels, but one PI firm based in New York is sniffing out scandal in a much more upscale (and more unusual) venue: the boardrooms of Fortune 500 companies. 

Murray Associates, a counterespionage security company, has been de-bugging conference rooms and securing trading floors from the prying eyes of sneaky competitors since 1978. (more)

10 Years Ago - 120 Coke Cans Spur a Military TSCM Alert

"Into the Wayback, Sherman."

THIS SECURITY BULLETIN APPLIES TO ALL SSCC SITES/FACILITIES/RESTRICTED
AREAS WHERE CLASSIFIED/SENSITIVE OPERATIONS ARE CONDUCTED 

The SSCC Security Office was recently informed that the Coca Cola Company has a summer game promotion running from 5/17 - 7/12/04 in all 50 states and the District of Columbia that has the capability to compromise classified information. 

The company has intermixed approximately 120 Coca-Cola cans that actually contain GPS locators equipped with a SIM card, keypad and GPS chip transponder so it functions as a cell phone and GPS locator. The cans are concealed in specially marked 12, 18, 20, or 24 can multi-packs of Coca-Cola Classic, Vanilla Coke, Cherry Coke and Caffeine Free Coke. 

The hi-tech Coke "Unexpected Summer" promotion can has a button, microphone, and a tiny speaker on the outside of the can. Pressing the larger red button starts the game in process, thus activating the GPS signal and a cell phone used by the customer to call a special hotline. Consumers who find these cans, activate the technology, and call the hot line must agree to allow Coke "search teams" using the GPS tracker (accurate to within 50 feet), to surprise them anyplace, anytime within three weeks to deliver a valuable prize.

Until such time as this sales promotion ends and all 120 cans are accounted for, Coca-Cola packages should be opened and inspected before taking them into any area marked as a "Restricted Area" or where the location is sensitive or classified meetings/discussions, etc. are in progress or have the potential to occur at any time.

If one of these hi-tech game cans is found in snack bars, cafeterias, vending machines, etc. immediately report it to the Security Manager. While the can is your personal property, you must report obtaining it and immediately remove it from NSWC Crane work spaces.

As with any other two-way communications device, the hi-tech cans are not to be brought into any NSWC Crane classified facility under any circumstances.

While high technology is our livelihood, everyone must be alert to technology applications that can endanger National Security and the effectiveness of our support to the war fighters. Please report similar applications by marketers, etc. to the Security Office so the information can be widely disseminated. (source) (T-shirt)

Over 50% of Android Users Don't Use Passwords, Pins or Meaningful Swipes

An ad hoc survey conducted by Google's anti-abuse research lead Elie Bursztein has shown that over half of Android users don't lock their phones in any meaningful way. 

Click to enlarge.

After polling 1,500 users, he discovered that 52 percent of those users "open" their device with a simple slide or gesture, 25.5 percent have opted to locking their phones with drawing a pattern on a grid, and 15.1 percent are using a PIN.

Only 3.3 percent have opted for using a password, 2.3 percent for the option where the phone can recognize their face, and 1.8 percent are using other, 3rd party forms of authentication...
 
...no security is perfect. Both lock patterns and PIN codes can be vulnerable to smudge attacks, as a 2010 Usenix paper illustrates. So whether you use a PIN or a pattern you should change it from time to time. You might also want to go to your phone’s options screen and disable the display of the pattern so people can’t “shouldersurf” it. (more)

Google Explains Search Warrant Requests - for ages 2 and older

P.S. Word on the street... the cow is a spy.

From our, "You can't make this spy stuff up" file. - Spy Dolphins Defect

Ukraine’s secret unit of spy DOLPHINS that can plant bombs and attack divers with guns have defected to Russia.

• The Ukraine Army has been using dolphins and seals since the 70s
• After the fall of the USSR, the 'dolphin spies' remained in the Ukraine
• The dolphins have been trained to hunt for mines and plant bombs
• They can also attack divers with knives or pistols attached to their heads
• Now, military dolphins in Crimea will be transferred to the Russian Navy

While the dolphins show extraordinary intelligence, sometimes they disobeyed their Ukrainian commanders.

Last year three of five spy dolphins went absent without leave in the Black Sea - apparently in search of love, but returned to their duties shortly afterwards.

Yury Plyachenko, a former Soviet naval anti-sabotage officer, explained that this was something that had to be taken into account in working with the 007 mammals.

‘If a male dolphin saw a female dolphin during the mating season, then he would immediately set off after her. But they come back in a week or so.’ (more)

In Washington, DC this Spring? Need Something Cool to Do?

Check out The International Spy Museum...

U.S. Notified 3,000 Companies About Cyberattacks in 2013

Federal agents notified more than 3,000 U.S. companies last year that their computer systems had been hacked, White House officials have told industry executives, marking the first time the government has revealed how often it tipped off the private sector to cyber intrusions.

The alerts went to firms large and small, from local banks to major defense contractors to national retailers...

“Three thousand companies is astounding,” said James A. Lewis, a senior fellow and cyberpolicy expert at the Center for Strategic and International Studies. “The problem is as big or bigger than we thought.”

The number reflects only a fraction of the true scale of cyberintrusions into the private sector by criminal groups and foreign governments and their proxies, particularly in China and Eastern Europe. The estimated cost to U.S. companies and consumers is up to $100 billion annually, analysts say. (more)

How do the FBI and Secret Service know...

...your network has been breached before you do?
 
Knock, knock! Secret Service here. "Is this your customer payment card data?"

By all accounts, many of the massive data breaches in the news these days are first revealed to the victims by law enforcement, the Secret Service and Federal Bureau of Investigation (FBI). But how do the agencies figure it out before the companies know they have been breached, especially given the millions companies spend on security and their intense focus on compliance?

The agencies do the one thing companies don’t do. They attack the problem from the other end by looking for evidence that a crime has been committed. Agents go undercover in criminal forums where stolen payment cards, customer data and propriety information are sold. They monitor suspects and sometimes get court permission to break into password-protected enclaves where cyber-criminals lurk. 

They have informants, they do interviews with people already incarcerated for cybercrime, and they see clues in the massive data dumps of information stolen from companies whose networks have been breached. (more)

Spyware & Malware Odds & Ends

A spyware app developed by two researchers has shown that Google Glass can be used to secretly take photos of whatever a Glass wearer is looking at without their knowledge - making the Glass user the one whose privacy and security is potentially compromised. (more)

Security researchers said they have uncovered bugs in Google's Android operating system that could allow malicious apps to send vulnerable devices into a spiral of endlessly looping crashes and possibly delete all data stored on them. (more)

Stingray is a US law enforcement spoof cell tower used to track the location of mobile phones. Snoopy is a project conducted by London-based Sensepost Research Labs that does similar and much more with any WIFI-enabled device. Now Snoopy has gone airborne – mounted on a drone it can hover above a target area and trick mobile devices into connecting: a form of flying man-in-the-middle attack... The drones collect the devices' probe requests, which could be looking for networks that the user has recently connected to, and mimic them. "If your device is probing for 'Starbucks', we'll pretend to be Starbucks, and your device will connect." Once that connection is made, Snoopy can listen in. (more)

Capital One Bank Settles in $3 Million Wiretp Law Suit (Now we know what's in cardholder's wallets.)

A putative class of Capital One Bank NA cardholders in five states have secured a $3 million settlement of claims that the bank covertly recorded outbound customer service calls, according to documents filed Monday in California federal court.

 The pact puts to rest a suit over the bank’s alleged violations of California’s Invasion of Privacy Act and the similar two-party consent laws of Florida, Maryland, Nevada and New Hampshire. (more)

Is your organization doing any recording? What's in your policy?

The Bug Stopped Here - Ireland's Police Chief Resigns

Ireland's police chief resigned Tuesday following months of criticism of how his force handled allegations of illegal wire-tapping and corrupt enforcement of traffic laws. 

Underscoring a growing sense of public unease at police standards and behavior, government leaders announced that they would open a judge-led probe into new revelations that telephone calls at many police stations had been illegally recorded since the 1980s.

The government said it didn't yet know why the widespread recording was secretly happening. Security analysts said it could partly reflect an effort by senior commanders to monitor rank-and-file officers' communications...

It said a judge would be appointed to examine why police had secretly recorded telephone conversations in and out of many police stations for several years, a practice ended only in November after the first wire-tap scandal became public knowledge. (more)

New Bot Targets Apple iOS Devices - Tip: Don't Jailbreak

A new bot with the name Zorenium has landed in the criminal underground, with the ability to target Apple iOS devices like iPhone and iPad. It's not widely known, nor is it widely detectable...
 
The analysis suggests that Apple devices must be jail-broken to be vulnerable, which makes sense given Apple’s tight control over the iOS ecosystem—there’s a reason after all that virtually all mobile malware targets Android. (more)

Ex-President Spills His Secret to Ducking Electronic Surveillance

Former US President Jimmy Carter has said he hand-writes letters to foreign and US leaders in an effort to evade what he described as pervasive US electronic surveillance.

Mr Carter, 89, told the Associated Press he had "no doubt" the US monitored and recorded "almost every telephone call" and email.

His humanitarian efforts bring him in contact with a range of foreign and US political leaders. (more)

Man Head-Butts 'Spying' CCTV Operator

UK - A man who thought someone was using a security camera to spy on his girlfriend tried to break the devices, a court has heard.

The man, 33-year-old Richard Hill, later assaulted the operator (Mr. Jordan) when confronting him over his use of the devices...

Peter Love, prosecuting, told Worcester Magistrates’ Court...

“He was swearing at him (Mr. Jordan) and punched him in the face.

“He then head-butted him in the nose and ran off towards the city centre.”

When Hill was interviewed about the offences he said he struck the camera because he was told Mr Jordan was using the device to watch his girlfriend. He said he assaulted him because he had made him angry. (more)

TSCM Quote of the Month

"It's a well-known fact that businesses world-wide invest thousands or even millions protecting themselves from hackers and perceived cyber threats, but often fail to protect themselves against the threat of technical surveillance." –Peter Rucinski of Assure Technical, speaking about lack of attention businesses pay to finding bugs, wiretaps, spycams and other forms of electronic surveillance. (source)

5 Cool Spy Gadgets and Weapons You Probably Never Knew About

What do you get when you combine 368, 5.0-megapixel smartphone cameras into a mosaic and then add some other classified parts?


The DARPA-funded Autonomous Real-Time Ground Ubiquitous Surveillance Imaging System (or ARGUS-IS) of course. According to PetaPixel, "ARGUS-IS is a 1.8 Gigapixel drone-mounted surveillance system that took 30 months and $18.5M to become a reality. The video above is a clip from a new PBS documentary titled 'Rise of the Drones'. It offers a fascinating peek at what the drone cam is capable of." (more)

Leaving us to wonder what everyone else said...

Wireless surveillance (company) iWatchLife today released the results of a new poll indicating that nearly one in three people are completely comfortable with the idea of using electronic surveillance to watch over their elderly parents who live alone.

The poll, commissioned by iWatchLife and undertaken by Persona Research on March 16, 2014, surveyed 500 people. Respondents were asked if they would ever consider using electronic surveillance to ensure that their parents were safe. Over 30 percent said yes. (more)

A Business Espionage Front Line Warning - Pay Attention

While classified and clearly-defined national security information will always be sought-after by our adversaries, there is a rapidly growing interest in corporate America’s intellectual property.

By Doug Thomas, Lockheed Martin Corporation, a 2014 CSO40 award recipient

Throughout much of my 35 years of government service, I was focused on what many people are still focused on today: cleared people, classified programs, and traditional national security... 

Yesterday’s spies were government employees or military personnel, stealing classified information... Today’s depiction of espionage takes on a very different picture.
 
Today’s spies also come from private industry -- financial institutions, industrial fabricators, defense contractors, members of academia, etc. ...stealing information on behalf of the intelligence service of a foreign nation state, or industrial espionage, where information is stolen to benefit a competitor, either foreign or domestic...
 
Today there is no difference between national security and economic security. By failing to safeguard the fruits of our innovative labor... we face the prospect of losing our position as a leader in the global marketplace.

The threat... is very real and growing at an aggressive rate...

I urge private industry leadership to take steps to counter this growing threat to our economic prosperity and national security. (more)

My two cents. 
My other two cents.

From our "You can't make this eavesdropping stuff up" file...

A former Idaho lawmaker decided to hide in a Senate chamber closet for five to six hours on Tuesday, presumably to eavesdrop on her colleagues.

A rule in the Idaho Legislature allows floor privileges for former state senators. But the state Senate voted 28-6 on Wednesday to suspend that rule for one of their former colleagues—Nicole LeFavour. The day before, LeFavour—Idaho's first openly gay state lawmaker—had been discovered hiding in a closet behind the Senate chamber and was asked to leave.

"Closets are never safe for gay or transgender people," she told the Spokesman-Review. (more)

Illinois Supreme Court – Audio Recording Law too Broad

IL - The Illinois Supreme Court this morning struck down the state’s eavesdropping law, one of the strictest in the nation that made audio recording of any person, even in public, illegal unless that person gave their consent.

The court ruled that the law "criminalizes a wide range of innocent conduct."

"The statute criminalizes the recording of conversations that cannot be deemed private: a loud argument on the street, a political debate on a college quad, yelling fans at an athletic event, or any conversation loud enough that the speakers should expect to be heard by others," the court said in its ruling.

"None of these examples implicate privacy interests, yet the statute makes it a felony to audio record each one. Judged in terms of the legislative purpose of protecting conversational privacy, the statute’s scope is simply too broad," the justices ruled. (more)

Business Espionage: AT&T May Pay 1.5 Million to Settle Eavesdropping Lawsuit

AT&T is reportedly about to shell out some $1.5 million, in payments of $4,000 each, to hundreds of class action plaintiffs who say they were victimized as a result of illegal conduct by so-called private investigator to the stars Anthony Pellicano.

The phone company is a defendant in civil litigation because rogue employees at AT&T's Pacific Bell allegedly helped Pellicano with illegal investigative techniques. including wiretapping, according to the Hollywood Esq. blog of the Hollywood Reporter. Pellicano was convicted in 2008 of crimes related to his alleged violation of wiretap laws. (more)

Windows Spy Tool Also Monitors Android Devices

Researchers have discovered that a commercial Windows-based spy program now comes equipped with capabilities for spying on Android devices as well... 

“The Android tool has multiple components allowing the victim’s device to be controlled by another mobile device remotely over SMS messages or alternatively through a Windows-based controller,” said researchers at security company FireEye who discovered GimmeRAT...

Remote access Trojans for Android are nothing new; Dendroid and AndroRAT are two that have been in circulation for some time. But this is the first time that a multiplatform Windows RAT featuring Android capabilities has been discovered. (more)

Former Microsoft Employee Arrested for Allegedly Stealing Windows 8 Trade Secrets

Alex Kibkalo, a former senior architect at Microsoft who most recently served as a Director of Product Management in 5nine Software (according to his LinkedIn profile), has been arrested for allegedly stealing Windows-related trade secrets while working for Microsoft.

Kibkalo was arrested on Wednesday, according to a report in the Seattle Post-Intelligencer.

According to a complaint filed on March 17 in the U.S. District Court for the Western District of Washington, Kibkalo -- a Russian national and former Microsoft employee based in Lebanon -- passed on trade secrets involving Windows 8 to an unnamed technology blogger in France. (more)

Facilities Managers: Everything You Need to Know about Counterespionage Bug Sweeps

You know everything about managing facilities, but a request from management to debug your building can throw even the most seasoned FM for a loop. With the help of an outside professional, you can ensure speech privacy and business security.

Business espionage is a growing concern, yet it’s mistakenly thought of as an IT department problem. The reality is that the information IT protects is vulnerable to theft long before it is put into the computer – what people talk about and with whom provides the most valuable information.

Electronic eavesdropping has also become cheap and easy. Spy gadgets, such as bug transmitters, micro voice recorders, and covert video cameras, were once expensive and hard to come by. All are now available online for under $100. Some even use Wi-Fi, Internet, and cell phone networks as communication conduits.

Because building owners are focused on physical security, the chances are slim that a corporate spy will be detected or caught. A technical information security survey, however, can put an end to electronic eavesdropping and remote surveillance. (more) P.S. If you like the article, please give it a nice star rating, and have it help others via a social media plug. Thank you.

"OK, which one of you said 'coool'?"

The National Security Agency has built a surveillance system capable of recording “100 percent” of a foreign country’s telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden. (more)