Missing Email? Maybe it was Doppelganged!

Two researchers who set up doppelganger domains to mimic legitimate domains belonging to Fortune 500 companies say they managed to vacuum up 20 gigabytes of misaddressed e-mail over six months.

The intercepted correspondence included employee usernames and passwords, sensitive security information about the configuration of corporate network architecture that would be useful to hackers, affidavits and other documents related to litigation in which the companies were embroiled, and trade secrets, such as contracts for business transactions.

Sample of Info Netted - Click to Enlarge

“Twenty gigs of data is a lot of data in six months of really doing nothing,” said researcher Peter Kim from the Godai Group. “And nobody knows this is happening.”

Doppelganger domains are ones that are spelled almost identically to legitimate domains, but differ slightly, such as a missing period separating a subdomain name from a primary domain name – as in the case of seibm.com as opposed to the real se.ibm.com domain that IBM uses for its division in Sweden. (more)

Employee monitoring: When IT is asked to spy

With staff surveillance on the rise, high-tech types can be put in the awkward position of having to squeal on their fellow workers.

As corporate functions, including voice and video, converge onto IP-based networks, more corporate infractions are happening online. Employees leak intellectual property or trade secrets, either on purpose or inadvertently; violate laws against sexual harassment or child pornography; and waste time while looking like they are hard at work.

In response -- spurred in part by stricter regulatory, legal and compliance requirements -- organizations are not only filtering and blocking Web sites and scanning e-mail. Many are also watching what employees post on social networks and blogs, even if it's done from home using noncompany equipment.

They are collecting and retaining mobile phone calls and text messages. They can even track employees' physical locations using the GPS feature on smartphones. 

 Long story, but here is the bottom line...

It's more common that the IT manager doesn't know how to correctly preserve evidence, and probably doesn't even know what information might be legally relevant, says Jason M. Shinn, an attorney with Lipson, Neilson, Cole, Seltzer & Garin PC who specializes in electronic discovery and technology issues in employment law. (more)

The Employee Competitor: Spy in the Yogurt

Click here.

The American yogurt market has remained pretty steady over the past few years, yet the yogurt areas in all my go-to grocery stores keep expanding, meaning it’s an increasingly competitive industry, and this fosters the sort of tense environment that sometimes can lead to suspicions of corporate espionage.

On Wednesday, Bloomberg reported that Dannon Co. sued its former senior vice president, Federico Muyshondt, alleging he divulged trade secrets to colleagues at his new job, which is with Chobani LLC. Both of these companies, obviously, are renowned for their yogurt.

According to the complaint—filed in a federal court in White Plains, New York—Muyshondt stands accused of pilfering details of Dannon’s business strategy, plans for forthcoming products, and lists of customers before he left the company in January to take a job with Chobani, which was not named as a defendant in the lawsuit. more

Business Espionage: The Devine Apple Caper

Former Apple Employee Pleads Guilty to Selling Company Secrets 

Last August a man by the name of Paul Devine, 37 years old, was arrested following an FBI and IRS investigation. Apparently Mr. Devine was taking information on "product forecasts, roadmaps, pricing targets, product specifications, and data obtained from Apple's business partners" and passing it along to Apple's suppliers.

Why would suppliers want this info? Well typically they compete for Apple contracts and this info could give them an edge in the process. It could also afford them an advantage in negotiations on price/etc. once they had won the contract. Additionally, the information could be passed along to rival firms as some suppliers, like China's Foxconn, work with many companies.

The sell-out netted Mr. Devine over $10,000 in cash transferred from banks in the U.S. and overseas. And it cost Apple, by the company's estimates, over $2.4M USD. (more)

 

Imagine what Apple would lose if they didn't have a corporate counterespionage strategy? Got a strategy? Get one here.

Business Espionage - The McGraw-Hill Case

In a lawsuit filed yesterday in New York, construction information publisher Reed Construction Data claims that McGraw-Hill Construction Dodge posed as fake customers of RCD in order to access confidential information and trade secrets. According to the filing made in the Southern District Court of New York, Dodge used consultants to subscribe to RCD data under false identities and companies. RCD says in its statement, “Dodge then allegedly manipulated the information to create misleading comparisons between Dodge and RCD’s products and services in an effort to confuse the marketplace.”

The actual court filing names Dodge employee Erick Kubicka as the person appointed as “Director of Competitive Intelligence,” whose job was to penetrate RCD’s databases. In fact, the suit says that Kubicka was commonly referred to by colleagues as “The Spy.” The filing also claims that Kubicka later gave a presentation in 2004 and 2005 to his own sales reps that included a walk-through of RCD’s Reed Connect data product and its competitive weaknesses. The information had been gleaned by a consultant hired by Dodge who posed as a customer and gave Dodge unfettered access to the RCD databases. (more)

Spy Tip: "Director of Competitive Intelligence" is not a subtle enough cover for the job.

Chinese Spy Sentenced to Death... by China

A Chinese man has been sentenced to death for leaking more than 150,000 classified documents to an unidentified foreign power, state television said on Tuesday, offering unusual details of a kind of case rarely mentioned in public.

The man, a computer technician from Sichuan named as Huang Yu, worked for a government department which handled state secrets, but he was a bad employee and was sacked, the report said. more

Corporate Espionage Fail - WeWork Staffers Caught

NYC - The battle in the red-hot co-working space business is heating up.

WeWork, the No. 1 player in the sector, allegedly sent two spies to infiltrate rival Knotel — to steal info and some customers, Knotel claimed.

The spies showed up at seven Knotel properties in Manhattan last month in a “systematic attempt to pilfer Knotel’s proprietary information and trade secrets,” according to a cease-and-desist letter the smaller company sent to WeWork...

The corporate espionage rookies might have pulled off the caper — except, in a totally random happening, a Knotel employee recognized one of them as a friend of a friend, according to sources close to Knotel.

While the pair used fake names to gain entry, according to the letter, a call to the Knotel worker’s pal got the spy’s real name — and a couple of social media inquiries turned up the fact that he worked for rival WeWork, sources said. more

Investigation-driven Findings Identify Major Spikes in Industrial Espionage Incidents

 Key findings of the DTEX Systems 2022 Insider Risk Report include:

• The ‘Super Malicious Insider’ accounted for 32% of malicious insider incidents...

• 72% year-over-year increase in actionable insider threat incidents;

• 42% of actionable incidents were related to IP and data theft, including industrial espionage incidents related to the theft of trade secrets, source code, and active collusion with a foreign nexus;

• 75% of insider threat criminal prosecutions were the result of remote workers;

• 56% of organizations had an insider data theft incident resulting from employees leaving or joining companies;

• +200% year-over-year increase in data loss associated with users taking screenshots during confidential Zoom and Microsoft Teams meetings; and

• +300% year-over-year increase in employees utilizing corporate assets for non-work activities.

For more than a decade, insider threats have been categorized as either malicious, negligent or compromised. Based on the findings of the DTEX i³ team, a fourth persona has emerged—the Super Malicious Insider. 

The Super Malicious Insider is a technically proficient employee who is acutely aware of an organization’s cyber security architecture, solutions, and processes and who understands both the technical and human analyst limitations in detecting insider threat indicators. more

It is time for your organization to implement a corporate counterespionage plan.

Why You Really Need a Technical Information Security Consultant

The non-existence of a trade secret asset: ‘confidential’ information
by R. Mark Halligan 

FisherBroyles LLP

For years, there has been a debate whether “confidential” information is analogous to a “trade secret.” It is not. Information is either protected as a “trade secret” or not protected as a “trade secret.” Any other characterization of “confidential” information undermines the protection of trade secret assets and interferes with lawful and fair business competition.

There is no such thing as non-trade secret “confidential” information.

There is no such thing as “confidential” information that does not rise to the level of a trade secret.

There is no middle ground: Either the information is a “trade secret” (and protectable) or not a trade secret (and not protectable).

A “trade secret” is an intellectual property asset that requires reasonable measures to protect the information as a “trade secret” and proof that such information derives an actual or potential economic advantage from the secrecy of the information. more

Your business is based on information and conversations considered confidential, sensitive, or intellectual property. These create your competitive advantage. No less important than trade secrets, and yet, not protected under trade secret law. 

So, what protection do you have? 

Start by adding a Technical Information Security Consultant to your team. Their proactive surveys can spot espionage issues like electronic eavesdropping, information security risks, and employee compliance with information security policies—before they become losses.

Security Budget Cuts Cost More Than They Save

• "If it were to become manifest just how routinely hugely sensitive corporate and governmental data is being hacked, I can guarantee that none of us would rest easy in our beds again."

• "Sixty percent of office workers faced with redundancy or the sack admit they will take valuable data with them, if they could get away with it! 40% are downloading sensitive company secrets right now under their bosses nose in anticipation that they could lose their job."

• "Sixty-two percent of workers admitted it was easy to sneak company information out of the office."

• "In the wake of the recession, more businesses are facing a growing financial threat: employee theft. New research shows that employers are seeing an increase in internal crimes..."

• "More than half the workers surveyed who admitted to already downloading competitive corporate data said they would use it as a negotiating tool to secure their next post because they know the information will be useful to future employers."
To read the whole story behind each of these quotes, visit: interopsgroup.com

Spy News of the Week

Sweden - "Earlier this week the Swedish stasi-government decided -- against the peoples wishes -- to wiretap all internet and telephone traffic in order to protect Sweden against threats. As you all know, being a neutral country makes Sweden a target for all the terrorists of the world, apparently," blogs one of The Pirate Bay's admins, Peter Sunde. "Many people have asked me what we're planning to do -- and the answer is 'A lot!'. This week we're going to add SSL to The Pirate Bay. We're also going to help out making a website about easy encryption -- both for your hard drives and your net traffic." (more)

Germany - German incumbent Deutsche Telekom is going to get yet another scolding. German public television channel ZDF reported the former operator turned self-spying agency wire tapped a few customers. Apparently 120 calls were illegally tapped by the company, without any court order or involvement of the police. (more)

UK - Every council in England will today be instructed to stop using tough laws to spy on people over "trivial matters" such as dog-fouling and litter offences. (more)

New Zealand - A 21-year-old peeping tom has been caught spying on his female neighbour in Dunedin. The Otago University student was nabbed peering through a flat window just before 9pm yesterday. (more)

India - This year the Delhi University saw many of the "spy students" hired by private detective agencies being roped in by parents to keep an eye on their wards. However... a growing number of students are visiting detective agencies and are offering handsome amounts to them to know whether their parents have hired any "spy students", mainly girls, to keep a watch on their activities. (more)

United States - Xiaodong Sheldon Meng, 44, who was raised in China and holds Canadian citizenship, was sentenced on the rare charge of committing economic espionage against the U.S. It's the most serious crime under the Economic Espionage Act of 1996 and involves stealing trade secrets to benefit a foreign government. (more)

South Africa - The bugging devices of the former dispensation, which were used in foreign embassies in South Africa and had been planted by an espionage front company, are still being used. (more)

Switzerland - A left-wing campaign group asked Swiss authorities on Friday to investigate Swiss food and drinks giant Nestle SA for allegedly hiring a spy to infiltrate the group. A Swiss chapter of anti-globalization group Attac filed the legal complaint in Vaud canton (state), after learning that an employee of Securitas AG security company took part in its private meetings between late 2003 and June 2004... (more)

United States - US information security company Cyber-Ark surveyed 300 senior IT professionals, and found that one-third admitted to secretly snooping, while 47 per cent said they had accessed information that was not relevant to their role. (more)

Bulgaria - A man applied for a job as an industrial spy. Together with several other applicants, he was given a sealed envelope and told to take it to the fourth floor. As soon as the man was alone, he stepped into an empty hallway and opened the envelope. Inside, a message read: "You're our kind of person. Report to the fifth floor Personnel Office." (source)

Business Espionage: Rival CEO Posed as Exec to Get Secrets

The CEO of a sporting goods chain who once appeared on the TV show "Undercover Boss" pretended to be an executive from a rival company in an effort to get confidential information, according to a lawsuit.

Artist's conception. Not a real executive spying.

Dick's Sporting Goods claims in a lawsuit filed Feb. 20 in Mercer County Court that Mitchell Modell, CEO of Modell's Sporting Goods, showed up at a Dick's store in Princeton in February saying he was a Dick's senior vice president.

Dick's alleges Modell told employees he was to meet the Dick's CEO there and persuaded workers to show him the backroom of the store and to answer questions about the business. Modell gathered information about online sales, including a "ship from store" program that gets products to customers' doors quickly, the lawsuit said. (more)

Security Director Alert: Like electronic eavesdropping, business espionage via social engineering is one of the more common spy tricks. In addition to TSCM, make employee awareness about social engineering part of your counterespionage strategy. This story makes an excellent talking point.

5 Steps for Preventing & Mitigating Corporate Espionage

via Evan Gibbs, Will Taylor, Partners, Troutman Pepper
There has been a steady increase in the volume of incidents involving corporate espionage, especially matters in which an insider is the bad actor. In an era when such risks are escalating, protection of sensitive corporate information has become paramount.

Here are five key strategies companies should implement to prevent and mitigate corporate espionage. (summary...)

1. Insist on Nondisclosure Agreements
2. Know and Control Your Trade Secrets
3. Perform Due Diligence
4. Train Your Employees and Independent Contractors
5. Promptly Investigate Suspected Activity

Preventing and mitigating corporate espionage requires a multifaceted approach. By implementing rigorous legal safeguards, conducting thorough due diligence, using secure communication practices, providing comprehensive employee training, and responding promptly and effectively to suspected activity, companies can significantly enhance their protection against corporate espionage and safeguard their assets. more

The Athens Cell Phone Eavesdropping Affair

On 9 March 2005, a 38-year-old Greek electrical engineer named Costas Tsalikidis was found hanged in his Athens loft apartment, an apparent suicide. It would prove to be merely the first public news of a scandal that would roil Greece for months.

The next day, the prime minister of Greece was told that his cellphone was being bugged, as were those of the mayor of Athens and at least 100 other high-ranking dignitaries, including an employee of the U.S. embassy.

Even before Tsalikidis's death, investigators had found rogue software installed on the Vodafone Greece phone network by parties unknown. ...the Athens affair stands out because it may have involved state secrets, and it targeted individuals—a combination that, if it had ever occurred before, was not disclosed publicly.

Given the ease with which the conversations could have been recorded, it is generally believed that they were. But no one has found any recordings, and we don't know how many of the calls were recorded, or even listened to, by the perpetrators. ... We still don't know who committed this crime. (much more)

Security Director Alert: Millions of Connected Cameras Open to Eavesdropping

A supply-chain component lays open camera feeds to remote attackers thanks to a critical security vulnerability.  

Millions of connected security and home cameras contain a critical software vulnerability that can allow remote attackers to tap into video feeds, according to a warning from the Cybersecurity and Infrastructure Security Agency (CISA).

The bug (CVE-2021-32934, with a CVSS v3 base score of 9.1) has been introduced via a supply-chain component from ThroughTek that’s used by several original equipment manufacturers (OEMs) of security cameras – along with makers of IoT devices like baby- and pet-monitoring cameras, and robotic and battery devices. 

The potential issues stemming from unauthorized viewing of feeds from these devices are myriad.

For critical infrastructure operators and enterprises:

• video-feed interceptions could reveal sensitive business data,
• production/competitive secrets,
• information on floorplans for use in physical attacks,
• and employee information.

And for home users, the privacy implications are obvious. more

Business Espionage - Valspar Corp.

IL - A former Valspar Corp. employee was accused by U.S. prosecutors of stealing trade secrets from the paint maker, then packing his belongings for a one-way trip to China, where a new job in the same business awaited him.

David Yen Lee, 52, appeared Friday before U.S. Magistrate Judge Sidney Schenkier in Chicago, one day after FBI agents said they arrested him in possession of a pocket-sized computer "thumb drive" containing Valspar data. (more)

Can't say we haven't been warning you...
Warning 1
Warning 2
Warning 3
Warning 4
Warning 5
Warning 6
Warning 7
Warning 8

Why Is Sports Crime Different?

Professional sports are not just 'sports'. Sports are businesses, big businesses. Each team is a corporation. Their profits rise and fall on their successes and failures - just like any other business.

When a team executive spies for competitive advantage that team is stealing money from the losing opponent. This is a crime.

How much money are we talking about here?

Take the Super Bowl for example. Heck, take three Super Bowls. Winning via fraud can add up. Denny Hatch estimated three Super Bowl wins adds up to about $1.7 million!

Bill Belichick, the New England Patriots football coach, coincidentally 'led' his team to three Super Bowl victories. He was caught spying on his opponents. He was fined $500,000 (tax deductible) - approximately 12% of his yearly salary. He wasn't fired from his job. He wasn't suspended from even one game.

Is Belichick appealing the decision? No. Just a cost of doing business, I guess.

The McLaren-Mercedes Formula One team was fined $100 million this month for their little espionage caper against Ferrari. Are they appealing the decision? No. Cost of doing business?

Compare 'Sports' business to conventional business...
• A federal judge ignored a former Coca-Cola secretary’s tearful plea for mercy and sentenced her to eight years in prison for conspiring to steal trade secrets from the world’s largest beverage maker. U.S. District Judge J. Owen Forrester told Joya Williams, 42, that he was giving her a longer sentence than recommended by federal prosecutors and sentencing guidelines because, “This is the kind of offense that cannot be tolerated in our society.”
• Kenneth Lay, former Chairman of Enron, lost his job, faced a decades-long prison term for his fraud and died of a heart attack. Jeffrey Skilling, Enron's former CEO, is currently serving a 24-year, 4-month prison sentence.
• Hewlett-Packard's spy scandal: Carly Fiorina, former CEO, fired.
• Wal-Mart's spy scandal: Bruce Gabbard, security employee, fired.

Unlike Belichick and the McLaren-Mercedes Formula One team 'Wacky Racers', none of the conventional business folks are out there 'enjoying the game' any more.

So, why is stealing money in the sports world treated differently?
What messages does this send to our children?
~Kevin

Hello Moto - Ex-employee Sentenced for Spying

IL - A federal judge sentenced a Chinese-born American to four years in prison for stealing millions of dollars in trade secrets from Motorola, describing her as a soft-spoken, unassuming woman who carried out a ‘‘very purposeful raid’’ on the company in the dead of night.

In a barely audible voice and heavily accented English, 41-year-old Hanjuan Jin told the judge she was ‘‘so sorry for what happened’’ and pleaded for a second chance. Her lawyers had argued that she took the files merely to refresh her knowledge after a long absence from work and was not spying for China. They appealed for leniency and asked that Jin receive probation, in part because of her poor health. ( more)

But before you pull out your hankerchef...
Jin, who worked as a software engineer for Motorola Inc. for nine years, was stopped during a random security search at Chicago’s O'Hare International Airport on Feb. 28, 2007, before she could board a flight to China. Prosecutors say she was carrying $31,000 and more than 1,000 confidential Motorola documents, many stored on a laptop, four external hard drives, thumb drives and other devices.

Business Espionage: Invisibility & Examples of Tactics

There are three primary reasons that we don't hear more about corporate espionage:

1. Because businesses often don’t realize they’ve been compromised. 
2. If they do find out, a public announcement would be counterproductive, eroding investor confidence. 
3. Finally, industrial espionage works both ways — companies may keep compromises quiet to preserve their own business intelligence gathering activities.

Five recent court cases highlighting business espionage tactics...

• Buying Trade Secrets
• Digging Up Dirt, Literally
• Employee Poaching
• Classified Ads
• Cyber Theft

Click on more for all the details. (more)

Business Espionage - Chow Down

The owner of restaurant chain Mr. Chow alleges a rival restaurateur sent a spy to his soon-to-open Miami eatery to learn Mr. Chow's secrets.

FL - Michael Chow, who started his first Mr. Chow store more than 30 years ago, added "corporate espionage" to the charges in his trademark infringement suit against Philippe Chow, a former employee who owns a restaurant across the street from the new Mr. Chow, the New York Post reported Friday.

The lawsuit claims a 65-year-old man disguised as a chef was present when kitchen staff were being briefed on plans for the restaurant and, when confronted by an executive chef, said he was "incognito" so "your boss will not notice."

Philippe and his partner, Stratis Morfogen, denied the charges.

"This is beyond bizarre and at this point we have no further comment describing Michael Chow's delusional and paranoid state of mind," Morforgen said. (more)
Ouch! That bites.