Thursday, May 7, 2009

Hackers seek payment after break-in on state health care site

Hackers are demanding $10 million to release some eight million patient records claimed to be in their control following the compromise of Virginia's Prescription Monitoring Program (VPMP) website.

Whistleblower site Wikileaks published a copy of the ransom note left by the hackers on the website, which is used by pharmacists to follow incidents of drug abuse. The note said the intruders possessed 8.3 million patient records and 35.6 million prescriptions.

Also, the thieves said they created an encrypted backup of the data and deleted the original files.


"For $10 million, I will gladly send along the password," the note said... The VPMP website remains inaccessible. (
more)

When they catch this dude, and they will, I'll give him/her a Keyboard Cat play off. ~ Kevin

Wednesday, May 6, 2009

"How Real is the Risk of Corporate Espionage Today?"

via Security Director's Report (04/09) Vol. 2009, No. 4...
Globalization has resulted in an increased threat of corporate espionage.
There are a variety of risks that companies are currently facing. Espionage exists in all industries, but those that are in the high-tech sector will face the most exposure.


Businesses also should be careful of foreign-government spying and U.S. companies that outsource data to India should be mindful of industrial espionage by the country's businesses. Many more competitive intelligence units have been created in order to spy on competitors, especially because it is now much easier to do so.

Spy devices, such as GPS tracking systems and listening devices, as well as Ethernet over Power
(sic) help spies find information.

In addition to facing outside risk,
companies are simply vulnerable to espionage. Physical defenses are poor and many spies have successfully paid internal employees to steal company data. However, there are solutions to espionage. (more)

SpyCam Story #527 - Cereal Intruder

Australia - A mystery intruder has been plundering cereal and sleeping on the couches for weeks at one of Sydney's marketing agencies...

Even more peculiar, was the absence of large amounts of cereal - about six bowls a night - from the stocks in the office kitchen, and evidence that the showers had been used...


While the company hires creative people to promote clients' brands, it was a moment of genius from the woman who runs the kitchen that snared the unwanted visitor. She came up with the idea of hiding a camera in a cereal box...

The camera was linked to a computer and activated by motion sensors, snapping clear photos of the intruder on his next visit and emailing them to staff...


They showed the man slipping into the office via an overhead ventilation panel (the office is on the building's fifth and top floor) and then leaving via the fire escape...


"He was a particularly neat guy. He'd come in at 4am, have breakfast - and it was a hearty breakfast, six bowls - clean up after himself, shower and then leave.


"He'd made his home here.'' (more)

Monday, May 4, 2009

Spy scandal hits 2016 Olympic race

Rio de Janeiro accuse one of its 2016 Olympic rivals of spying.
On the eve of the IOC Evaluation Commission's final day in Brazil, Rio's bid team revoked the journalist credentials of a man who claimed to be a reporter working for a news agency in Spain. It turns out the man is a paid consultant to Madrid's Olympic bid.

Rio 2016 is reportedly considering filing a formal ethics complaint with the International Olympic Committee. Madrid admits the man works for its Olympic PR firm but denies he was sent as a spy. (more)

"Sometimes you win sometimes you lose,

And sometimes the blues just get a hold of you..."
A total of 10 Lebanese men have now been arrested and charged with spying for Israel...
All of those detained are said to have been linked to a spy cell headed by retired Brig.-Gen. Adib Al-Aalam, who was arrested on April 14. As with the others, the latest suspects were charged with gathering information on Lebanese and Syrian military and civilian installations in order to “facilitate” attacks by the Israelis. (more)

"Sometimes you win, sometimes you lose
And most times you choose between the two..."
U.S. drops charges against two alleged Israeli spies. (more)

Wonderin', wonderin' if you have made it..."
Israeli Prime Minister Benjamin Netanyahu has extended by a year the term of office of the head of the Mossad spy agency... (more)

"I'm Talkin' 'bout a sweet seasons on my mind..."
Lyrics by Carole King

The Other Wiretap

WireTap is a half-hour radio show that airs on CBC Radio One Sunday afternoons... An hour-long version of WireTap is distributed in the United States by Public Radio International and is heard on multiple public radio stations. Hosted by Jonathan Goldstein, former producer of Public Radio International's This American Life, the show features stories that are told over the phone ostensibly by Goldstein's friends and family.

The show has possibly been best described as "a weekly half-hour of conversation, storytelling and introspection, culled from equal parts real-world experience and the warp of Goldstein's imagination." Each show tends to follow a particular investigative theme; titles for past shows includes: "Life Lessons", "Reach for the Top", "Prized Possessions" and "Our Fathers".

The series began in the summer of 2004 as a 10-episode experiment... As of 2008, Wiretap has a weekly listenership of 350,000. (more) (more) (more)

Saturday, May 2, 2009

Man Used Baby Monitor to Eavesdrop on Woman

CT - A 37-year-old city man was arrested on eavesdropping charges after a baby monitor was found hidden under a women's bed in Belltown, a police sergeant said.

(The man) was charged with third-degree burglary and eavesdropping. Police believe (the man) set up the monitor to listen to the victim's room, Sgt. Paul Guzda said.

The 34-year-old woman reported to police March 30 that after hearing a strange noise sounding like electric static, she found a baby monitor under her bed, Guzda said. The monitor was plugged into a nearby electrical socket. (more)

People we love... Antonio Prohías

48 years ago, this month, Mr. Spy vs. Spy came to the United States. The rest is history...

Antonio Prohías
(January 17, 1921 – February 24, 1998), born in Cienfuegos, Cuba, was a cartoonist most famous for creating the comic strip Spy vs. Spy for MAD Magazine.

In the late 1940s, Prohías began working at El Mundo, the most important newspaper in Cuba. By 1960, he had become an internationally recognized and awarded political cartoonist. At this time, Fidel Castro's government took over the paper, and Prohías left Cuba for New York, where he found himself attracted to Mad.

El Hombre Siniestro: (The Sinister Man) wore a wide-brimmed hat and overcoat and had a long pointed nose, becoming the prototype for the Spies. (more)

In the late 1950s Antonio Prohias was the president of the Association of Cuban Cartoonists. On the first of May 1960, he fled from Cuba to America flat broke. Once in the states, he went directly to work at Mad magazine, and became an internationally respected and beloved cartoonist. He started 'Spy vs. Spy' as an anti-Castro cartoon, but it ended up as one of the most popular features in Mad magazine. Prohias drew 'Spy vs. Spy' for Mad until he retired in 1990. Even though Antonio Prohias passed away in 1998, 'Spy Vs. Spy' can still be enjoyed in every issue of Mad Magazine. (more) (NPR audio report) (The first "Spy vs. Spy")

Visitors to my office smile when the see Mr. Black Spy riding atop a 3-foot bomb, on its way down to pay Mr. White Spy a visit. One can only guess what the next frame of this story will be. One thing we all know, the last frame will be MAD... Mutually Assured Destruction. Wry Prohías humor. Neither side ever wins.

Need something to make you, or a friend, smile? Go MAD. Let The Spy Guys make it happen. The International Spy Museum has an army of them waiting for you. Click here.

Friday, May 1, 2009

2008 U.S. Wiretap Report

A total of 1,891 intercepts authorized by federal and state courts were completed in 2008, a decrease of 14 percent compared to the number terminated in 2007. The number of applications for orders by federal authorities fell 16 percent to 386. The number of applications reported by state prosecuting officials dropped 14 percent to 1,505, with 22 states providing reports, two fewer than in 2007. Installed wiretaps were in operation an average of 41 days per wiretap in 2008, compared to 44 days in 2007. The average number of persons whose communications were intercepted decreased from 94 per wiretap order in 2007 to 92 per wiretap order in 2008. The average percentage of intercepted communications that were incriminating was 19 percent in 2008, compared to 30 percent in 2007. (report)

Used Laptops - Hidden Costs

OH - Susan Jeffrey needed a computer, so she decided to buy a used laptop. She hooked up her Webcam and started chatting online with a childhood sweetheart in Boston. After a few weeks of sending messages and what she called private pictures to him, police showed up at her Springfield home.

"They shook a little paper and they said, 'We have a warrant for your arrest,'" Jeffrey said. "I said, 'What?'"

It turned out that the laptop Jeffrey bought was stolen... The computer was equipped with Absolute Software's Computrance LoJack for Laptops.

Jeffrey noticed officers holding a picture of her friend from Boston. She recognized the picture from one of their Web chats. "I was totally stunned," Jeffrey said. "I said, 'How did you get that?'"

Absolute Software's LoJack technology goes beyond tracking. It allows the company to tap into a computer and access files, pictures and essentially anything on the laptop.

"I was just totally stunned," Jeffrey said. "I could barely talk. I just couldn't believe that you could sit in America and be tapped into your own (computer), in the privacy of your own living room." (more, with video)

While LoJack is a good product, it can produce unexpected consequences.

Worse, your new "used" laptop could also be deliberately outfitted with criminal spyware. Blackmail, business secret loss, identity theft and credit card fraud are the unexpected consequences here. These costs can't be pre-calculated.

Expect the unexpected. Be sure to add the cost of having your new "used" laptop - professionally - sanitized to the final purchase price. ~ Kevin

"Chineeesee spy museum. Now, you go away!"

China - A new Chinese spy museum exhibits guns disguised as lipstick, hollowed-out coins used to conceal documents and maps hidden as a deck of cards.

What you won't find there, however, are foreigners.


A sign outside the Jiangsu National Security Education Museum in a park in the eastern city of Nanjing states that
only Chinese citizens are allowed inside, a policy designed to keep the communist regime's cloak and dagger methods secret — no matter how timeworn they may be.

"
We don't want such sensitive spy information to be exposed to foreigners, so they are not allowed to enter," a spokeswoman for the museum, who would only give her surname as Qian, told The Associated Press by telephone. (more)

SpyCam Story #526 - Up-see Daisy

GA - Police say a Loganville man was caught filming up the skirt of a female shopper Sunday at a Home Depot - and that it doesn't appear to be the first time he's done so.

Police have charged Joseph Davidson, 35, with felony eavesdropping for allegedly recording the lewd footage via a palm-size, home video camera concealed in a flower pot. (more)

Thursday, April 30, 2009

Reflect on this... Visual Eavesdropping

I began warning my city clients about visual eavesdropping back in the 1970's. I still do today. My concern then was not computer screens; clients didn't have them.

My concern was lip reading, and it wasn't theoretical. We had a case where this was the method of eavesdropping. The president had a corner office on Park Avenue. Big glass windows. Scores of vantage point offices across the street. We caught them in the act.


The visual eavesdropping info-target is bigger these days. Lip reading concerns have expanded to concerns about: whiteboard / projection / computer screen reading and now... reading the reflections off of shiny objects in the room. ~ Kevin

via Scientific American...
"Through the eyepiece of Michael Backes’s small Celestron telescope, the 18-point letters on the laptop screen at the end of the hall look nearly as clear as if the notebook computer were on my lap.

I do a double take.

Not only is the laptop 10 meters (33 feet) down the corridor, it faces away from the telescope. The image that seems so legible is a reflection off a glass teapot on a nearby table.

In experiments here at his laboratory at Saarland University in Germany, Backes has discovered that an alarmingly wide range of objects can bounce secrets right off our screens and into an eavesdropper’s camera. Spectacles work just fine, as do coffee cups, plastic bottles, metal jewelry—even, in his most recent work, the eyeballs of the computer user. The mere act of viewing information can give it away." (
more)

Monday, April 27, 2009

"Dude, let's go for a drive!"

"There are going to be thousands of victims." Anthony Muzichenko, the owner of L.A. Management, who lost 25 computers.

CA - In a bold, systematic hit on a landmark Ventura Boulevard office building,
burglars stole scores of computers from at least 60 of the 80 businesses there, taking machines containing sensitive legal documents, credit card numbers and the tax information of thousands of people, police said Saturday.

The overnight theft at the Chateau Office Building in Woodland Hills
left accountants, a talent agent, property management companies, attorneys and other businesses in the three-story structure scrambling to assess their losses as police scoured the premises... Several concluded that the thieves' target must have been the information contained on their hard drives, not property.

In one office, a pile of hard drives had been stacked in a corner, ready to be hauled out... thieves left a backup drive, positioned atop the server, leading him to believe that the theft was aimed at "the information, definitely. The computers by themselves are not worth much."

One businessman said the credit card numbers of 7,000 clients were stolen. Accountant Richard Levy said his stolen computer held the tax documents of 800 clients. Attorney Marshall Bitkower said only three computers were taken from his office, but "they had all kinds of stuff. Everything: people's names, credit cards, clients, e-mails back and forth -- who knows what."

Muzichenko, a talent manager, said that when he heard the news he was "very hysterical. I was crying. I have to restore my business." (
more)

Moral: Backup and Encrypt.

History of U.S. Privacy - Ben Franklin's Web Site

via amazon.com...
Ben Franklin's Web Site: Privacy and Curiosity from Plymouth Rock to the Internet
This book explores the hidden niches of American history to discover the tug between Americans' yearning for privacy and their insatiable curiosity.

The book describes
Puritan monitoring in Colonial New England, then shows how the attitudes of the founders placed the concept of privacy in the Constitution. This panoramic view continues with the coming of tabloid journalism in the Nineteenth Century, and the reaction to it in the form of a new right - the right to privacy.

The book includes
histories of wiretapping, of credit reporting, of sexual practices, of Social Security numbers and ID cards, of modern principles of privacy protection, and of the coming of the Internet and the new challenges to personal privacy it brings. (more)