via Wired...
Yet another breach of sensitive, unencrypted data is making news in the United Kingdom. This time the breach puts Royal Air Force staff at serious risk of being targeted for blackmail by foreign intelligence services or others.
The breach involves audio recordings with high-ranking air force officers who were being interviewed in-depth for a security clearance. In the interviews, the officers disclosed information about extra-marital affairs, drug abuse, visits to prostitutes, medical conditions, criminal convictions and debt histories — information the military needed to determine their security risk.
The recordings were stored on three unencrypted hard drives that disappeared last year. (more) (more) (heading quote)
Sunday, May 31, 2009
Can't Touch This! ~MIB
DC - This part happens all the time: A construction crew putting up an office building in the heart of Tysons Corner a few years ago hit a fiber optic cable no one knew was there. This part doesn't: Within moments, three black sport-utility vehicles drove up, a half-dozen men in suits jumped out and one said, "You just hit our line."
Whose line, you may ask? The guys in suits didn't say, recalled Aaron Georgelas, whose company, the Georgelas Group, was developing the Greensboro Corporate Center on Spring Hill Road. But Georgelas assumed that he was dealing with the federal government and that the cable in question was "black" wire -- a secure communications line used for some of the nation's most secretive intelligence-gathering operations.
"The construction manager was shocked," Georgelas recalled. "He had never seen a line get cut and people show up within seconds. Usually you've got to figure out whose line it is. To garner that kind of response that quickly was amazing." (more) (sing-a-long)...and then he forgot all about it.
Friday, May 29, 2009
Everything You Need to Know about Electronic Eavesdropping Detection for Business
“Should we be checking check for bugs and wiretaps, or am I just being paranoid?”This thought would not have occurred to you if everything were fine. Trust your instincts. Something is wrong. Eavesdropping is a common practice; so are regular inspections to detect it.
You never hear about successful eavesdropping or espionage attacks. You’re not supposed to. It’s a covert act. Eavesdropping and espionage is invisible. Discovery relies heavily on the victim’s intuition and preparedness to handle the problem. Prevention—via regular inspections—is the logical and cost-effective solution.
Spying Is a Common Activity
Due to the covert nature of spying, the exact... (Full Article)
Wednesday, May 27, 2009
How do you sell end to end data encryption?
With the world's coolest data breach map!
Guaranteed to scare the dollars out of any tight-fisted CFO. ~Kevin
Round of applause to the curators of
The Museum of Bitten Bytes...
DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The effort is now a community one, and with the move to Open Security Foundation's DataLossDB.org, asks for contributions of new incidents and new data for existing incidents.
Guaranteed to scare the dollars out of any tight-fisted CFO. ~Kevin
Round of applause to the curators of
The Museum of Bitten Bytes...
DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The effort is now a community one, and with the move to Open Security Foundation's DataLossDB.org, asks for contributions of new incidents and new data for existing incidents.
Tuesday, May 26, 2009
Police bugging incident claims another cop
MN - Another member of the Gaylord Police Department is on paid administrative leave in an alleged "bugging" scheme.
The Gaylord City Council has voted unanimously to place Officer Tom Webster on leave until further notice. The move stems from charges filed against Gaylord Police Chief Dale Roiger over allegations that he had Webster plant a recording device in the Gaylord Chamber of Commerce office two years ago. (more) (background)
Napoleon Returns to Face Eavesdropping Charge
IL - A man who ran from a sentencing hearing and spent 10 years in Missouri returned to a Illinois courtroom on Friday to face the same judge. The judge gave him three years in prison and a scolding...Authorities say Napoleon Williams, now 54 years old, made audio tapes of two people and broadcast their words without their consent on an independent radio station.
In 1998, a jury found him guilty of felony eavesdropping. (more)
The rest of the story...
The "broadcasts" Napoleon made were over his pirate FM radio station, "BLR" Black Liberation Radio. It only covered about a 10 block area of town. While I was there, I heard several of these broadcasts. The story of Napoleon's station and his dealings with the FCC and local law enforcement are the real story.
In 1999, just before he was about to be sentenced, Napoleon vanished. He wrote letters explaining his case. You can find them posted on the Net. He remained underground until now.
People may disagree with his views and tactics, but all should agree that he has a place in history. He is one of the founders of the U.S. microradio movement. Low-power FM radio is legal today. (more) (more) (more)
FutureWatch - ChipCam
A MICROCHIP-sized digital camera patented by the California Institute of Technology could provide vision for the US military's insect-sized aircraft. It is light enough to be carried by these tiny surveillance drones and also uses very little power.Caltech's Jet Propulsion Lab in Pasadena has squeezed all the components of a camera onto one low-power chip, revealed in a US patent filed last week.
The gadget can be radio-controlled via a secure frequency-hopping link from up to a kilometre away, say its inventors. (more)
Spy Needs New Home
MT - A Cold War spy plane with three tail fins and a hump on the fuselage needs a new home after being parked in Helena since 1981.The retired EC-121, a version of which transported President Eisenhower from 1954-61, flew here 28 years ago for use in aviation maintenance classes. The military adaptation of the Lockheed Constellation taxied now and then, but mostly it has stood idle next to a hangar at the University of Montana's Helena College of Technology.
The college no longer wants the old Air Force plane... equipped to snoop on enemy aircraft during the Cold War that followed World War II. The surveillance planes carried radar in domes atop and below the fuselage. (more)
Cool SpyCam... Except, you don't smoke!
Lighter Spy Camcorder with built-in 2GB memory, recharegable Li-ion battery, light weight and easy to carry design. $66.00 (more) Soooo, if you don't smoke, how about a nice key chain camera? (more)
Why do we mention it?So you will know what you're up against.
Simple Clues May Indicate Cell Phone Bugging
Watch out for:
• Unexplained drops in battery power.
• Random screen flashes.
• Unusual billing activity.
• Text messages with random numbers and symbols.
Of course, lock your phone with a password and pop out the battery (if you can) for added security. (more)
• Unexplained drops in battery power.
• Random screen flashes.
• Unusual billing activity.
• Text messages with random numbers and symbols.
Of course, lock your phone with a password and pop out the battery (if you can) for added security. (more)
Background Check Goes Undercover
Croatia - The manager of a Croatian subsidiary of Germany's Deutsche Telekom has said she will sue the parent company after a report that it spied on her sex life, Croatian media reported on Tuesday...
Deutsche Telekom said last week it did not routinely commission reports on the private lives of potential staff, although the allegations are the latest in a series of scandals to have rocked the company. (more)
Last year, authorities informed Schroeder that Deutsche Telekom had secretly combed through his cellphone records, apparently to root out the source of leaks to the news media. Schroeder, a union representative on the company's board of supervisors, was stunned. (more)
Deutsche Telekom said last week it did not routinely commission reports on the private lives of potential staff, although the allegations are the latest in a series of scandals to have rocked the company. (more)
Last year, authorities informed Schroeder that Deutsche Telekom had secretly combed through his cellphone records, apparently to root out the source of leaks to the news media. Schroeder, a union representative on the company's board of supervisors, was stunned. (more)
"While you're down there, check on the Constitution."
The National Archives lost a computer hard drive containing Clinton administration records, including personal data of staffers and visitors, officials said.
Archives officials say they don't know how many confidential records -- including Social Security numbers -- are on the external hard drive, CNN reported.
Congressional aides briefed on the matter said the drive had "more than 100,000" Social Security numbers, including one for a daughter of then-Vice President Al Gore, as well as Secret Service and White House operating procedures. (more)
Acting National Archives director Adrienne Thomas is being pilloried for Tuesday's revelation that the library has misplaced a hard drive containing enough Clinton administration data—including Social Security numbers, addresses, and Secret Service operating procedures—to fill literally millions of books. But important government documents have walked out of the storied library before—and not just in a Nicolas Cage movie. Despite a security system worthy of an adventure flick, the National Archives and Records Administration has long been a prime target for pilfering. (more)
Archives officials say they don't know how many confidential records -- including Social Security numbers -- are on the external hard drive, CNN reported.Congressional aides briefed on the matter said the drive had "more than 100,000" Social Security numbers, including one for a daughter of then-Vice President Al Gore, as well as Secret Service and White House operating procedures. (more)
Acting National Archives director Adrienne Thomas is being pilloried for Tuesday's revelation that the library has misplaced a hard drive containing enough Clinton administration data—including Social Security numbers, addresses, and Secret Service operating procedures—to fill literally millions of books. But important government documents have walked out of the storied library before—and not just in a Nicolas Cage movie. Despite a security system worthy of an adventure flick, the National Archives and Records Administration has long been a prime target for pilfering. (more)
Saturday, May 23, 2009
Hobbiest Spies
In the propaganda blitz that followed North Korea's missile launch last month, the country's state media released photos of leader Kim Jong Il visiting a hydroelectric dam and power station.Images from the report showed two large pipes descending a hillside. That was enough to allow Curtis Melvin, a doctoral candidate at George Mason University in suburban Virginia, to pinpoint the installation on his online map of North Korea.
Mr. Melvin is at the center of a dozen or so citizen snoops who have spent the past two years filling in the blanks on the map of one of the world's most secretive countries. Seeking clues in photos, news reports and eyewitness accounts, they affix labels to North Korean structures and landscapes captured by Google Earth, an online service that stitches satellite pictures into a virtual globe. The result is an annotated North Korea of rocket-launch sites, prison camps and elite palaces on white-sand beaches. "It's democratized intelligence," says Mr. Melvin. (more)
FutureWatch - 100% Vehicle Tracking
UK - A national network of cameras and computers automatically logging car number plates will be in place within months...
Thousands of Automatic Number Plate Recognition cameras are already operating on Britain's roads. Police forces across England, Wales and Scotland will soon be able to share the information on one central computer. Officers say it is a useful tool in fighting crime, but critics say the network is secretive and unregulated.
Kent's Chief Constable, Michael Fuller, commented: "We've seen an increase of some 40% of arrests since we've been using this technology. "I'm very confident that we're using it properly and responsibly, and that innocent people have nothing to fear from the way we use it." (more)
Remember the uproar over how RFID toll tags (E-ZPass, FasTrak, I-Pass, etc.) were a threat to privacy? No? Oh well, that was back near the top of the slope. Slippery, isn't it? Hey, what's that down there? Wow, a remote DNA reader!
Thousands of Automatic Number Plate Recognition cameras are already operating on Britain's roads. Police forces across England, Wales and Scotland will soon be able to share the information on one central computer. Officers say it is a useful tool in fighting crime, but critics say the network is secretive and unregulated.
Kent's Chief Constable, Michael Fuller, commented: "We've seen an increase of some 40% of arrests since we've been using this technology. "I'm very confident that we're using it properly and responsibly, and that innocent people have nothing to fear from the way we use it." (more)Remember the uproar over how RFID toll tags (E-ZPass, FasTrak, I-Pass, etc.) were a threat to privacy? No? Oh well, that was back near the top of the slope. Slippery, isn't it? Hey, what's that down there? Wow, a remote DNA reader!
Wednesday, May 20, 2009
"Social engineering has become the confidence trick of the 21st century."
TSCM is an acronym for Technical Surveillance Countermeasures; inspecting for bugs, wiretaps, etc.. It is a standard tool used to protect an organization's information.
Thwarting human trickery (social engineering) is also defense tool. Good information security consultants take both into account when designing information protection programs.
The BBC recently reported...
Have you ever wondered whether that unfamiliar face in the office is actually an intruder about to steal your data? Probably not, but maybe it is time to think again.
At one FTSE-listed financial institution the managing director himself opened the door to a stranger who, within 20 minutes of gaining entry to the building, had found a highly sensitive document outlining a half a billion pound merger lying on a desk.
Luckily, on this occasion, the data was not used for nefarious purposes because the intruder was Colin Greenlees, a consultant of Siemens Enterprise Communications.
He was there at the request of the firm's IT director to test the resilience of the company to social engineering attacks.
In a similar experiment conducted at the BBC, Mr Greenlees targeted five BBC employees. Pretending to be an IT engineer - with the prior permission of BBC bosses - he managed to obtain all of their usernames and passwords with a simple phone call. (more)
Thwarting human trickery (social engineering) is also defense tool. Good information security consultants take both into account when designing information protection programs.
The BBC recently reported...
Have you ever wondered whether that unfamiliar face in the office is actually an intruder about to steal your data? Probably not, but maybe it is time to think again.
At one FTSE-listed financial institution the managing director himself opened the door to a stranger who, within 20 minutes of gaining entry to the building, had found a highly sensitive document outlining a half a billion pound merger lying on a desk.
Luckily, on this occasion, the data was not used for nefarious purposes because the intruder was Colin Greenlees, a consultant of Siemens Enterprise Communications.
He was there at the request of the firm's IT director to test the resilience of the company to social engineering attacks.
In a similar experiment conducted at the BBC, Mr Greenlees targeted five BBC employees. Pretending to be an IT engineer - with the prior permission of BBC bosses - he managed to obtain all of their usernames and passwords with a simple phone call. (more)
Subscribe to:
Posts (Atom)