As millions of Internet users continue scouring the Web for videos of Erin Andrews, the ESPN sportscaster who was surreptitiously filmed naked in a hotel room, amateur and professional sleuths looking for a culprit now contend that there are actually multiple clips which appear to have been filmed in at least two different locations....
The grainy images shot through what appears to be a makeshift hole in a wall, show Andrews undressing and appearing nude in an unknown hotel room, apparently unaware that she is being filmed...
The Web site TMZ.com has viewed several pieces of footage and surmised there are six separate clips circulating online, four filmed at one hotel and two from a second.
According to the site, the first set of videos was filmed through a round hole, and the second set filmed through a jagged hole. There is reportedly different furniture in each of the rooms.
TMZ speculates that the alleged peeping tom was someone -- possibly an ESPN employee -- who had knowledge of Andrews' schedule. (more)
Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."
Wednesday, July 22, 2009
Missing iPhone Leads to Suicide
Police in the southern Chinese city of Shenzhen are investigating the suicide of an employee of Hon Hai Precision Industry Co., which assembles the popular iPhone for Apple Inc....
Sun Danyong, a recent engineering graduate, jumped out of the window of his apartment last Thursday. The reports said Sun, who had been tasked with sending iPhone prototypes to Apple, had been under suspicion for stealing after one of the handsets went missing. Some publications reported that, in the days prior to his suicide, Sun had been detained and beaten by a senior official in the security department of the Taiwan-based electronics manufacturing giant.
Hon Hai also said it suspended a security official who had questioned Mr. Sun before his death. The security official couldn't be reached for comment...
Apple is known for requiring suppliers to sign contracts that impose hefty financial penalties if they are found to have leaked sensitive information. (more) (more)
Sun Danyong, a recent engineering graduate, jumped out of the window of his apartment last Thursday. The reports said Sun, who had been tasked with sending iPhone prototypes to Apple, had been under suspicion for stealing after one of the handsets went missing. Some publications reported that, in the days prior to his suicide, Sun had been detained and beaten by a senior official in the security department of the Taiwan-based electronics manufacturing giant.
Hon Hai also said it suspended a security official who had questioned Mr. Sun before his death. The security official couldn't be reached for comment...
Apple is known for requiring suppliers to sign contracts that impose hefty financial penalties if they are found to have leaked sensitive information. (more) (more)
Tuesday, July 14, 2009
The Berry Patch
UAE - The battery-sapping "performance patch" that Etisalat sent to its BlackBerry subscribers over the last few days was designed to give the UAE operator the ability to read its customers emails and text messages, a Qatar-based software expert told CommsMEA yesterday.
Last week, Etisalat told its 100,000 BlackBerry subscribers that a "performance enhancement patch" would be sent to them to "provide the best BlackBerry service and ultimate experience". But users who downloaded the software complained of dramatically reduced battery life and slower than usual performance of their devices.
Nigel Gourlay, a Doha-based Sun-certified Java programmer who has been developing open source software for 15 years, analysed the patch after it was posted on BlackBerry’s community support forum and he said that once installed, it potentially gives Etisalat the power to view all emails and text messages sent from the BlackBerry. (more)
FutureWatch - Governments may make the manufacturer or carrier pre-load this capability as a condition of doing business in that country.
Last week, Etisalat told its 100,000 BlackBerry subscribers that a "performance enhancement patch" would be sent to them to "provide the best BlackBerry service and ultimate experience". But users who downloaded the software complained of dramatically reduced battery life and slower than usual performance of their devices.
Nigel Gourlay, a Doha-based Sun-certified Java programmer who has been developing open source software for 15 years, analysed the patch after it was posted on BlackBerry’s community support forum and he said that once installed, it potentially gives Etisalat the power to view all emails and text messages sent from the BlackBerry. (more)
FutureWatch - Governments may make the manufacturer or carrier pre-load this capability as a condition of doing business in that country.
What CEOs Don't Know About Cybersecurity
A new study hints at how often cyberthreats aren't communicated to the boss.
Being the chief executive has its privileges. And one of them may be a blissful ignorance of your company's data breach risks.
According to a study to be released Tuesday by the privacy-focused Ponemon Institute, companies' chief executives tend to value cybersecurity just as--if not more--highly than their executive colleagues. But compared to lower-level execs, CEOs also tend to underestimate the frequency of cyberthreats their organization faces. (more)
Having observed the scene for over 30 years, these findings may be extended to include any technical threat to information security.
Quote of the Day -- "We don't know how much filtering of bad news happens that keeps CEOs from hearing some of the darker secrets." ~ Dr. Larry Ponemon
Being the chief executive has its privileges. And one of them may be a blissful ignorance of your company's data breach risks.
According to a study to be released Tuesday by the privacy-focused Ponemon Institute, companies' chief executives tend to value cybersecurity just as--if not more--highly than their executive colleagues. But compared to lower-level execs, CEOs also tend to underestimate the frequency of cyberthreats their organization faces. (more)
Having observed the scene for over 30 years, these findings may be extended to include any technical threat to information security.
Quote of the Day -- "We don't know how much filtering of bad news happens that keeps CEOs from hearing some of the darker secrets." ~ Dr. Larry Ponemon
ESC Highlights Growing Espionage Threat
Some items from the latest issue of Employee Security Connection...
Corporate Espionage Rising: All told, U.S. businesses lose up to $250 billion in revenue as well as 750,000 jobs annually. To help your employees do their part to fight spying and insider risks, we explain the basic types of threats-both technical and non-technical.
Security Risks R Us: Think your employees know their stuff when it comes to spying? Here we offer a quick quiz for your employees to assess their security savvy.
Foreign Affairs: You'll want your employees to take note of this recent case in which a contractor lost his security clearance and went to jail for failing to report his relationship with a Chinese national.
Be Safe When Traveling Overseas: Whether your employees are packing for a pleasure trip or just hoping to do some sightseeing in conjunction with business travel, we provide some timely tips to help them prepare. (q.v. Staying Safe Abroad)
Security Directors...
Employee Security Connection is a quarterly awareness newsletter, developed by the National Security Institute to help educate employees to the risks and security responsibilities for protecting classified and proprietary information. Four quarterly issues, 8 pages each, in Adobe PDF format. Customized with your logo. One subscription allows organization-wide distribution rights (e-mail, intranet or print). They do all the work. You get all the credit. Easy!
Corporate Espionage Rising: All told, U.S. businesses lose up to $250 billion in revenue as well as 750,000 jobs annually. To help your employees do their part to fight spying and insider risks, we explain the basic types of threats-both technical and non-technical.
Security Risks R Us: Think your employees know their stuff when it comes to spying? Here we offer a quick quiz for your employees to assess their security savvy.
Foreign Affairs: You'll want your employees to take note of this recent case in which a contractor lost his security clearance and went to jail for failing to report his relationship with a Chinese national.
Be Safe When Traveling Overseas: Whether your employees are packing for a pleasure trip or just hoping to do some sightseeing in conjunction with business travel, we provide some timely tips to help them prepare. (q.v. Staying Safe Abroad)
Security Directors...
Employee Security Connection is a quarterly awareness newsletter, developed by the National Security Institute to help educate employees to the risks and security responsibilities for protecting classified and proprietary information. Four quarterly issues, 8 pages each, in Adobe PDF format. Customized with your logo. One subscription allows organization-wide distribution rights (e-mail, intranet or print). They do all the work. You get all the credit. Easy!
Japanese scientists to build robot insects
Japan - Police release a swarm of robot-moths to sniff out a distant drug stash. Rescue robot-bees dodge through earthquake rubble to find survivors.These may sound like science-fiction scenarios, but they are the visions of Japanese scientists who hope to understand and then rebuild the brains of insects and program them for specific tasks.
Ryohei Kanzaki, a professor at Tokyo University's Research Centre for Advanced Science and Technology, has studied insect brains for three decades and become a pioneer in the field of insect-machine hybrids. (more)
Friday, July 10, 2009
Negative feedback, buyer claims he was arrested.
A Chinese national was indicted this week for conspiring to violate U.S. export law, following a nearly three-year investigation into his alleged efforts to acquire sensitive military and NSA-encryption gear from eBay and other internet sources.
Chi Tong Kuok, of Macau, told Defense Department and Customs investigators that he had been “acting at the direction of officials for the People’s Republic of China,” according to a government affidavit in the case. “Kuak indicated he and PRC officials sought the items to figure out ways to listen to or monitor U.S. government and military communications.” (more) (sing-a-long)
Chi Tong Kuok, of Macau, told Defense Department and Customs investigators that he had been “acting at the direction of officials for the People’s Republic of China,” according to a government affidavit in the case. “Kuak indicated he and PRC officials sought the items to figure out ways to listen to or monitor U.S. government and military communications.” (more) (sing-a-long)
You know spying is a major problem when...
...Forbes Magazine is hawking spy gear on their Web site.
(Click to enlarge)
Follow-up: Murdock Phone Tap Scandal
via Politics Daily... The Guardian broke a story revealing that Rupert Murdoch's News Group Newspapers has paid out more than 1 million pounds in court costs after its journalists were accused of involvement in phone tapping.The journalists allegedly hired private investigators to hack into the mobile phones of public figures ranging from former deputy prime minister John Prescott to supermodel Elle McPherson, as well as numerous other politicians, sports stars and actors. The investigators allegedly gained access to all sorts of confidential information about these people, including tax records, bank statements and social security files...
...one of Murdoch's former editors at the News of the World says that this scandal constitutes one of the major media stories of modern times.
First, it suggests that such behavior -- if shown to be true -- was not the result of a few rogue reporters but a systemic policy in the newsroom, opening the paper up to the possibility of a class-action lawsuit.
Second, the scandal also threatens to embroil the Metropolitan police -- who apparently did not alert all those whose phones were targeted -- as well as the Crown Prosecution Service, which did not pursue all possible charges against News Group personnel. Finally, even Conservative party leader David Cameron could be tainted by this one: The party's chief of communications, Andy Coulson, was an editor at the News of the World when the alleged wire-tapping took place. Murdoch, for his part, maintains that he knew nothing about any of this.
This morning, the Commons Culture, Media and Sports Committee of the British Parliament announced it is launching an official investigation into the use of illegal surveillance techniques. (more)
Thursday, July 9, 2009
Does your Security Program Include TSCM?
If not, your corporate strategies are about this well protected.Add TSCM / Eavesdropping Detection Audits to your security program.
Contact a qualified specialist, today. ~Kevin
Security Director Alert - "Get me some dirt on..."
Electronic eavesdropping and wiretapping attacks are coming at you from all angles: competitors, disgruntled employees, unions, foreign governments, activists, and the media. Here is a high-profile example of media spying...
Rupert Murdoch's News Group News papers has paid out more than £1m to settle legal cases that threatened to reveal evidence of his journalists' repeated involvement in the use of criminal methods to get stories.
The payments secured secrecy over out-of-court settlements in three cases that threatened to expose evidence of Murdoch journalists using private investigators who illegally hacked into the mobile phone messages of numerous public figures to gain unlawful access to confidential personal data, including tax records, social security files, bank statements and itemised phone bills.
Cabinet ministers, MPs, actors and sports stars were all targets of the private investigators.
How pervasive was this snooping?
...one senior source at the Met told the Guardian that during the Goodman inquiry, officers found evidence of News Group staff using private investigators who hacked into "thousands" of mobile phones. Another source with direct knowledge of the police findings put the figure at "two or three thousand" mobiles. (more) (more)
Rupert Murdoch's News Group News papers has paid out more than £1m to settle legal cases that threatened to reveal evidence of his journalists' repeated involvement in the use of criminal methods to get stories. The payments secured secrecy over out-of-court settlements in three cases that threatened to expose evidence of Murdoch journalists using private investigators who illegally hacked into the mobile phone messages of numerous public figures to gain unlawful access to confidential personal data, including tax records, social security files, bank statements and itemised phone bills.
Cabinet ministers, MPs, actors and sports stars were all targets of the private investigators.
How pervasive was this snooping?
...one senior source at the Met told the Guardian that during the Goodman inquiry, officers found evidence of News Group staff using private investigators who hacked into "thousands" of mobile phones. Another source with direct knowledge of the police findings put the figure at "two or three thousand" mobiles. (more) (more)
"Passwords? We don't need no stinkin'..."
Kon-Boot for Windows enables logging in to any password protected machine profile without without any knowledge of the password. There is also a version for Linux. Sounds dangerous. Stay tuned. Freeware download.Security Director Recommendation - One possible corporate environment solution; lock out USB ports and CD drives.
Spy Cheap... at The International Spy Museum
The International Spy Museum Store is having a great summer sale! Up to 50% Off + Free Ground Shipping on Orders Over $50.Very Practical...
Metrosafe Anti-Theft Computer Bag
Product Facts: When you have top-secret data to deliver, there may be spies lurking around the dead drop, waiting to lift your laptop. That’s where the Metrosafe delivers. It looks like a regular laptop case, but its security features elevate it to an effective anti-theft device. It has tamper-proof, lockable
zippers and a wire-reinforced, slash-proof shoulder strap with a built-in combination lock. (You can anchor the strap around a secure object like a table leg.) Its front and bottom panels are also slash-proof to protect against knife-wielding spies. Designed with a fully padded laptop compartment with two organizer pockets, a front zippered organizer pocket and two padded pockets to hold a cell phone, PDA, camera, or MP3 player. Fits most 13” laptops. Technical Data: 840-denier ballistic nylon/high-tensile steel wire. Black. 12” x 13-1/2” x 4”. 2 lbs., 3 oz. (33% off)
Tuesday, July 7, 2009
Why Business Espionage is Epidemic
Business espionage has kept me in business for over 30 years now. I help organizations uncover it and stop it - before they suffer expensive losses. Eavesdropping and wiretap detection is a key component to corporate counterespionage efforts because they are the easiest espionage red flags to spot.
This is what I have learned over the years.
Business espionage is rampant due to...
1. Low cost of entry.
2. High rate of return.
3. Low probability of detection.
4. Lower probability of prosecution.
5. Even lower probability of meaningful punishment.
Example...
David A. Goldenberg, ex vice president of AMX, was arrested following a six week investigation and was charged with Unlawful Access of a Computer System/Network, Unlawful Access of Computer Data/Theft of Data and Conducting an Illegal Wiretap. On May 11 he entered a plea of guilty to felony wiretapping.
The investigation revealed that, while an employee of AMX, Goldenberg had infiltrated the email accounts of Sapphire Marketing, a sales representative for Crestron. He was intercepting emails related to potential contracts, which afforded him advanced knowledge of Sapphire's customers and bid prices affording him an opportunity to underbid them. He then established a free email account and created an automatic forward of the victim's email to that address.
He has been sentenced to three years probation, including psychological counseling, and will have to pay an undisclosed fine. The maximum sentence for the crime is five years in prison but Goldenberg has managed to avoid any jail time. (more)
In this case, damage was done. Their information and strategies were taken and used against them. The loss was expensive.
Call me if your company would like to know how to detect espionage problems before they get to this stage. ~ Kevin
This is what I have learned over the years.
Business espionage is rampant due to...
1. Low cost of entry.
2. High rate of return.
3. Low probability of detection.
4. Lower probability of prosecution.
5. Even lower probability of meaningful punishment.
Example...
David A. Goldenberg, ex vice president of AMX, was arrested following a six week investigation and was charged with Unlawful Access of a Computer System/Network, Unlawful Access of Computer Data/Theft of Data and Conducting an Illegal Wiretap. On May 11 he entered a plea of guilty to felony wiretapping.
The investigation revealed that, while an employee of AMX, Goldenberg had infiltrated the email accounts of Sapphire Marketing, a sales representative for Crestron. He was intercepting emails related to potential contracts, which afforded him advanced knowledge of Sapphire's customers and bid prices affording him an opportunity to underbid them. He then established a free email account and created an automatic forward of the victim's email to that address.
He has been sentenced to three years probation, including psychological counseling, and will have to pay an undisclosed fine. The maximum sentence for the crime is five years in prison but Goldenberg has managed to avoid any jail time. (more)
In this case, damage was done. Their information and strategies were taken and used against them. The loss was expensive.
Call me if your company would like to know how to detect espionage problems before they get to this stage. ~ Kevin
Subscribe to:
Posts (Atom)