Business Espionage - Government Bugs Taps & Hacks

UK - The security service MI5 has accused China of bugging and burgling UK business executives and setting up “honeytraps” in a bid to blackmail them into betraying sensitive commercial secrets...

The warning to British businessmen adds: “Hotel rooms in major Chinese cities, such as Beijing and Shanghai, which are frequented by foreigners, are likely to be bugged ... hotel rooms have been searched while the occupants are out of the room.”  

It warns that British executives are being targeted in China and in other countries. “During conferences or visits to Chinese companies you may be given gifts such as USB devices or cameras. There have been cases where these ‘gifts’ have contained Trojan devices and other types of malware.” (more)

The Bigger Picture - Many countries engage in business espionage. Bug and wiretap attacks happen more in the business's country than in the spying country – that's where the strategic conversations are held. If your organization does not have a coherent counterespionage strategy yet, consult with a specialist before your pockets are picked, and your executives fall victim to blackmail. Good start... Regularly scheduled inspections of your offices for electronic surveillance devices an espionage vulnerabilities.

Detecting Unwanted Cell Phone Use

There are places when you just don't want cellular communications... financial trading floors, certain hospital areas, conference and Board rooms where sensitive meetings are held, to name a few. "What's the solution?"

Forget the obvious. Although radio-frequency jamming gadgets are easy to obtain, they are not legal here in the United States.

Here is what you can do...

• Establish a written "no wireless" policy for your organization.

• Set up a system for storing electronic communications gadgets before allowing entry into a secured area.

• Alternatively, ask people to turn off their communications devices.

• Monitor compliance. "How?"

Here are two detection methods...

General Alert - Install a low-cost cellular receiver (SureSafe, pictured above). It will trip an alarm, turn on a light, or make a voice announcement whenever it detects a cellular transmission within its 1-20 meter range. (more)

Specific Alert - This pricier system, called AirPatrol, can pinpoint on a computer map (to ≈2 meters) where the offending device is located. It can also be used to locate rogue Wi-Fi devices. Very cool! (more)

Press Tapper Convicted

Italy - Giuliano Mignini, the chief prosecutor in the Meredith Kercher trial, has been convicted of abuse of office and bugging the phones of journalists. 

Mr Mignini, who succeeded in having the American student Amanda Knox jailed for 26 years for murdering her British flatmate in Perugia in 2007, was convicted in relation to a separate case regarding a notorious serial killer known as the Monster of Florence.

He was sentenced by a Florence court to a year and four months in prison, but will remain free pending the two stages of appeal available to him under Italian law and will be allowed to continue working. (more)

ZigBee Eavesdropping

Software error in ZigBee radio modules facilitates eavesdropping.

As reported by developer Travis Goodspeed on his blog, a weakness in the way Z-Stack, Texas Instruments' open source wireless communication protocol stack used in its ZigBee radio modules, generates pseudo-random numbers makes it easier for an attacker to eavesdrop on encrypted communications. This is not the first occasion on which Goodspeed has hit the headlines for his cryptographic analyses of ZigBee modules.

The weakness allows attackers to eavesdrop on wireless communications for devices such as automation systems and sensors and potentially even to access these devices. The vulnerability is of particularly concern in view of the widespread use of smart electricity meters in the USA. Some electricity providers use ZigBee to transfer data from electricity meters to base stations. (more)

Wiretapping at the DMV

A published report says North Carolina's former Division of Motor Vehicles commissioner had telephone equipment installed that would let them eavesdrop on calls to any phone line at the agency's headquarters. The News & Observer of Raleigh reported Friday that the technician who installed the equipment testified about the system before a federal grand jury. George Tatum, who resigned as DMV commissioner in 2007, did not respond to phone messages and an e-mail seeking comment Friday. (more)

UPDATE

Federal authorities are investigating whether the former commissioner of the state Division of Motor Vehicles illegally wiretapped the phone calls of agency employees.

George Tatum, who resigned in 2007 amid a corruption scandal, had a special telephone in his office that allowed him to listen in on the calls of his subordinates without their knowledge, according to current DMV officials. Greg Lockamy, who retired unexpectedly last year after serving as the agency's internal affairs director, also had a phone set up for secret eavesdropping.

State law forbids intercepting phone calls without a warrant unless at least one person in the conversation is aware the monitoring is taking place.

Tatum, now the director of emergency management at Fayetteville State University, did not respond to repeated requests for comment this week...

Brent Parrish, a telephone technician at DMV, was subpoenaed to appear before the federal grand jury hearing evidence in a wide-ranging investigation of former Gov. Mike Easley. Parrish said Tuesday he testified Sept. 16 about the special features on Tatum's phone...

Parrish, the technician, said the DMV phone system allows managers supervising the agency's call center to monitor conversations with the public. Those calling the DMV with questions about license renewal and other issues hear a recorded disclaimer informing them their calls might be monitored for quality assurance.

Parrish said Tatum and Lockamy also had the function installed on their phones, allowing them to listen in on any phone line at DMV headquarters, including those of other high-ranking administrators.

The technician said the function allowed Tatum to program his phone so that a "busy light" would indicate when particular lines were in use. The commissioner could then pick up his phone and press a button to listen to the call, with his handset automatically muted. Those on the line would have no indication their call was monitored. (more)

Espionage Flash: Wiretappers Caught in the Act

LA - Alleging a plot to wiretap Democratic Sen. Mary Landrieu's office in the Hale Boggs Federal Building in downtown New Orleans, the FBI arrested four people Monday, including James O'Keefe, a conservative filmmaker whose undercover videos at ACORN field offices severely damaged the advocacy group's credibility.

Also arrested were Joseph Basel, Stan Dai and Robert Flanagan, all 24. Flanagan is the son of William Flanagan, who is the acting U.S. Attorney for the Western District of Louisiana, the office confirmed. All four were charged with entering federal property under false pretenses with the intent of committing a felony.

According to the FBI affidavit, Flanagan and Basel entered the federal building at 500 Poydras Street about 11 a.m. Monday, dressed as telephone company employees, wearing jeans,  fluorescent green vests, tool belts, and hard hats. When they arrived at Landrieu's 10th floor office, O'Keefe was already in the office and had told a staffer he was waiting for someone to arrive.

When Flanagan and Basel entered the office, they told the staffer they were there to fix phone problems. ...the staffer gave Basel access to the main phone at the reception desk. The staffer told investigators that Basel manipulated the handset. He also tried to call the main office phone using his cell phone, and said the main line wasn't working. Flanagan did the same.

They then told the staffer they needed to perform repair work on the main phone system and asked where the telephone closet was located. The staffer showed the men to the main General Services Administration office on the 10th floor, and both went in. There, a GSA employee asked for the men's credentials, after which they stated they left them in their vehicle.

The U.S. Marshal's Service apprehended all four men shortly thereafter. (more) (FBI Press Release) 

Spybusters Tip # 623 - Do not allow service people on your premises until you can verify who in your organization called them, and why. Photocopy their credentials. Conduct your proactive inspections for bugs and wiretaps, quarterly.

SpyCam Story #555 - Along Came Jones (Update)

MI - A former Brighton City Councilman charged with spying on female employees has entered a plea in the case. 54 year old Richard Gienapp, the owner of Mexican Jones restaurant in Brighton, pleaded guilty Friday to one count of surveillance of an un-clothed person. In exchange, prosecutors dropped two separate counts of installing and possessing an eavesdropping device.

The prosecution also agreed to not issue any other charges involving computer images of child sexually abusive material.

State Police say Gienapp placed a camera in an office at the restaurant where he spied on a female employee as she undressed. He faces up to two years in prison when he is sentenced on March 4th.

Gienapp has been in and out of court all month in separate cases. Last week, he pleaded guilty to failing to conspicuously post notice of his alcohol license being suspended at his restaurant. He was also recently convicted of filing a false police report. He was sentenced to 10 days of community service and 12 months of probation but soon filed a motion for a new trial, which was rejected by 53rd District Court Judge Theresa Brennan. (more) (original)

Man Bites Dog Story

China Accuses U.S. of Cyberwarfare
In the wake of a recent speech by U.S. Secretary of State Hillary Clinton condemning countries that censor the internet and engage in hacking, China has lobbed a return volley and accused the United States of hypocrisy and initiating cyberwarfare against Iran. (more)

Thursday is International Data Privacy Day

On January 28, 2010... Search Engine Startpage.com Introduces Free Anonymous Web Browsing

Startpage, the self-proclaimed "world's most private search engine", and its E.U. brand, Ixquick will release a new proxy service that allows users to surf the web with complete privacy. The proxy lets users browse websites safely and anonymously, without passing on any private, personally identifiable information to the websites they view.

The Startpage proxy is a free service that works in conjunction with the Startpage search engine, available at www.startpage.com. When users perform a search, they will find a clickable "proxy" option below each search result. When this option is selected, Startpage acts as an intermediary to retrieve the page and display it in a privacy-protected Startpage window.

The proxy offers complete anonymity, since the user never makes direct contact with the third-party website. The user's IP address is invisible to the viewed website. In addition, the website cannot see or place cookies on the user's browser. (video)

How Not to Handle a Bug Find

LA - West Feliciana Parish Sheriff J. Austin Daniel said Friday he asked State Police detectives to investigate a report of a listening device being planted in a Police Jury office.

Daniel said determining who planted the device may be difficult because a Police Jury employee took it apart and removed a battery.

The sheriff also said the device was found around Thanksgiving but was not reported to him until after Christmas. (more)

How to handle a bug find... (here)

So, a trusted employee is starting a new company.

Business espionage often begins closer to home than you think.

Over three decades, I have heard this too many times... "I think my employee is stealing business and is planning on competing with me. What should I do?"

This is pretty much a textbook case...
• Employee starts a side business using the employer’s resources, methods, client lists, and often client products.
• Employee plans to leave when business is self-sustaining.
• Employee quietly recruits other employees.
• Employee leaves, or is discovered and is fired.
• Over time, other employees desert to go work for the ringleader, taking even more intellectual property.
• Covert lines of communications remain open between the two businesses: employee chit-chat, room bugs, telephone wiretaps, computer spyware, unauthorized access to email/voicemail, etc.
• The employer takes appropriate investigative/legal steps... or slowly bleeds to death.

Recommendations:
• Act quickly and firmly.
• Secure personnel records and back them up off-site. Especially important: Non-compete agreements, termination agreements, signed copies of company rules, etc.)
• Take any collected evidence to an outside attorney to determine a course of action for investigation, employee termination and possible prosecution.• Document evidence of business diversion. (Talk to customers openly, or indirectly. Consider setting up a sting.)
• Monitor and back-up their business e-mails, if legal in your state.
• Conduct a survey for electronic surveillance devices and other counterespionage vulnerabilities. (Hire the best specialist you can find. You may only get once chance to do this part correctly.)
• As soon as possible, conduct a forensic examination all their company-owned computer devices. (Computers, PDAs, Cell phones, etc..) Hire the best specialist you can find. You may only get once chance to do this part correctly.

• Upon termination of the first rogue employee, conduct interviews with remaining employees (with your attorney). Let them know the full ramifications of intellectual property theft.
• Notify customers of personnel changes.
• Quickly, introduce replacement personnel.
• Notify recently departed customers of the situation, and warn them (nicely) of potential ramifications (if any) from dealing with renegade employees.
• Develop a marketing device to keep remaining customers loyal.
• Monitor competition for future compliance.

Your situation may require additional, or alternate, steps. Partner with a counterespionage specialist for direct advice. ~Kevin

Passwords stink... Face It

A Japanese company that specialises in face recognition technology has claimed the need for security passwords and identity swipe cards may soon become a thing of the past. Omron is working on software that scans faces to help recognise customers and employees. (more)

If we are not in your Boardroom...

...keep quiet, and put in a few of these.

The best move you can make for any Boardroom which isn't regularly swept for bugs... "Get down, and Boogie."

Improv Electronics has re-invented the old "Magic Slate."

Their version, called Boogie Board, is a pressure-sensitive tablet. It uses a watch battery for power, and only when the erase button is pushed. The secret is a Reflex LCD which doesn't need any power to keep the written secrets on the screen. The watch battery will last for 50,000 erases; cost $29.97. (more)  
(Pssst... The Apple iPad will cost a whole lot more and provide less security.)

Limited Time Offer...

Use Murray Associates to clear your Boardroom on a quarterly basis this year and we'll supply a Boogie to Board members - FREE. We are always fun, and get the job done.

--------

Did You Know?
• In the early 1920s, R.A. Watkins, the owner of a small printing plant in Illinois, was approached by a man who wanted to sell him the rights to a homemade device made of waxed cardboard and tissue, on which messages could be printed and then easily erased by lifting up the tissue. Watkins wanted to sleep on it, and told the man to return the next day. In the middle of the night, Watkins's phone rang and it was the man calling from jail. The man said that if Watkins would bail him out, he could have the device. Watkins agreed and went on to acquire a U.S. patent and rights, as well as the international rights for the device, which he called MAGIC SLATE. (via DrToy.com)

• (April, 1987) American journalists meeting with Soviet dissidents in Russia have occasionally used Magic Slates as a way of communicating. And last week, even the U.S. government bought the idea. In fact, Rep. Dan Mica (D-Fla.) and Rep. Olympia J. Snowe (R-Maine) received special instructions from the State Department to take the 99-cent toys with them on their recent inspection tour of the U.S. Embassy in Moscow. "An aide ran out to the local Toys 'R Us store and picked up a dozen," said John Gersuk, Mica's press secretary.

Now, not only has the child's toy put an unexpected kink in the multibillion dollar world of espionage, but it also has the $12-billion toy industry taking notice. (more)

"The best defense is a good... no, wait, uhhhh..."

Despite the objections of senior intelligence leaders, the White House National Security Council has instructed U.S. spy agencies to make intelligence gathering for China less of a priority. The move lowers China from "Priority 1" status to "Priority 2."

Intelligence leaders are concerned that the shift will hinder initiatives to acquire secrets about the Chinese government's military and its cyberattacks.

Anonymous administration officials say the policy is part of the White House's overarching effort to cultivate a friendlier, more constructive relationship with Beijing. But critics within the government charge that strategic intelligence on China will be downgraded over time, undoing what officials say are crucially necessary efforts to accrue more knowledge about China's political, economic, military, and intelligence operations. (more)

GSM Bugs, or Cell Phones Gone Wild

If you are not already familiar with GSM Bugs, I could go over it again, or you could listen to this dangerous-sounding woman...
(These bugs are flooding the market; less than $60. on eBay.)

By the way...

New for 2010 at Murray Associates, is our in-house designed GSM Bug locator.

Our instrument instantly detects and plots the location of GSM Bugs on a computer map. Without this technology, mostly-dormant GSM Bugs range from difficult to impossible to find.

Murray Associates new investigative technique (Digital Surveillance Location Analysis™) is now part of our advanced TSCM inspection audits. Bonus... our new instrumentation also locates rogue Wi-Fi stations on our client's networks.

Not a client, yet?
Become one.
You won't find this level of security elsewhere.
Start here.