"Wake up, Nguyen. Time to spy on the submarine races."

When foreign spies set their sights on America's secrets, many times they're not looking underground for secret bunkers or in the sky for massive spy blimps, but under the sea at the nation's low-profile underwater drone fleet.

According to some of the military's top counterintelligence analysts, in recent years there has been a significant increase in both old school spying and cyber operations, especially by unnamed East Asian nations, directed at gaining classified information on America's autonomous underwater vehicles (AUVs) in hopes of undercutting the U.S.'s "underseas battlespace dominance." (more)

Must be a Saturday Night Live skit that didn't get used...

Croatian businessman Vladimir Selebaj, who has been jailed over malversations with his production company Core Media, speaks to his parents only in French due to fears of wiretapping.

A French citizen, Selebaj allegedly talks only in French during his parents visits because he thinks he is being targeted by the police chief, Oliver Grbic.  

Grbic is currently in a relationship with Selebaj’s wife, Dijana Culjak.

Selebaj has been detained in Zagreb Remetinec prison while the investigation is underway, daily Vecernji List writes. (more)

BlackBerry / India Ink Surveillance Contract - RIM shot

 Remember when India was threatening to shut down BlackBerry service unless it could tap user's communications? Reports have RIM operating a wiretapping facility in Mumbai to help with that.

Back in 2010, the Indian government set multiple deadlines for RIM to provide the government with access to encrypted BlackBerry communication or face a shutdown of BlackBerry services in the country. Those deadlines came and went, with RIM insisting that it has no back door that would let government authorities (or anybody else) decrypt and access communications on its BlackBerry Enterprise services. 

However, by the beginning of 2011 RIM had been working with the Indian government to provide access to consumer-level BlackBerry Messenger and BlackBerry Internet Services (BIS) email—and now the Wall Street Journal reports RIM is operating a small surveillance facility in Mumbai to process government requests for access to BlackBerry user communications. (more)

Spy Train Tracks Wirey Thieves

Using a thermal camera to track copper cable thieves.

UK - Network Rail said covert spy train patrols to deter metal thieves from the rail network are having an effect.

In the last year the price of copper has doubled and this year alone in the east there have been 72 serious incidents of cable theft, causing delays to more than 2,500 trains and costing the company more than £1m.

Look East joined Network Rail and the British Transport Police on a special spy train as they went on the hunt for thieves in Essex and Hertfordshire. (video)

A Simple Three Question Spy Movie Quiz

Go here. 

I got 2 of three. 

See what you can do.

Here is one from me...

What is the name of this famous spy story town?

What is its real name?

Did I live there for a week?

Answers later next week.

Enjoy your weekend!

~Kevin

Security Alert: Easy Bypass of iPad2 Passcode Screen (w/ fix)

PROBLEM...
Apple's Smart Covers are pretty cool--they attach magnetically to your iPad 2, and you can lock your iPad's screen simply by "closing" the cover. Lift the cover off the screen, and your iPad wakes right up. Unfortunately, members of the German forum Apfeltalk ("Apple Talk") discovered a bug in how iOS handles the Smart Cover that makes it possible to bypass the iPad's passcode screen. Yikes.

To trigger this glitch, hold down the power button and wait for the iPad to ask to power off. When that happens, place the smart cover over the tablet. Next, take the cover off again, cancel the power down, and you're in--no passcode required.

SOLUTION...
Apple is aware of the issue and is working on a fix. And for the time being, you can make it so your iPad doesn't automatically unlock when you open your Smart Cover; that way, even if someone uses this bypass trick, they'll only be greeted with the passcode screen. To change this setting, Open the Settings app, tap General, and change the setting for "iPad Cover Lock/Unlock" to "Off". (more)

Gang Members Are Coming For Your Info. What's Your Counterespionage Strategy?

The Federal Bureau of Investigation on Friday estimated there are some 1.4 million gang members in the United States and they are turning to white-collar crimes as more lucrative enterprises. 

Gangs like the Bloods and the Crips are engaging in crimes such as identity theft, counterfeiting, selling stolen goods and even bank, credit card and mortgage fraud, said a new FBI gangs threat assessment.

"We've seen it, but we've seen them doing it even more now and we attribute to the fact that the likelihood of being caught is less, the sentences once you are caught are less, and the actual monetary gain is much higher," said Diedre Butler, a unit chief at the National Gang Intelligence Center. (more)

Search Engine Encrypts Your Secret Yearnings, Lusts and Thirsts... for Knowledge

Click to enlarge.

Flash - "As of this week, Startpage, by Ixquick, the "world's most private search engine," automatically encrypts ALL searches. Startpage was the first search engine to offer SSL encryption in 2009, and today it again breaks new ground by making SSL encryption the default." (more)

Kevin's Security Scrapbook exclusive! Motion picture footage of the inside of a search engine's encryption kernel.

"Dude, Scientology has an Office of Special Affairs?!?! I didn't know scientists even had affairs!"

The Village Voice is reporting that the Church of Scientology attempted to investigate Parker and Stone after a controversial 2005 episode of “South Park” titled “Trapped in a Closet.” The Emmy-nominated episode, airing on Comedy Central, satirized such figures as Scientology founder L. Ron Hubbard and Scientology member Tom Cruise. 

According to the Voice, former Scientology executive Marty Rathbun “revealed at his blog that in 2006, Scientology's Office of Special Affairs — the church's intelligence and covert operations wing — was actively investigating” Parker and Stone.

The Voice reports Monday: “We have more leaked OSA documents which give some idea of the extent of the spying operation on the ‘South Park’ offices and the people who worked there.” (more)

Chat and...ZAP. Your address book is stolen!

If you use Skype on an iPhone or iPod touch, Phil Purviance can steal your device's address book simply by sending you a chat message.

In a video posted over the weekend, the security researcher makes the attack look like child's play. Type some JavaScript commands into the user name of a Skype account, use it to send a chat message to someone using the latest version of Skype on an iPhone or iPod touch, and load a small program onto a webserver. Within minutes, you'll have a fully-searchable copy of the victim's address book. (more)

Your Rotund Guard Can Be Replaced by Rotundus, the 3-D RoboEye

Security Director Alert - Imagine replacing multiple guards, at multiple sites with GroundBots... all reporting to your command center. 

Think of the money you could then devote to more worthwhile security needs - intellectual property protection needs - like, ummmm... TSCM!

You don’t need to read instructions to operate an arcade driving game. It’s intuitive. And that’s how easy it is to steer GroundBot in the manual control mode.

But there’s one big difference: when you’re driving GroundBot the landscape you’re moving through is for real. Streamed in real-time, in 2D or 3D. Operators say that it makes you feel you are actually there, sitting in GroundBot, looking out. 

Guardbot is also amphibious and efficient and can run up to 10 km/h (6 mph) - without making a sound. Moreover, it can operate for 8-16 hours depending on mission profile.

This near-reality experience also makes operators more alert to anyone or anything that shouldn’t be there. GroundBot can even be used to find out where an unauthorized person is going. (more) (video) (c.1968 prototype)

FBI Business Espionage Warning - "If you haven't been a victim yet, it's because you have been and you don't know it, or you will be."

Kexue Huang, a scientist and native of China, pleaded guilty last week in a federal court to swiping millions of dollars worth of trade secrets from Dow Chemical Co. and Cargill Inc. for other people doing research in Germany and China.

A federal jury last month ordered South Korea's Kolon Industries to pay DuPont Co. $920 million for stealing trade secrets regarding synthetic fibers used in such products as Kevlar body armor. A former DuPont engineer hired by Kolon, Michael Mitchell of Virginia, was sentenced in March last year to 18 months in prison for theft of trade secrets for passing on key DuPont data to Kolon.

And area technology companies are likely fooling themselves if they think they're not in the cross-hairs of such spy efforts, according to the Federal Bureau of Investigation."If you haven't been a victim yet, it's because you have been and you don't know it, or you will be," Barry W. Couch, a special agent with FBI's Buffalo division, told a conference room full of area optics industry executives last week. "Don't be blindsided."

The FBI has designated espionage, including economic espionage, its second-highest priority, behind only terrorism. (more)

Bug in the Boardroom - Nasdaq

New details have come out from the ongoing investigation into last year's attack on the Nasdaq stock exchange. 

It appears that when attackers breached the Director's Desk Web application, they not only gained access to data stored in the system, but they managed to install a monitoring software that was able to eavesdrop on "scores" of directors' communications. 

The application was used by board directors to discuss information relating to the company's financial performance and other intellectual property. (more)

Security Director Alert: Occupy Wall Street would love to have A Bug in Your Boardroom

The Occupy Wall Street movement is expanding. 

Your company is the target. 

Just like animal rights and other business protest movements, intelligence helps fuel their cause. A bug in your boardroom is the ideal intelligence pipeline. (Don't think they haven't thought of doing it. All they need is a sympathetic insider who believes the boss makes too much.)

I addition to your normal preparations (perimeter security, monitoring social media, etc.) electronic countermeasures inspections (TSCM) must be part of your protection mix. Covert electronic eavesdropping, video voyeurism, data thefts and business espionage attacks are vulnerabilities you can not afford to overlook.

If you have a trusted TSCM provider, great, call them in.
If not, please stop by our web site. Learn all about our economical TSCM security solutions.

But, what if you find a bug?

Imagine... 

It's Monday morning. 

In the offices of Mongo Industries a secretary readies the Boardroom for the weekly strategy meeting. The air conditioning has been off all weekend, and just kicked in. Then...THUNK! 

Startled, she stares under the massive table. Her eyes adjust to the dark. A small dark object with gooey strips of masking tape near the Director's chair stares back.

"What should you do?" (click here)

Flash - Adobe Flash Spy Personality Disorder Fixed

Engineers on Thursday patched a hole in Adobe's ubiquitous Flash Player that allowed website operators to silently eavesdrop on visitors' webcam and microphone feeds without permission.  

To be attacked, visitors needed to do no more than visit a malicious website and click on a handful of buttons like the ones in this live demonstration. Without warning, the visitor's camera and microphone were activated and the video and audio intercepted. (more)

Adobe: "We have resolved the issue with a change to the Flash Player Settings Manager SWF file hosted on the Adobe website. No user action or Flash Player product update are required." (more)