Thursday, July 6, 2017

Security Director Alert: Satellite Phone Encryption Cracked

Chinese researchers have discovered a way to rapidly decrypt satellite phone communications -- within a fraction of a second in some cases.

The paper, published this week, expands on previous research by German academics in 2012 by rapidly speeding up the attack and showing that the encryption used in popular Inmarsat satellite phones can be cracked in "real time."

Using their proposed inversion attack thousands of time on a 3.3GHz satellite stream, the researchers were able to reduce the search space for the 64-bit encryption key, effectively making the decryption key easier to find.

The end result was that encrypted data could be cracked in a fraction of a second. more

Surveillance Robots Share and Interpret Images

A new system that allows a team of robots to share and interpret information as they move around could enable these same robots to relieve humans of dangerous jobs such as disposing of landmines, cleaning up after a nuclear meltdown or surveying the damage after a flood or hurricane. 

Seeing the same area from many points of view could be confusing to a human, but a computer can manage it and combine all the information to build a "model" of the scene and track objects and people from place to place.

Researchers from Cornell University have developed the system, which would allow robots to conduct surveillance as a single entity with many eyes.

"Once you have robots that cooperate, you can do all sorts of things," said Kilian Weinberger, associate professor of computer science...

The researchers plan to test their system on the Cornell campus, using research robots to "surveil" crowded areas while drawing on an overview from existing webcams. Their work might lead to incorporating the new technology into campus security. more

Things to Come...

The Espionage What Goes Around...

China fears cyberattacks because it is creating cutting-edge technology that others will want to steal, says its envoy to Canada (Lu Shaye), a rebuttal of the widely held view that the country is a leader in internet espionage.

Canada and China recently agreed to stop state-sponsored hacking of each other’s trade secrets and business information, but experts say the deal is unverifiable and potentially meaningless...

“China is technically advanced now and we are afraid that our things will be stolen by others,” Lu said through a translator in an interview with The Canadian Press.

China’s innovators are making great strides in quantum communications, supercomputing, and other information technology, he continued.

Last year, China launched a large satellite to support quantum communications, which New Scientist magazine describes as “a form of secure communication in which the laws of quantum mechanics prevent eavesdroppers from snooping in.” more

Wednesday, July 5, 2017

The Bootlegger, the Wiretap, and the Beginning of Privacy

By
Nearly a century before a U.S. President accused his predecessor of ordering a “tapp” on his private telephone line, and before he tweeted a warning to the head of the F.B.I. that he had “better hope that there are no ‘tapes’ of our conversations,” a professional spy, armed with a pack of cigarettes and an earpiece, hid in the basement of the Henry Building, in downtown Seattle, catching crackling bits of words being spoken miles away.

Richard Fryant had worked as a wiretapper for the New York Telephone Company, tasked with eavesdropping on his own colleagues, and now took freelance assignments in the Queen City.

On this occasion, he was seeking dirt on Seattle’s corrupt mayor—who was suspected of having ties to Roy Olmstead, a local bootlegger—for a political rival. At the behest of his client, Fryant rigged micro-wires to a certain exchange, ELliott-6785, and began to listen.

“They got that load,” one man said, breathing heavily.

“The hell they did—who?” asked another.

“The federals.”

The men speaking on ELliott-6785 hung up, but the conversation had only just begun... more

Roy Olmstead kicked off a long, twisted, legal trail of litigation, decisions and laws regarding electronic surveillance. It's a trail that hasn't ended yet.

Quote of the Week

"There are no hackers; there are only spies," ~ Eric O'Neill

Tuesday, July 4, 2017

Without Spies There May Have Been No 'Fourth of July'

By Nina Strochlic, for National Geographic magazine.

In 1777, the American colonies were badly losing their fight for independence from Great Britain. The British Army had captured New York City’s crucial port. Expecting further advances, the Continental Congress was evacuated from Philadelphia. It seemed that the war was lost.
Then George Washington, then Commander-in-Chief of the Continental Army, wrote a letter that changed the course of the war.

Washington was desperate to discover what was happening inside New York, but military scouts couldn’t get close enough. The general needed someone to penetrate enemy lines, but when he asked for volunteers, few of his troops raised their hands.

“Spying wasn’t seen as gentlemanly,” says Vince Houghton, resident historian at the International Spy Museum in Washington, D.C.

Finally, a young army captain named Nathan Hale volunteered for the dangerous assignment. He was caught a week later and hanged, the first known American spy to be executed on the job. (He’s memorialized with a statue outside CIA headquarters.)

Washington realized that the mission was too big for untrained volunteers, so he set about building an espionage organization.

John Jay, later the first Chief Justice of the Supreme Court, had been running counterintelligence as head of the New York State Committee and Commission for Detecting and Defeating Conspiracies. One of Jay’s operatives, a merchant named Nathaniel Sackett, had experience in secret writing and codes. 

In February 1777, Washington wrote a letter to Sackett in which he offered him $50 a month—out of his own pocket—to establish the first formal apparatus for the “advantage of obtaining the earliest and best Intelligence of the designs of the Enemy.” “Without the organization that Sackett set up, it would have been very difficult for us to win the war,” says Houghton. “We had a ragtag army and [the British] had the greatest army, greatest navy, and greatest economy in the world. We had no real business winning this war.”

But America’s spy service got off to an inglorious start. Most of Sackett’s agents failed at their jobs—including Sackett himself, who was fired after just six months.

Fortunately for the infant nation, Sackett’s replacement, 26-year-old Benjamin Tallmadge, created what is considered one of America’s greatest espionage operations: the Culper Spy Ring. Comprised of childhood friends from Long Island, the group included a shop owner inside New York City who gathered information, a traveling trader who smuggled it out of the city, and a whale boat captain who delivered it to Washington’s camp.

Employing the tools and tricks of the 18th-century spy trade—hiding secret messages in hollow feather quills, using “dead drops” to transport letters—the Culper operatives unmasked enemy spies, busted a money counterfeiting plan, and stopped the British from sabotaging a French aid mission to the colonies.

After important letters were lost during an enemy raid, Tallmadge invented a “numerical dictionary” code that matched 763 cities, names, and words to numbers. (Washington’s code name was Agent 711.) Washington also asked physician James Jay (brother to John) to invent an invisible ink that could be revealed only with another chemical and would “relieve the fears of such persons as may be entrusted in its conveyance.

Washington’s espionage experiment paid off. In 1781 the British surrendered, thanks in part to the intelligence gathered by the Culper Ring and their networks. “Washington didn’t really out-fight the British. He simply out-spied us,” a British intelligence officer allegedly said after the war.

None of the Culper spies were ever caught, and even Washington himself never learned exactly who was in the group. The ring’s very existence wasn’t discovered until the 1900s, and to this day no one knows for certain how many members it had.

After the war Washington asked Congress to reimburse him $17,000—nearly half a million dollars today—for his espionage expenses. The lawmakers obliged.

Monday, July 3, 2017

Weiwei - All Leave Hansel & Gretel Digital Breadcrumbs

The Chinese artist-activist Ai Weiwei is nothing if not connected. All through the introductory remarks at the press preview for Hansel & Gretel, the giant art installation about electronic surveillance at the Park Avenue Armory in New York (open through August 6), Ai was busy on his phone...

Hansel & Gretel—the latest in the Armory’s series of huge Drill Hall extravaganzas, whose title indicates that we all leave breadcrumb trails, whether we want to or not—is another collaboration among Mr. Ai and Mssrs. Herzog and de Meuron...

Part 1 of this technology-rich dystopian spectacle occupies the whole of the darkened 55,000-square-foot Drill Hall, which the audience enters not from the Armory’s grand, staircased main entrance, but through an inconspicuous rear door on Lexington Avenue.

Once inside, visitors make their way through almost pitchblack corridors to a ramp that takes them up a few feet to the main attraction: a floor on which are projected their surveilled overhead images, which follow them around like digital puppy dogs.

The images come from dozens of overhead cameras, not the tethered drones buzzing around overhead. The phenomenon undoubtedly inspires awe in a few... The Drill Hall gizmopalooza gives everyone a visceral experience of what it’s like to be watched by unseen forces... more

Spycam News: Docs Know What's Up

The National Healthcare Professionals Association of South Africa has filed papers in the Pretoria High Court

accusing 19 medical aid schemes of spying on doctors and sneaking hidden cameras into their consulting rooms...

The lawsuit specifically named Discovery, stating that the scheme has sent spies and private investigators with concealed video cameras and recording equipment into private consultation rooms without consent. more

Saturday, July 1, 2017

Where Smartphones Became Spyware Piñatas

A spying scandal in Mexico widened after it was confirmed by experts that several of the country’s top opposition leaders — along with journalists and human rights advocates — were targeted by high-tech spyware exclusively sold to governments.

The Internet watchdog group Citizen Lab exposed the scandal (in June) in a report that showed that spyware known as Pegasus had been used in recent years to infiltrate the cellphones of 12 prominent journalists and rights activists, all of whom had been critical of the Mexican government...

The victims received messages with links to the malware, which, when activated, allows outsiders to remotely access a phone’s data as well as activate its camera and microphone. more

Business Espionage Cautionary Tale - Bugs, Taps and Now... Drones

Australia - An international drug syndicate used drones to conduct counter-surveillance on police...

"During the investigation phase, this syndicate has used aerial drones to conduct counter-surveillance on police activity," Commander Beveridge said.

"The syndicate was using a drone when they were holding their meetings, to conduct counter-surveillance, to see if anyone, like law enforcement, was watching...


"It did cause the surveillance staff to initiate procedures and methodologies to defeat it. "These syndicates are getting a lot more sophisticated, and so are we. We've just got to be awake to it." more

Murray Associates Industrial Espionage Takeaway Points:
• Even with an upper floor office you are no longer immune to optical surveillance.

• If you have window blinds, use them.
• Make sure computer screens and whiteboards don't face windows.
• Institute a clear desk policy.
• If you see a drone, don't assume it's some hobbyist playing. Take a photo or movie for evidence.
• Be alert. A drone in your parking lot can grab all license plate numbers in a minute. (One of the first warning signs of an espionage attack.)

Thursday, June 29, 2017

FutureWatch: Is Privacy the New Luxury?

There is nothing more luxurious than your own private island.

A secluded space, which is owned only by you. Private islands are the definition of privacy, security, peace, tranquility and an extraordinary lifestyle. There are only a handful of people in the world who have the opportunity to provide themselves and their family with the exclusive privacy and seclusion.

Enjoy it while you can...

Sea level rise accelerated by the melting of glaciers due to rising global temperatures has put many island nations on high alert, as their very survival hangs in the balance.

NASA researchers recently predicted that we are currently "locked into at least three feet of sea level rise, and probably more" by the end of the century.

Specifically, the Intergovernmental Panel on Climate Change listed the "Marshall Islands, Kiribati, Tuvalu, Tonga, the Federated States of Micronesia and the Cook Islands (in the Pacific Ocean); Antigua and Nevis (in the Caribbean Sea); and the Maldives (in the Indian Ocean)," as the most vulnerable nations to the effects of climate change. more

Business Espionage: The Slow Burn Costs


"Businesses need to be aware of the full costs of a cyber-attack, in particular, the “slow-burn” costs (i.e. those associated with the long-term impacts of a cyber-attack, such as the loss of competitive advantage and customer churn). When added to immediate costs (i.e. legal
and forensic investigation fees, and extortion pay outs), slow burn costs can dramatically increase the final bill."
Lloyd's Report - in association with KPMG and legal firm DAC Beachcroft more

Lloyd's is promoting their cyber-insurance with this report. Their warning, however, actually applies to all forms of business espionage. Insurance is for the disaster. A good Technical Information Security Survey can prevent disasters. You need both.

15 Photos of ATM Scams

Take note of some of the most common ways thieves will try to steal your credit card details.


 Fourteen more photos.

Stepfather Accused of Murder Preceded by Spycam

Man accused of killing stepdaughter may have photographed her through peep holes.

Detectives found a photo they believe is of 13-year-old Jayden Glomb in her bathroom wearing a sports bra, apparently taken secretly by her stepfather who is now accused of killing her, court documents say.

Property seized so far in the investigation includes an endoscope camera, spy camera, thumb drives, clothing and photographs, according to a search warrant.The Tucson Police Department’s crime laboratory has begun to analyze the contents of a home computer that was used by Joshua Lelevier, 37, who was arrested May 31 in Jayden’s suffocation death. more

Tuesday, June 27, 2017

Cyber Espionage: Canada and China Agree to Knock it Off

The Chinese government has reached a landmark agreement with Canadian authorities that pledges to halt "economic cyber espionage", a technique long-used by Beijing to hack into large firms and steal trade secrets, often including details of proprietary technology and military plans...

"The two sides agreed that neither country's government would conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages," a portion of the deal stated.

According to the Globe and Mail, which first reported the deal, the accord solely covers economic espionage, declining to mention online espionage, surveillance and hacking to spy on state activity. more

Other business espionage items the accord does not cover...
  • Electronic eavesdropping.
  • Telephone wiretapping.
  • Physical penetration of the workplace.
  • Social Engineering.
  • Infiltration of the workforce.
  • Subversion of employees. (blackmail, payoffs, etc.)
  • Optical surveillance.
A good Technical Information Security Survey will cover these vulnerabilities for you.