Friday, March 16, 2012

The CIA wants to spy on you through your TV

dailymail.co.uk

When people download a film from Netflix to a flatscreen, or turn on web radio, they could be alerting unwanted watchers to exactly what they are doing and where they are.
Spies will no longer have to plant bugs in your home - the rise of 'connected' gadgets controlled by apps will mean that people 'bug' their own homes, says CIA director David Petraeus.
The CIA claims it will be able to 'read' these devices via the internet - and perhaps even via radio waves from outside the home.

Everything from remote controls to clock radios can now be controlled via apps - and chip company ARM recently unveiled low-powered, cheaper chips which will be used in everything from fridges and ovens to doorbells. 
The resultant chorus of 'connected' gadgets will be able to be read like a book - and even remote-controlled, according to CIA CIA Director David Petraeus, according to a recent report by Wired's 'Danger Room' blog.
Petraeus says that web-connected gadgets will 'transform' the art of spying - allowing spies to monitor people automatically without planting bugs, breaking and entering or even donning a tuxedo to infiltrate a dinner party. 
'Transformational’ is an overused word, but I do believe it properly applies to these technologies,' said Petraeus.
'Particularly to their effect on clandestine tradecraft. Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters -  all connected to the next-generation internet using abundant, low-cost, and high-power computing.'
Petraeus was speaking to a venture capital firm about new technologies which aim to add processors and web connections to previously 'dumb' home appliances such as fridges, ovens and lighting systems.
Posted by at 11:00 AM 0 comments
Labels: , , , , , , , , , , , , ,

Thursday, March 15, 2012

FBI Tells Corporate Execs To Defend

securitypronews.com

"J.P. Morgan reports that worldwide e-commerce sales are expected to increase from $573 Billion in 2010 to nearly $1 Trillion in 2013. Each year, cybercriminals and thieves steal terrabytes of data, intellectual property worth billions, expose an average of 260,000 personal identities per data breach, and cost organizations approximately $7.2M per data breach event. Symantec reported that this past summer, 29 chemical companies, including multiple Fortune 100 companies, were subject to computer attacks that sought to extract data on formulas and manufacturing processes." Dr. Regina E. Dugan brought these unfortunate statistics to the attention of the DARPA Cyber Colloquium in November of last year. At the same time she reminded them of several attacks tracing back to government organizations in Russian and China. It would appear they listened. DARPA reported, Monday, that they are increasing they cyber research budget by $88M in FY2012 and intend to increase the amount another 4% of it's top line budget over the next 5 years. 


More...
Posted by at 4:10 PM 0 comments

Wednesday, March 14, 2012

The New Face of Corporate Espionage

asiaworldmedia.com


Over the past five years, a highly sophisticated team of operatives have stealthily infiltrated more than 70 U.S. corporations and organizations to steal priceless company secrets. They did it without ever setting foot in any victim’s office. Sitting at undisclosed computers, they could be anywhere in the world.
This is the new face of corporate espionage. Thieves whose identities are safely obscured by digital tradecraft rather than a ski mask, are robbing companies of the ideas that are the source of American ingenuity.
We now rely on the Internet to do business, supply communities with power and water, communicate with loved ones and support our troops on the battlefield. Our digital infrastructure is part of our country’s lifeblood. Individual consumers, government agencies and small and large businesses are all increasingly vulnerable to growing threats.
However, there is another reason to care about Internet security that is less known: protecting U.S. competitiveness and jobs in the global economy.
In the coming weeks, Congress has an opportunity to do just that. As we mark National Consumer Protection Week — a time for consumer advocacy groups, private organizations and agencies at every level of government to highlight the ways individuals and families can protect themselves from scams, fraud and abuse — we are reminded of the role we each play in defending ourselves from online attacks and in securing cyberspace.
U.S. companies use information networks to create and store their unique ideas. The ideas power our economic growth. Every day, the networks of these companies, from large corporations to small businesses, are targeted by criminal organizations and nation-state thieves for these trade secrets.
Posted by at 11:59 AM 0 comments

The Complicated World of Corporate Espionage

asiasentinel.com
Corporate espionage used to be rather straightforward – as the typical Coke-Pepsi textbook example illustrates, in which each tries to steal the other’s recipe for sugared water. It is a crime when someone steals company data/trade secrets and passes it to a business rival. 

Well, yes -- but not quite, in the case a series of court decisions in the United States that complicate the issue considerably. One involves a former Goldman Sachs computer programmer, Sergey Aleynikov, a Russian who immigrated to the United States in 1991 and who was arrested by FBI agents on July 3, 2009, at Newark International Airport. 

Aleynikov was subsequently jailed in December 2010 for stealing code from Goldman Sachs’ high-frequency trading platform, a lucrative new segment of Wall Street that uses complex computer algorithms to convert minute price discrepancies into quick profits through rapid fire trades. He had served one year of his eight-year sentence when he was freed by the Court of Appeals for the Second Circuit in New York in mid-February.

The court offered no explanation for overturning his conviction other than stating an opinion would be issued “in due course,” according to The New York Times.

Aleynikov allegedly stole the source code used in driving those high frequency trades at his employer prior to joining a new competitor, with plans to set up a similar trading platform – he allegedly uploaded the code onto a computer server in Germany, encrypted and downloaded it into his home computer, laptop and memory stick and took the data with him when he joined the new company.


More...
Posted by at 11:51 AM 0 comments

Monday, March 12, 2012

NATO Commander Facebook Pages Used In Spying Attempt

redorbit.com


A fake Facebook account set up in the name of NATO’s supreme allied commander was allegedly used by spies in an attempt to swipe personal information from military personnel and various other top secret information, according to multiple news reports published over the weekend.
According to Nick Hopkins of The Observer, falsified social networking pages supposedly belonging to Admiral James Stavridis is believed to have been coordinated by Chinese espionage agents who had hoped to trick his friends and family members into revealing private information — either about him or about themselves.
Telegraph Investigations Editor Jason Lewis reported Saturday that senior British military officers and members of the UK Ministry of Defense are believed to have been among those to accept “friend requests” from a fake Stavridis Facebook account.
“They thought they had become genuine friends of NATO’s Supreme Allied Commander — but instead every personal detail on Facebook, including private email addresses, phone numbers and pictures were able to be harvested,” he continued, adding that while officials are “reluctant” to identify the source of the espionage attempt, that the Telegraph “has learned that in classified briefings, military officers and diplomats were told the evidence pointed to ‘state-sponsored individuals in China.’”
Posted by at 5:05 PM 0 comments

Tuesday, March 6, 2012

Revealed: Technical Surveillance Threats

Revealed: Technical Surveillance Threats


Spy Cam 101

Not long ago while on assignment, I was asked "How many times do you actually find technical surveillance threats?"
My answer was "Well, I would tell you but then I would have to...." Just kidding,  The real answer is more often than you would think..
Although, not every technical surveillance threat involves finding a device. It can also can mean discovering a technical surveillance vulnerability. Like for instance, the allowance of cellular devices (w/ cameras) or iPads in conference rooms and during high level meetings. Or, the allowance of digital recorders within these areas, just to name a few.

It's not always "James Bond" spy gear that turns up during a sweep.

But every now and then, I still discover a "surprise" that may (or may not) have been left behind...on purpose.

For example, take this pen & pencil holder discovered during the wee hours of the morning while sweeping the "Presidential Suite" of one of our clients facilities.


Plain looking enough, but take a closer look... Through our Thermal Imaging Camera... Notice that hot spot? So did we...It turned out to be a hardwired Spy cam, with audio....Here's another look..


This was only one of the technical surveillance threats found during this assignment. Yes, you heard me right, only one of several threats found...

So, the short answer is YES, technical surveillance threats (although crude) like the above are used for intel collection purposes by your adversaries. i.e.; disgruntled employee, competitor, corp spy, eavesdropper, etc.
So be aware, these types of surveillance threats could be lurking closer than you might think...

If you don't mind me asking, When was your last TSCM Sweep?  Not Sure?  Contact Me here. I can help.

Stay tuned for the next "reveal"....JDL
Posted by at 2:29 PM 2 comments
Labels: , , , , , , , , , ,

Unmasking the world’s most wanted hacker

foxnews.com

EXCLUSIVE: It was one of the hottest days of the year and evening temperatures were still sweltering when two FBI agents wearing bulletproof vests under their dark suits climbed the stairs of the Jacob Riis housing complex in New York’s Lower East Side on June 7, 2011. Drenched in sweat, they knocked on the steel door of a sixth-floor unit. It swung open to reveal a man in his late twenties wearing jeans and a white T-shirt.
“I’m Hector,” he said.
The agents were suddenly face-to-face with “Sabu,” the computer genius they had stalked for months, a quarry so elusive they hadn’t pinned down his identity and location until just weeks before. The suspected ringleader of the Anonymous offshoot group LulzSec, Hector Xavier Monsegur and his web minions had just completed a month-long reign of terror, hacking the CIA, Fox, Sony and several financial institutions, causing, according to some estimates, billions of dollars in damage around the world.
The nondescript public housing unit seemed an unlikely nerve center for one of the world’s most wanted criminal masterminds, but the 28-year-old Monsegur himself is a study in such contradictions. An unemployed computer programmer, welfare recipient and legal guardian of two young children, Monsegur did not go to college and is a self-taught hacker. Although his skills and intellect could command a lucrative salary in the private sector, those who know him say he is lazy, an underachiever complacent with his lifestyle.
Posted by at 1:47 PM 0 comments
Subscribe to: Posts (Atom)