Wednesday, March 30, 2011

Top Spy Agency Has Been Brought In To Investigate The NASDAQ Cyber-Attack


businessinsider.com
Remember the cyber attack on Nasdaq that happened last October?

Now, the country's top electronic intelligence -- aka spying -- agency, the National Security Agency (NSA, is getting involved the investigation, because it turns out that attack "was more severe than first disclosed," Bloomberg reports.

A former counter-intelligence agent said that, "By bringing in the NSA, that means they think they’re either dealing with a state-sponsored attack or it’s an extraordinarily capable criminal organization."

Foreign intelligence agencies are also reportedly helping out the in the probe. Initially investigators thought the hacking intrusion originated in Russia, but that report was wrong.

‘China behind online espionage in Australia’

tibetanreview.net
China is the top suspect in a major online espionage in Australia which targeted at least 10 federal ministers, including the Prime Minister Julia Gillard, Foreign Minister Kevin Rudd and Defence Minister Stephen Smith, reported The Daily Telegraph Mar 29. The hacking was reported to have continued for more than a month, beginning in Feb’11, resulting in access to possibly several thousand emails.

The report cited four separate government sources as confirming they had been told that Chinese intelligence agencies were among a list of foreign hackers under suspicion.

The cyber attack was believed to have occurred on the email network of the Australian Parliament House used primarily for MPs' correspondence. However, the more secure departmental network used by ministers for sensitive communications was said to be unaffected.

The Australian Security Intelligence Organisation was believed to be investigating the case, although it remains Canberra’s policy not to comment on the operations of security and intelligence agencies.

More...

Tuesday, March 29, 2011

Australia PM Julia Gillard's computer 'hacked'

bbc.co.uk

Australian Prime Minister Julia Gillard's parliamentary computer and those of at least two senior ministers are suspected of being hacked, according to a newspaper report.

The government was alerted to the security breach by a US intelligence tip-off, Sydney's Daily Telegraph said.

It is reported that several thousand emails may have been accessed from the computers of at least 10 ministers.

The Australian authorities have refused to confirm or deny on the reports.

The cyber attacks are believed to have targeted the Australian Parliament House email network, the less secure of two networks used by MPs.

Among the computers allegedly breached were those belonging to Foreign Minister Kevin Rudd and Defence Minister Stephen Smith.

Reports suggest the hackers may have been trying to access information on Australia's lucrative mining industry.

More...

McAfee says corporate espionage is the target for cyber crime


computerworlduk.com

Hackers using trade secrets as underground currency


Corporate espionage is a business almost as old as corporations, but thanks to the Internet revolution it has a new business model: cybercrime. A new report from McAfee illustrates how intellectual property and trade secrets are becoming the primary target for hackers, and providing the currency that fuels the cyber underground.

The recent attack against RSA, resulting in the compromise of sensitive data related to the SecurID two factor authentication that many corporations rely on to guard against unauthorised access and protect data, is an example of how even the very companies that we trust to help guard against corporate espionage are not invulnerable themselves. Hacked SecurID tokens could be used as a stepping stone to more serious corporate espionage.

More...

Friday, March 25, 2011

Tools of Tradecraft: More Spy Gear From the CIA, Others

wired
Every good spy story needs a sequel.

Last month, we published a gallery of CIA spy tools that was so popular, we decided to publish a follow-up with more gear.

We've expanded the rogue's gallery of ingenious spy gadgets with a raft of devious tricks from the former Soviet bloc and other countries, including a lipstick gun, shoe bug and a seriously savage rectal Houdini kit (you'll understand it when you see the pic). We hope you like these as much as you liked the others. All images are courtesy of the International Spy Museum in Washington, D.C.


Kiss of Death

For the spy-op gone bad, or simply for any Natscha who found herself out to dinner with the date from hell, this Cold War-era KGB lipstick gun delivered the kiss of death with a single 4.5mm shot.

More...

Many Bosses Spying On Employees As New Security Tactic

miami.cbslocal.com

DAVIE (CBS4) – Some business owners in South Florida are going to new lengths to protect their assets: they are spying on their own employees.

Fort Lauderdale Police say it’s a good idea. Recently, a federal postal employee was busted for skimming cash from stamp sales while on the job. The woman allegedly voided the transaction after selling the stamps to customers, then pocketed the cash.

Don Flipse owns “Field of Flowers” in Davie. Surveillance cameras allow him to keep a close eye on what’s going on at his store. He pays close attention to the cash register area. “This is a good opportunity for me to see what’s going on in the entire store,” said Flipse. “Once the money changes hands, I would make sure that there was nothing odd going on, dropped bills or hands going in pockets or anything of that nature.”

More...

Wednesday, March 23, 2011

Attack Code for SCADA Vulnerabilities Released Online

wired

The security of critical infrastructure is in the spotlight again this week after a researcher released attack code that can exploit several vulnerabilities found in systems used at oil-, gas- and water-management facilities, as well as factories, around the world.

The 34 exploits were published by a researcher on a computer security mailing list on Monday and target seven vulnerabilities in SCADA systems made by Siemens, Iconics, 7-Technologies and DATAC.

Computer security experts who examined the code say the vulnerabilities are not highly dangerous on their own, because they would mostly just allow an attacker to crash a system or siphon sensitive data, and are targeted at operator viewing platforms, not the backend systems that directly control critical processes. But experts caution that the vulnerabilities could still allow an attacker to gain a foothold on a system to find additional security holes that could affect core processes.

SCADA, or Supervisory Control and Data Acquisition, systems are used in automated factories and in critical infrastructures. They came under increased scrutiny last year after the Stuxnet worm infected more than 100,000 computers in Iran and elsewhere.

More...

Tuesday, March 22, 2011

UTC Student Arrested for Planting Cameras in Rooms


newschannel9.com

A UTC student was arrested for more than a dozen felonies because police said he was breaking into girl's apartments and installing hidden cameras.

This is the second time 23-year-old Bernard V. Morris finds himself in trouble on charges related to stalking women. Three years ago we reported he was under a $1.2-million bond because Judge Bob Meeks thought he was a threat to women. Morris served less than a year in prison in 2007 for stalking and setting at least one house on fire.

Now a chilling story is unfolding on the UTC campus. Morris is back in jail on 12 counts of aggravated burglary and one count of aggravated arson.

UTC police said Morris set up secret cameras and microphones inside several girl's dorms in the the Stophel and Guerry Apartments.

Records show the female students who live there told UTC police when they came back from spring break Sunday night they noticed things were not quite right with their clocks, radios and even a decorative snow globe. When officers inspected the items they found tiny, hidden cameras inside them.

More...

Monday, March 21, 2011

'Corporate espionage' center of court case


bizjournals.com

A State Supreme Court Justice has barred a national appliance parts distributor from soliciting business and clients from a competitor, who happens to have deep Buffalo roots.

State Supreme Court Justice John Michalek, in a recently unsealed decision, has ruled that 1st Source Servall, which opened a Buffalo sales office shortly after St. Louis-based Marcone Supply Co. acquired AP Wagner Co. in January 2010. AP Wagner began in Buffalo in 1928 when it was founded as Buffalo Washing Machine Repair Co. Marcone and 1st Source Servall are the largest appliance parts distributors in the country.

Friday, March 18, 2011

Department of Defense, Major Private Contractor Potentially Vulnerable in Cyber Attack

abcnews.go.com
A U.S. cyber security company charged with protecting computers for the U.S. government and thousands of private clients has itself been the target of a hacking attack, potentially compromising the security of software used by the Department of Defense and major defense contractor Lockheed Martin.

While the U.S. government has been aware of the attack and working with the company on plugging the security breach for more than a week, according to sources familiar with the investigation, it was only Thursday that Massachusetts-based company RSA alerted the public. RSA, the security division of EMC, claims over 25,000 clients and 40 million users of its security token technology worldwide.

More...

2 UI employees disciplined in baby monitor bugging case

necn.com
IOWA CITY, Iowa (AP) — A University of Iowa hospital supervisor abruptly left employment Thursday as the school announced it had disciplined two employees over a plan to use a baby monitor to listen to subordinates' conversations.

Pamela Snider, an office coordinator in the Department of Urology, no longer works for the university, UI Vice President for Strategic Communication Tysen Kendig said. He would not say whether she was one of the two employees disciplined in the case, saying those were confidential personnel matters.

AFSCME Local 12 President John Stellmach had filed complaints with UI Department of Public Safety and human resources officials alleging that Snider told department employees she hid a baby monitor in a secretarial work area to determine whether they were talking too much. Stellmach's complaints alleged department administrator Glenn Kell approved the device's use.

More...

Thursday, March 17, 2011

Protecting critical information assets from industrial espionage

securitypark.co.uk
Organisations have been the target of electronic espionage for as long as information has been held in data format. As business becomes dependent on technology to process, store, transmit and manage information, electronic forms of espionage have sky rocketed. People will always be the weakest link in the battle to protect corporate information and data from attackers.

As the capabilities of security technology improve, hackers are now targeting individuals to get at the electronic information they want – this raises an intriguing mix of problems and issues for today’s corporate security managers

Attacks on businesses are increasingly being committed with a similar modus operandi to corporate espionage carried out by foreign states and state sponsored attackers. With the emergence of global markets and global competition, businesses are now the target of espionage, carried out by competing businesses, states or state-sponsored businesses.

More...

Wednesday, March 16, 2011

UI investigates use of baby monitor on employees

chicagotribune.com
The University of Iowa launched an investigation Tuesday after employees at a medical clinic complained their supervisors used a hidden baby monitor to eavesdrop and determine whether they were talking too much.

Department of Urology workers discovered the monitor hidden on a shelf in a secretarial work area Monday, and one complained to the university's ombudsperson and her union that they considered the monitoring without their knowledge a privacy violation, said AFSCME Local 12 President John Stellmach. An employee took photos showing the monitor turned on sitting next to a package of cotton balls.

The monitor picked up chatter by several secretaries and clerical workers, and the receiver was placed in a supervisor's office, said Stellmach, whose union represents 5,000 university employees. After it was discovered, a supervisor first played it off as a joke and then explained it was set up after another worker complained they were chatting too much and would be in place for a week, Stellmach said. But after employees complained, the monitor was removed later Monday. It was not clear how long it was in place.

More...

Tuesday, March 15, 2011

Hacking of DuPont, J&J, GE Were Undisclosed Google-Type Attacks

businessweek.com

March 9 (Bloomberg) -- The FBI broke the news to executives at DuPont Co. late last year that hackers had cracked the company’s computer networks for the second time in 12 months, according to a confidential Dec. 9, 2010, e-mail discussing the investigation.

About a year earlier, DuPont had been hit by the same China- based hackers who struck Google Inc. and unlike Google, DuPont kept the intrusion secret, internal e-mails from cyber-security firm HBGary Inc. show. As DuPont probed the incidents, executives concluded they were the target of a campaign of industrial spying, the e-mails show.

The attacks on DuPont and on more than a dozen other companies are discussed in about 60,000 confidential e-mails that HBGary, hired by some of targeted businesses, said were stolen from it on Feb. 6 and posted on the Internet by a group of hacker-activists known as Anonymous. The companies attacked include Walt Disney Co., Sony Corp., Johnson & Johnson, and GE, the e-mails show.

More...

Thursday, March 10, 2011

Police Charge Man With 'Wiretapping' Because He Made A Phone Call During Traffic Stop

From the you-can't-be-serious dept..techdirt.com
We've covered the disturbing trend of police, prosecutors and the courts to abuse wiretapping laws to charge people with "wiretapping" for recording police in public. The latest such case is even more ridiculous than most. Found via Slashdot, it involves a guy charged with wiretapping the police during a routine traffic stop, because he made a phone call, to which a voicemail system recorded the call at the other end. The guy who was arrested, William Alleman, had just left a gathering of libertarians, meeting in support of an arrest of a local restaurant owner. The police were apparently waiting outside, and Alleman claims he was followed. As he got pulled over, he called the phone number of an answering service for Libertarian activists who are "in trouble with the police" and then used that to record the call. The police claim this was illegal wiretapping.

This is, of course, patently ridiculous. Recording a police officer as he has stopped you is not and should never be considered a crime.

More...

Watch Where You Put That Thing: Wiretapped Teddy Brings $120K Fine


discovermagazine.com
Tap that teddy bear and pay the price: $120,000. Or at least, that’s what Dianna Divingnzzo and her father, Sam Divingnzzo, are due to pay out after being slapped with federal wiretapping charges.

The fines arose from a custody case over Divingnzzo’s daughter with ex-husband William “Duke” Lewton. After Lewton was awarded unsupervised visitation, Divingnzzo put a recorder inside her daughter’s teddy bear (cutely, if not creatively, named “Little Bear”) to document suspected physical and verbal abuse by Lewton. The recorder taped continuously, while Divingnzzo occasionally copied the files and sent them to her father for transcription.

The Little Bear plan got hairy when Divingnzzo tried to use the material to win back sole custody..

More...

Saturday, March 5, 2011

The Video Surveillance Clock Sees All

coolest-gadgets.com
In this day and age, we have the ability to know everything that’s going on in our lives, even when you’re not there. With the advent of the surveillance camera, we have become privy to whats happening in our streets and shops, or even what our kids are up to while they’re at pre-school. Parking lots, airports, the grocery store, somebody is always watching us. It got me to wondering, whats going on in my house when I’m not home.
This small (2 3/4″ Diam. x 3/4″ D ) analog clock has a built-in, motion-activated video surveillance camera that records both audio and video and takes photographs too, it’s just perfect for checking out the action in a room or office.

The image sensor captures 720 x 480 resolution video in a 62ยบ angle from nine feet away while its sensitive microphone picks up sound from 16′ away. It can also take photographs at 1,280 x 960 resolution.

Included is a 4 GB microSD card that will store up to six hours of AVI video or 52,000 JPG images, it also supports up to an 8 GB microSD card. You can download all the heartwarming content you want to your computer and its rechargeable lithium battery is recharged via USB port and included cable. Compatible with Windows 7, Vista, XP, and Mac.

More...

Friday, March 4, 2011

Corporate intrigue, Corporate espionage...

bizjournals.com

In highly specialized, research-intensive industries, trade secrets can be a company’s key to beating the competition.

For a Boulder manufacturer of hearing implant devices for the deaf, trade secrets became the center of an international legal battle involving allegations of corporate espionage and the raiding of a French company’s research-and-development team.

The civil lawsuit, tried in U.S. District Court in Denver in February, was filed by Neurelec of France against Boulder-based Otologics LLC. Neurelec claimed its former CEO left in anger, taking most of the research-and-development team with him, and later hacked into the company’s computers to find sensitive information ...

Sailor charged with attempted espionage

hamptonroads.com

NORFOLK

A U.S. Navy sailor serving at Fort Bragg was charged Thursday with attempting to sell classified documents.

Petty Officer 2nd Class Bryan Minkyu Martin, 22, of New York, was charged with attempting to forward classified information to a person not authorized to receive such information, a news release from the Navy Region Mid-Atlantic public affairs office said. A court-martial date has not been set, but legal proceedings will take place at the Region Legal Service Office at Norfolk Naval Station.

Martin, an intelligence specialist, was arrested in December while he was assigned to the Expeditionary Combat Readiness Center at Joint Expeditionary Base Little Creek – Fort Story in Virginia Beach. He was preparing to deploy to Afghanistan in support of the Army and had been undergoing training at Fort Bragg in preparation for that deployment.

More...

Thursday, March 3, 2011

Renault says probe into spying claim continues

bbc.co.uk
Carmaker Renault has said that investigations are continuing into possible foreign bank accounts linked to alleged industrial espionage.
However, a lawyer for the French company said there was no clear evidence yet of accounts in either Switzerland or Lichtenstein.

He was responding to reports in France that a police probe into three former managers had so far drawn a blank.

But Jean Reinhart told Europe 1 radio that Renault remains a "victim".

Allegations that Renault was the subject of industrial espionage surfaced in January.

Three Renault managers were sacked amid a flurry of claims in the French media that a Chinese company may have sought secrets about a new electric car.

Beijing categorically denied the suggestion and Renault never confirmed that China was under suspicion.

More...

Former Apple boss prosecuted for industrial espionage

In a move which has sent shockwaves around the mobile phone and computer technology world, it’s been reported that a former Apple boss was prosecuted for industrial espionage.

Paul Devine was global supply manager for Apple, but he sold the company’s secrets to Asian suppliers. This apparently gave the Asian businesses greater negotiating clout with Apple, and which adversely affected Apple’s costs.

A reporter told knowyourmobile.com: “Mr Devine admitted that the loss to Apple from his actions was more than £1.2m.”

Mr. Devine was arrested last August after incriminating emails were found on his computer. The emails appeared to show that he would be willing to provide information in return for being paid.

Paul Devine admitted charges of wire fraud, money laundering and conspiracy and will be formally sentenced shortly.

More...

Tuesday, March 1, 2011

Corporate espionage on the rise...

newsnet5.com

CLEVELAND - The threat of foreign espionage seemingly disappeared with the Cold War. But there is a new spy game in town.

"Now you're talking about economic espionage and that is one of the biggest threats to national security that we have," said Brad Beman, head of the counter intelligence unit for the Cleveland branch of the FBI.

Beman warns that today's spies are just as interested in the office computer as government secrets.

"Other countries that are not necessarily friendly to the United States are gaining out technology and gaining an edge potentially over us," Beman said.

Some of the most dangerous spies don’t work for foreign governments, but for local companies. Employees motivated by revenge, money or patriotism are betraying company secrets, according to the FBI.

More...