Friday, March 30, 2012

Securing Your Company's Videoconferencing System
Could hackers use your company's videoconferencing equipment to spy on your meetings? Yes, quite possibly – but it's easy to prevent. Here's how to lock down your system right now.

Over the past six years, high-definition videoconferencing systems have become increasingly ubiquitous in corporate boardrooms and meeting rooms.  The benefits of videoconferencing – productivity gains, cost savings, competitive advantage, and more – have long been obvious. But, until recently, the associated security risks have not received much attention.
That changed two months ago, when security researchers at Rapid7 went public with an analysis of significant vulnerabilities in corporate videoconferencing systems. According to Rapid7 researchers HD Moore and Mike Tuchen, those vulnerabilities could allow attackers to eavesdrop on confidential meetings, read documents sitting on a conference room table, or even zoom in to record keystrokes (such as passwords) typed by meeting participants on their laptops.
The vulnerabilities, which were picked up and publicized by The New York Times and Wired, boiled down to two primary issues: "A large portion of video conferencing equipment is connected to the Internet without a firewall and is configured to automatically answer incoming video calls," the Rapid7 researchers wrote in a blog post. "This allows a remote intruder to monitor both audio and video information, often with little or no indication to the target."
So what can companies do to prevent such attacks?

Report details successful China-based cyber-espionage

Online security company Trend Micro releases report uncovering ongoing campaign of infiltrating industrial sites in Japan and India and also targeting Tibetan activists.

Hackers based in China have carried out 90 attacks on targets in Japan, India, and Tibetan activists in a cyber-espionage campaign started last year, according to a report.
Trend Micro today released an analysis of the Luckycat campaign, which it traced back to a command-and-control center in China. The attacks are part of an organized effort, rather than random hacks, and have compromised 233 computers, according to the report.
The New York Times today reported the attacks can be traced back to a specific individual, a former graduate student in China who may have recruited others to work on the Luckycat campaign.
The attackers targeted a number of Japanese and Indian industrial sites working in aerospace, enginery, engineering, shipping, and military research.
Computers were infected with malware by enticing e-mail recipients to open attachments, according to the Times article.

'Massive' Credit Data Breach

A data breach at a payments processing firm has potentially compromised credit and debit card information from all of the major card brands, representatives from MasterCard and Visa said on Friday.
News of the breach was first reported by the widely read security blog Krebs on Security. That article said the breach was "massive," and could involve more than 10 million card numbers.
The Wall Street Journal followed up with an article saying that processor Global Payments is the vendor that was breached. Global Payments shares fell 9% before trade was halted.
A representative of Global Payments did not immediately respond to a request for comment. The extent of the breach, and what kind of information was compromised, has not been confirmed.
"I've spoken with folks in the card business who are seeing signs of this breach mushroom," Gartner analyst Avivah Litan wrote Friday in a blog post.
Her sources say the hackers have begun using some of the card data they stole, Litan added.
MasterCard said it has alerted payment card issuers "regarding certain MasterCard accounts that are potentially at risk."
The company also said the breach is the subject of an ongoing forensic review by an independent data security organization.

Wednesday, March 28, 2012

'Every major company in the U.S. has been hacked by China' | The former U.S government security chief whose warnings of a 'spectacular' Al Qaeda attack were ignored by the White House in the run up to 9/11 has delivered another stark warning.
Richard Clarke claims that every major company in the U.S. has already been penetrated by Chinese hackers looking to steal military and financial secrets. 
'I’m about to say something that people think is an exaggeration, but I think the evidence is pretty strong. Every major company in the United States has already been penetrated by China,' Clarke said in an interview in Smithsonian magazine. 
Clarke claims that Chinese-made computing equipment used by the U.S. could be 'contaminated' with 'logic bombs' and 'trojan horses' which could allow Chinese hackers a 'back door' into the American war machine.


Tuesday, March 27, 2012

iPads, Laptops Stolen From Romney Aides' SUV

Note: Eavesdropping "collection" methods do not always include the use of electronic gizmos...Far to often the obvious methods are overlooked... JDL

Stolen Items May Have Valuable Information For Opponents Of GOP Presidential Candidate Mitt Romney

10News has uncovered a crime against members of Mitt Romney's presidential campaign which may have compromised sensitive information related to Romney's run for the White House. Last Friday, two campaign aides left their rented SUV in the Horton Plaza parking garage while they got dinner. When they returned, someone had grabbed all their belongings, including two iPads, two handheld radios and two laptops with detailed information about Romney's presidential campaign.
"This could just be a coincidence," said political analyst Carl Luna. "Then again, given this campaign season and how negative it's been, dirty tricks are not alien to American politics."
Police said there was no sign of forced entry on the SUV and they are still not sure if the burglary was random or if Romney's aides were targeted. Luna said the laptops and iPads could be a treasure trove of valuable insider information for Romney's opponents.


Monday, March 26, 2012

Obama Caught Dealing with Russian President on Hot Mic

Note: Not even The President of The United States of America gets a pass for eavesdropping or better yet, "bugging" himself!  JDL

The exchange:
President Obama: On all these issues, but particularly missile defense, this, this can be solved but it’s important for him to give me space.
President Medvedev: Yeah, I understand. I understand your message about space. Space for you…
President Obama: This is my last election. After my election I have more flexibility.
President Medvedev: I understand. I will transmit this information to Vladimir.


Thursday, March 22, 2012

GovSec Expo to Showcase Cutting-Edge Products for Homeland Security, First Responders and CyberSecurity

FAIRFAX, Va., Mar 22, 2012 (BUSINESS WIRE) -- Hundreds of cutting-edge products and services for homeland security and cybersecurity professionals, and first responders will be on display at GovSec -- the Government Security Conference & Expo featuring the U.S. Law Enforcement Conference & Expo -- taking place April 3-4 in Washington, D.C. The GovSec expo is free to attend for qualified individuals.
“Our exhibitors are on the leading-edge of developing and supplying the tools that security professionals at all levels can use to improve their effectiveness in preparing for and protecting critical infrastructure, their communities and the homeland from cybercrime, cyberterrorism and domestic and international terrorism,” said Don Berey, event director at GovSec. “The GovSec expo is the destination where federal, state and local agencies can come to see the newest products and services available from top vendors to the physical security, cybersecurity and law enforcement communities.”
More than two-thirds of GovSec’s exhibitors have submitted featured products that are highlighted on the GovSec website.

Ultra-fast camera that can see around corners

Scientists at the Massachusetts Institute of Technology have developed a camera that can see around corners by making sense of scattered laser light.
Scientists at the Massachusetts Institute of Technology (MIT) in Cambridge have succeeded in creating an ultra-fast camera that can see around corners.
This particular device, however, hasn’t been designed with the Flickr community in mind, enabling amateur photographers to take pictures over high walls. Instead, it may be utilized by the military, once work on it is complete. It could also be useful in inaccessible locations, such as an area that’s been contaminated, or be used to build up an image of a place that’s hard to enter because of various physical obstacles.
A video by science journal Nature (check it out at the end of the article) explains that the special camera works by constructing images from light waves that are bounced off surfaces, such as walls, close to the out-of-sight object.

Hacktivists nab more data than CYBER-CROOKS in 2011

Hacktivism had a massive effect on the overall data breach scene last year.
More than half (58 per cent) of data stolen last year can be attributed to hacktivism – hacking to advance political and social objectives – according to the latest edition of theData Breach Investigations report from Verizon.  The figures contrast sharply with findings from previous years, when the majority of attacks were carried out by cybercriminals, whose primary motivation was financial gain.
Seventy-nine per cent of attacks covered by Verizon's report were opportunistic. Only 4 per cent of the overall total were rated as particularly challenging for hackers to carry out. In addition, an estimated 97 per cent of breaches might have been avoidable without recourse to difficult or expensive countermeasures.
Wade Baker, director of risk intelligence at Verizon, told El Reg that 44 per cent of the attacks exploited default or easily guessable credentials. However he qualified this remark by saying that default passwords were a far greater problem in hacks involving smaller organisations.
Breaches originated from 36 countries around the globe, an increase from 22 countries during 2010. Nearly 70 per cent of breaches originated in Eastern Europe and less than 25 per cent originated in North America.


Wednesday, March 21, 2012

Singapore 'attractive target for espionage, foreign subversion'

SINGAPORE - Even as the threat of terrorism persists post-911, the concurrent internal security "threats of espionage and foreign subversion are just as salient today as during the Cold War", said Deputy Prime Minister Teo Chee Hean yesterday. Mr Teo, who is also Home Affairs Minister, noted that Singapore is situated "at the crossroads where the spheres of influence of major powers intersect" and also "an open society in a highly globalised world", which makes the country "an attractive target for espionage and foreign subversion", even by "friendly nations".
Speaking at the 10th anniversary of the Internal Security Department's (ISD) Heritage Centre, he noted 
that a Singaporean Embassy staff member in Moscow was compromised and worked for the 
Soviet Union against Singapore's interest during the height of the Cold War. During the 1990s, 
the ISD dealt with "several cases" of espionage involving friendly nations. "The adage that "there 
are no permanent friends, only permanent interests" rings true," said Mr Teo.


Friday, March 16, 2012

The CIA wants to spy on you through your TV

When people download a film from Netflix to a flatscreen, or turn on web radio, they could be alerting unwanted watchers to exactly what they are doing and where they are.
Spies will no longer have to plant bugs in your home - the rise of 'connected' gadgets controlled by apps will mean that people 'bug' their own homes, says CIA director David Petraeus.
The CIA claims it will be able to 'read' these devices via the internet - and perhaps even via radio waves from outside the home.

Everything from remote controls to clock radios can now be controlled via apps - and chip company ARM recently unveiled low-powered, cheaper chips which will be used in everything from fridges and ovens to doorbells. 
The resultant chorus of 'connected' gadgets will be able to be read like a book - and even remote-controlled, according to CIA CIA Director David Petraeus, according to a recent report by Wired's 'Danger Room' blog.
Petraeus says that web-connected gadgets will 'transform' the art of spying - allowing spies to monitor people automatically without planting bugs, breaking and entering or even donning a tuxedo to infiltrate a dinner party. 
'Transformational’ is an overused word, but I do believe it properly applies to these technologies,' said Petraeus.
'Particularly to their effect on clandestine tradecraft. Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters -  all connected to the next-generation internet using abundant, low-cost, and high-power computing.'
Petraeus was speaking to a venture capital firm about new technologies which aim to add processors and web connections to previously 'dumb' home appliances such as fridges, ovens and lighting systems.

Thursday, March 15, 2012

FBI Tells Corporate Execs To Defend

"J.P. Morgan reports that worldwide e-commerce sales are expected to increase from $573 Billion in 2010 to nearly $1 Trillion in 2013. Each year, cybercriminals and thieves steal terrabytes of data, intellectual property worth billions, expose an average of 260,000 personal identities per data breach, and cost organizations approximately $7.2M per data breach event. Symantec reported that this past summer, 29 chemical companies, including multiple Fortune 100 companies, were subject to computer attacks that sought to extract data on formulas and manufacturing processes." Dr. Regina E. Dugan brought these unfortunate statistics to the attention of the DARPA Cyber Colloquium in November of last year. At the same time she reminded them of several attacks tracing back to government organizations in Russian and China. It would appear they listened. DARPA reported, Monday, that they are increasing they cyber research budget by $88M in FY2012 and intend to increase the amount another 4% of it's top line budget over the next 5 years. 


Wednesday, March 14, 2012

The New Face of Corporate Espionage

Over the past five years, a highly sophisticated team of operatives have stealthily infiltrated more than 70 U.S. corporations and organizations to steal priceless company secrets. They did it without ever setting foot in any victim’s office. Sitting at undisclosed computers, they could be anywhere in the world.
This is the new face of corporate espionage. Thieves whose identities are safely obscured by digital tradecraft rather than a ski mask, are robbing companies of the ideas that are the source of American ingenuity.
We now rely on the Internet to do business, supply communities with power and water, communicate with loved ones and support our troops on the battlefield. Our digital infrastructure is part of our country’s lifeblood. Individual consumers, government agencies and small and large businesses are all increasingly vulnerable to growing threats.
However, there is another reason to care about Internet security that is less known: protecting U.S. competitiveness and jobs in the global economy.
In the coming weeks, Congress has an opportunity to do just that. As we mark National Consumer Protection Week — a time for consumer advocacy groups, private organizations and agencies at every level of government to highlight the ways individuals and families can protect themselves from scams, fraud and abuse — we are reminded of the role we each play in defending ourselves from online attacks and in securing cyberspace.
U.S. companies use information networks to create and store their unique ideas. The ideas power our economic growth. Every day, the networks of these companies, from large corporations to small businesses, are targeted by criminal organizations and nation-state thieves for these trade secrets.

The Complicated World of Corporate Espionage
Corporate espionage used to be rather straightforward – as the typical Coke-Pepsi textbook example illustrates, in which each tries to steal the other’s recipe for sugared water. It is a crime when someone steals company data/trade secrets and passes it to a business rival. 

Well, yes -- but not quite, in the case a series of court decisions in the United States that complicate the issue considerably. One involves a former Goldman Sachs computer programmer, Sergey Aleynikov, a Russian who immigrated to the United States in 1991 and who was arrested by FBI agents on July 3, 2009, at Newark International Airport. 

Aleynikov was subsequently jailed in December 2010 for stealing code from Goldman Sachs’ high-frequency trading platform, a lucrative new segment of Wall Street that uses complex computer algorithms to convert minute price discrepancies into quick profits through rapid fire trades. He had served one year of his eight-year sentence when he was freed by the Court of Appeals for the Second Circuit in New York in mid-February.

The court offered no explanation for overturning his conviction other than stating an opinion would be issued “in due course,” according to The New York Times.

Aleynikov allegedly stole the source code used in driving those high frequency trades at his employer prior to joining a new competitor, with plans to set up a similar trading platform – he allegedly uploaded the code onto a computer server in Germany, encrypted and downloaded it into his home computer, laptop and memory stick and took the data with him when he joined the new company.


Monday, March 12, 2012

NATO Commander Facebook Pages Used In Spying Attempt

A fake Facebook account set up in the name of NATO’s supreme allied commander was allegedly used by spies in an attempt to swipe personal information from military personnel and various other top secret information, according to multiple news reports published over the weekend.
According to Nick Hopkins of The Observer, falsified social networking pages supposedly belonging to Admiral James Stavridis is believed to have been coordinated by Chinese espionage agents who had hoped to trick his friends and family members into revealing private information — either about him or about themselves.
Telegraph Investigations Editor Jason Lewis reported Saturday that senior British military officers and members of the UK Ministry of Defense are believed to have been among those to accept “friend requests” from a fake Stavridis Facebook account.
“They thought they had become genuine friends of NATO’s Supreme Allied Commander — but instead every personal detail on Facebook, including private email addresses, phone numbers and pictures were able to be harvested,” he continued, adding that while officials are “reluctant” to identify the source of the espionage attempt, that the Telegraph “has learned that in classified briefings, military officers and diplomats were told the evidence pointed to ‘state-sponsored individuals in China.’”

Tuesday, March 6, 2012

Revealed: Technical Surveillance Threats

Revealed: Technical Surveillance Threats

Spy Cam 101

Not long ago while on assignment, I was asked "How many times do you actually find technical surveillance threats?"
My answer was "Well, I would tell you but then I would have to...." Just kidding,  The real answer is more often than you would think..
Although, not every technical surveillance threat involves finding a device. It can also can mean discovering a technical surveillance vulnerability. Like for instance, the allowance of cellular devices (w/ cameras) or iPads in conference rooms and during high level meetings. Or, the allowance of digital recorders within these areas, just to name a few.

It's not always "James Bond" spy gear that turns up during a sweep.

But every now and then, I still discover a "surprise" that may (or may not) have been left behind...on purpose.

For example, take this pen & pencil holder discovered during the wee hours of the morning while sweeping the "Presidential Suite" of one of our clients facilities.

Plain looking enough, but take a closer look... Through our Thermal Imaging Camera... Notice that hot spot? So did we...It turned out to be a hardwired Spy cam, with audio....Here's another look..

This was only one of the technical surveillance threats found during this assignment. Yes, you heard me right, only one of several threats found...

So, the short answer is YES, technical surveillance threats (although crude) like the above are used for intel collection purposes by your adversaries. i.e.; disgruntled employee, competitor, corp spy, eavesdropper, etc.
So be aware, these types of surveillance threats could be lurking closer than you might think...

If you don't mind me asking, When was your last TSCM Sweep?  Not Sure?  Contact Me here. I can help.

Stay tuned for the next "reveal"....JDL

Unmasking the world’s most wanted hacker

EXCLUSIVE: It was one of the hottest days of the year and evening temperatures were still sweltering when two FBI agents wearing bulletproof vests under their dark suits climbed the stairs of the Jacob Riis housing complex in New York’s Lower East Side on June 7, 2011. Drenched in sweat, they knocked on the steel door of a sixth-floor unit. It swung open to reveal a man in his late twenties wearing jeans and a white T-shirt.
“I’m Hector,” he said.
The agents were suddenly face-to-face with “Sabu,” the computer genius they had stalked for months, a quarry so elusive they hadn’t pinned down his identity and location until just weeks before. The suspected ringleader of the Anonymous offshoot group LulzSec, Hector Xavier Monsegur and his web minions had just completed a month-long reign of terror, hacking the CIA, Fox, Sony and several financial institutions, causing, according to some estimates, billions of dollars in damage around the world.
The nondescript public housing unit seemed an unlikely nerve center for one of the world’s most wanted criminal masterminds, but the 28-year-old Monsegur himself is a study in such contradictions. An unemployed computer programmer, welfare recipient and legal guardian of two young children, Monsegur did not go to college and is a self-taught hacker. Although his skills and intellect could command a lucrative salary in the private sector, those who know him say he is lazy, an underachiever complacent with his lifestyle.

Monday, March 5, 2012

NASA lost 'full control' to hackers, pwned 13 times last year

Cybercrooks broke into NASA's computer systems 13 times last year gaining "full functional control" of important systems in the worse cases, according to the testimony before the US Congress by the space agency's inspector general.
Paul Martin told a Congressional panel on information security at the space agency that NASA spent $58m of its $1.5bn annual IT budget on cyber security. The space agency has long been a prestige target for hackers of various skill levels and motivations, including profit-motivated malware distributors (cybercrooks) and intruders thought to be in the pay of foreign intelligence services.
Poorly implemented security policies mean that these attacks were often successful. In 2010 and 2011, NASA reported 5,408 computer security incidents that resulted in the installation of malicious software on or unauthorised access to its systems, Martin testified (PDF) before the US House Committee on Science, Space and Technology last Wednesday.
Some of these intrusions have affected thousands of NASA computers, caused significant disruption to mission operations, and resulted in the theft of export-controlled and otherwise sensitive data, with an estimated cost to NASA of more than $7m.
In the most serious of these incidents, hackers gained control of systems at NASA's Jet Propulsion Laboratory. The attack was traced back to IP addresses in China, Martin explained. Another of the most serious APT (advanced persistent threats) that hit NASA last year resulted in the extraction of user credentials from 150 space agency workers.