Friday, December 28, 2012

Actual Harms To Be Concerned About From Today’s Government Spying Law

“Other than the vague threat of an Orwellian dystopia, as a society we don’t really know why surveillance is bad,” writes Washington University Law Professor, Neil Richards [PDF]. Today, the United State Senate reauthorized a controversial Obama-supported surveillance law, the Foreign Intelligence Surveillance Act of 1978 Amendments Act of 2008 (FISA), which permits intelligence agencies to monitor international communications, sometimes without a warrant and little court oversight.
Civil libertarians are up in arms, but in the face of deadly terrorist threats, does government monitoring actually harm people? Richards’ attempts to argue that brazen government spying does, indeed, have real-world harms, including mass self-censorship and blackmail, and supplies moderately compelling evidence that will appeal to those naturally scared of the government.
Without the Senate’s support, FISA’s powers were set to expire at the end of the year. Fierce FISA critic, Senator Ron Wyden (CrunchGov Grade: A), who released a hold he put on the bill in exchange for limited congressional debate, worries that evidence of government overreach means that FISA could lead to more unnecessary spying. The scope of monitoring and the admitted breaches of the 4th Amendment are themselves shrouded in secrecy. Proponents, such as Representative Lamar Smith, (CrunchGov Grade: F) argue that national security concerns are worth the trade-off.
Under the worst-case scenarios, how could spying from democratic governments actually hurt people in a way that would offset the increased risk of terrorism?

Wednesday, December 26, 2012

Spooks use internet and social media to advertise their skills

HUNDREDS of former and some present Australian spies have posted information about their employment with intelligence agencies on the internet in what security experts have called ''a gift for foreign espionage''.
A survey by Fairfax Media has discovered more than 200 former and present intelligence officers who have disclosed their classified employment in profiles on LinkedIn, other professional networking sites and social media including Facebook and Twitter.
While many former and present officers have disclosed only the fact of their employment by agencies including the top secret Defence Signals Directorate and the Defence Intelligence Organisation, some have revealed significant details about their work.
These include employment at specific intelligence facilities, overseas postings and liaison with allied intelligence agencies, linguistic expertise indicating particular intelligence targets, and involvement with specific issues and information technology systems.
One former officer of the Defence Signals Directorate has illustrated close co-operation between DSD and allied signals intelligence agencies by listing his service with the RAAF's No. 3 Telecommunications Unit at Pearce in Western Australia; the Royal Australian Navy's Shoal Bay Receiving Station near Darwin; postings to Britain's Government Communications Headquarters in Gloucestershire and GCHQ's Composite Signals Station in Cornwall; another posting to the US National Security Agency at Fort Meade, Maryland; and work at the Australian Defence Satellite Communications Station in Geraldton, Western Australia.
Other former Defence Signals Directorate and Defence Intelligence officers have listed postings with counterpart agencies in Canada and New Zealand.

Read more:

Spycam HD Video Pen Camera

Do you feel that the advancements made in the world of video recording has seen us being “treated” to more and more video leaks, especially of celebrities in rather embarrassing or compromising situations? Well, I suppose they had it coming for not being faithful in their relationship or marriage, but that is not what we are focused on today. I would like to bring your attention to a device that turns you into a sleuth of your own, thanks to the discrete looking $39.99 Spycam HD Video Pen Camera that allows you to spy in High Definition glory, and in style, too.
The Spycam HD Video Pen Camera is pretty much self explanatory – it will come with an integrated video camera within the classy looking office pen, and a single battery charge is capable of offering up to 2 hours of recording, with 8GB of storage space being made available to the user. It is a snap to operate, and will be able to hook up to your computer thanks to the built-in USB connector. All video captured will be shown in the AVI format, and if you do not want to capture video, you can always record audio evidence of hanky panky going on, in addition to shooting stills, now how about that?

Sunday, December 23, 2012

Lawsuit Filed in Sears Dressing Room Spy Case

A former Sears maintenance worker spied on women and children for years by secretly filming in women’s restrooms and fitting rooms at a North Hollywood branch and managers turned a “blind eye” to his “outwardly suspicious and highly questionable behavior,” a lawsuit by 25 women and a child alleges.
Alejandro Gamiz, 28, allegedly bought tools and supplies to facilitate his peeping activities, yet no one at Sears noticed him bring these supplies onto the premises or use them, the lawsuit said. Gamiz allegedly frequently pretended to be conducting maintenance work in the women’s restrooms, women’s fitting rooms, air ducts, and crawl spaces at the North Hollywood store, even when no maintenance was required, according to the lawsuit filed in Los Angeles Superior Court on Dec. 12.
Gamiz allegedly took “extended absences” that went unnoticed by Sears staff, court records said.
“Each day he came to work, Gamiz would enter the women’s fitting room, sometimes empty-handed, and spend a substantial amount of time in there, which was recorded by Sears’ own video recording system …" the lawsuit said. “Despite Gamiz’s outwardly suspicious and questionable behavior, and the numerous, glaring 'red flags' his behavior created, Sears never questioned Gamiz's conduct.”
Sears spokesman Howard Riefs said the company denies the allegations.

KGB Admits it Bugged Royal Family

Soviet spies have admitted using bugging devices on the Royal Family and former British Prime Minister Harold Wilson.

Secret agents from the KGB targeted Princess Margaret in the 1960s, attaching listening aids to her lighter, cigarette case, ashtrays and telephones.

According to the Sunday Express, they homed in on the Princess during a trip to Copenhagen, Denmark in 1964.

Until now, Russia has always denied the covert operation, which took place in a hotel, but has now admitted compiling a dossier on the Princess's love affair with Robin Douglas-Home and further relationships with Roddy Llewellyn, Colin Tennant and Dominic Ewes, a painter who later committed suicide.

Spies passed photos, tape recordings and 'most interesting, even scandalous' gossip involving senior royal figures. It is also said agents tried to get information from Margaret's therapist, Kay Kiernan, who also treated the Queen. Intelligence on Prince Phillip was gathered via society osteopath and artist Stephen Ward, who later killed himself at the height of the Profumo affair.

But spies failed in a sting operation on then future leader Harold Wilson, setting up a 'honey trap' for him in a Moscow hotel.

Read more:
Follow us: @MailOnline on Twitter | DailyMail on Facebook

Friday, December 21, 2012

Bank of America, JPMorgan Chase, Wells Fargo hit in latest round of cyberattacks, more threatened

The websites of major U.S. banks are facing a new round of cyber attacks linked to the same group responsible for similar assaults earlier this year.
The latest attacks started last week and have hit Bank of America Corp.SunTrust Banks Inc., JPMorgan Chase & Co., U.S. Bancorp, Wells Fargo & Co. and PNC Financial Services Group Inc., according to two executives at companies providing security to some of the targeted banks, who asked for anonymity because they weren't authorized to discuss clients and didn't want their companies to become targets of computer assaults. PNC was under attack Thursday, the executives said.
A group calling itself Izz ad-Din al-Qassam Cyber Fighters announced plans to attack banks in a Dec. 10 statement posted on the website The same group claimed responsibility for a series of distributed denial-of-service (DDoS) attacks in September and October that flooded bank websites with Internet traffic and caused disruptions and slowdowns for online customers.
"The purpose of it is to try to disrupt or stop online banking access," said Bill Nelson, president of the Financial Services Information Sharing and Analysis Center, which disseminates cyber threat information to the financial services industry.
"There are some outages occasionally, but it hasn't prevented customers from transacting business."
The Izz ad-Din group has said in Internet postings that the cyber attacks are in response to a video uploaded to Google Inc.'s YouTube ridiculing the Prophet Muhammad and offending some Muslims.

Tuesday, December 18, 2012

Employees of Finnish Firm Patria Charged with Bribery, Espionage

HELSINKI — Six employees of Finnish defense group Patria were charged Dec. 18 with bribery and corporate espionage in connection with a Slovenian defense contract for armored vehicles, Finnish prosecutors said.

The six include the former chief executives of the Patria group and its affiliate, Patria Vehicles. Patria signed a contract in 2006 to deliver 135 vehicles to Slovenia, during Prime Minister Janez Jansa’s first term in office. The order was part of Ljubljana’s efforts to modernize its military after joining NATO in 2004.

“The defendants are suspected to have participated in promising or giving of bribes in the shape of commission payments through intermediaries in exchange for (the) actions of Slovenian public officials and military officers,” the Finnish prosecution service said in a statement. “These, among others the prime minister and the deputy chief of general staff for Slovenia, were considered to have leverage in the procurement procedure of the vehicles,” it said.

The alleged bribes were 10 percent of the value of the sale, “which exceeded 160 million euros ($212 million),” it said, noting, however, that only part of the bribes had been paid.

Monday, December 17, 2012

Researcher exposes VoIP phone vulnerability

Note: This should be an alarming article, and wake up call for C-Suite Executives!  When was the last time your company scheduled a Cyber TSCM Sweep? Never?  Contact me, we can help. ~JDL

During the recent Amphion Forum, a conference where device and mobile security experts from different disciplines gather, Ang Cui, a fifth-year grad student from the Columbia University Intrusion Detection Systems Lab, demonstrated how connected devices such as networked printers and voice-over-IP (VoIP) phones can be easily hijacked to give intruders virtually unlimited remote access to extremely sensitive information and allow them to eavesdrop on private conversations.
Using a common Cisco-branded VoIP phone, Cui inserted and then removed a small external circuit board from the phone's Ethernet port -- something Cui asserted could be easily accomplished by a company visitor left unattended for a few seconds -- and starting using his own smartphone to capture every word spoken near the VoIP phone, even though it was still 'on-hook.'
While he did not specify the precise vulnerability, Cui said it allowed him to patch the phone's software with arbitrary pieces of code, and that this allowed him to turn the Off-Hook Switch into what he called a "funtenna." According to Cui, once one phone is compromised, the entire network of phones is vulnerable. Cui later said he could also perform a similar exploit remotely, without the need to insert a circuit board at all.

Thursday, December 13, 2012

Massive bank cyberattack planned

Security firm McAfee on Thursday released a report warning that a massive cyberattack on 30 U.S. banks has been planned, with the goal of stealing millions of dollars from consumers' bank accounts.

RSA startled the security world with its announcement that a gang of cybercriminals had developed a sophisticated Trojan aimed at funneling money out of bank accounts from Chase (JPM, Fortune 500),Citibank (C, Fortune 500), Wells Fargo (WFC,Fortune 500), eBay (EBAY, Fortune 500) subsidiary PayPal and dozens of other large banks. Known as "Project Blitzkrieg," the plan has been successfully tested on at least 300 guinea pig bank accounts in the United States, and the crime ring had plans to launch its attack in full force in the spring of 2013, according to McAfee, a unit of Intel (INTC, Fortune 500). (McAfee was founded by John McAfee, who is wanted for questioning as part of a Belize murder investigation, but he no longer has any ties to the company.)

More here:

Wednesday, December 12, 2012

FBI says retired NAVY man tried Spying for undercover agents

NORFOLK, Va., Dec. 12 (UPI) -- A retired Navy officer in Virginia accused of attempting to pass secrets to FBI agents posing as Russian spies has been denied bond by a federal judge.
Lawyers for Robert P. Hoffman II, 39, of Virginia Beach, told Magistrate Judge Douglas E. Miller undercover FBI agents entrapped Hoffman, setting him up despite an attempt to confess what was happening, The Virginian Pilot of Norfolk, Va., said Wednesday.
The FBI says Hoffman traveled to an eastern European country recently, where his behavior raised red flags, though they wouldn't elaborate on what precisely he did there. They subsequently sent a letter purporting to be Russian agents, asking if Hoffman, a Navy cryptologist for 20 years, would provide "technical assistance."
Hoffman allegedly assembled information about Navy submarines from memory and left them in drop locations specified by the undercover agents. It was unclear whether the undercover agents offered or paid Hoffman but prosecutors said at one point Hoffman made oblique references to killing people for money, the newspaper reported.

Read more:

Tuesday, December 11, 2012

Many Doctors Don’t Secure Medical Devices From Hackers, Study Finds

Your doctor’s office likely doesn’t have any digital security for its mammography machines, heart pumps and other devices that are vulnerable to hacking, according to a new study.
In a survey of 80 health care organizations in the U.S., the Ponemon Institute found that nearly three-quarters said they don’t secure their medical devices, even though they contain sensitive patient data. The organizations were not named.
“This finding may reflect the possibility that they believe it is the responsibility of the vendor — not the health care provider — to protect these devices,” said the report by Ponemon, an independent research organization.
The results point to a new danger to patients’ privacy at a time when medical providers are moving toward electronic records and the sharing of files on so-called health information exchanges.
The digital risks for health care firms are growing. Hacking attacks against medical providers are becoming more frequent and breaches are getting more expensive, Ponemon found. Ninety-four percent of respondents said they had at least one data breach in the past two years, up from 86 percent in 2010. Many breaches cost the organizations more than $1 million.
More here:

Friday, December 7, 2012

Reports of Rampant Spying Amongst Chinese Officials

What a surprise! Can you believe it! ;-)

The Southern People Weekly magazine reported this week about a man who helps Chinese officials become bug-free. No, not bedbugs. The kind of bugs that can listen in on conversations and secretly videotape their lives. The article has generated considerable interest on the Chinese Internet, following recent exposés of officials caught in compromising positions with young girls. 
According to the Southern magazine, the man, known as Qi Hong, has removed more than 300 bugs from the cars, offices and bedrooms of more than 100 Chinese officials in 2011. In his busiest week, more than 40 were uncovered.
It’s hard to say who put the spy devices there, but the usual suspects include spouses, lovers and fellow communist comrades. 
To protect their private conversations, Qi Hong told reporters that officials would give each other pat downs—disguised as an embrace—to check for bugging devices. 

More here:

Thursday, December 6, 2012

Ex-Navy Sailor Charged In Espionage Sting

A former Navy sailor was arrested Thursday morning on charges he attempted to provide classified information to undercover FBI agents he believed were Russian representatives.
Robert Patrick Hoffman II, 39, of Virginia Beach, Va. was indicted on attempted espionage charges on Wednesday. Hoffman spent 20 years in the Navy and retired on Nov. 1, 2011, according to the Justice Department. The indictment alleged that Hoffman attempted to deliver classified documents revealing national security information to the undercover agents on Oct. 21. The documents revealed methods the Navy used to track U.S. submarines, according to the indictment. Hoffman is due in court in the Eastern District of Virginia at 2:30 p.m.

An Espionage Expert's Outrageous Spy Lair

Note: Take a look at my old friend, Keith Melton's Spy Lair. I'd say he's done pretty well for himself ;-) Hey Keith, still have that
"deer gun" I gave you about 30 years ago? ~JDL
H. Keith Melton is a man of espionage. He is the author of more than 25 nonfiction works on covert activities (including The Ultimate Spy Book ) and by far the world’s largest private collector of spy memorabilia . Even his spectacular Boca Raton house has the air of hiding secrets. Nestled at the end of a prosperous but rather generic cul-de-sac in a gated south Florida subdivision, Melton’s house hardly stands out at curbside from the neighborhood. But looks, as any clandestine operative knows, can be creatively deceiving.
To meet the 68-year-old author in his lair is to be ushered not just into his home but also into his powerful preoccupations. The room where we meet, for instance, was once a staid ballroom. No longer: The walls, the ceilings, even the wet bar are honed from gleaming, hand-hammered stainless steel stretching across 1,350 square feet. Metal craftsmen, recruited from the commercial side of the construction trade, fashioned the bolts holding the silvery sheets in place from the same metal. “The design inspiration for this room is the nose cone of a zeppelin,” Melton informs me, as we sink into plush black leather chairs designed after those that once graced Walt Disney‘s office.

Wednesday, December 5, 2012

Top secret MI6 counter-terror intelligence feared stolen

MI6 intelligence on counter- terrorism operations may have been stolen by a rogue Swiss official, it emerged last night.
Security chiefs in the UK have been warned that hugely sensitive information they provided to the NDB, Switzerland’s spy agency,  could have been ‘compromised’.
Hundreds of thousands of pages of classified documents were copied by a senior IT technician for the NDB, which he then copied for himself on to portable storage devices carrying them away in a backpack.

Swiss officials believe the suspect intended to sell the stolen data and have alerted both MI6 and America’s CIA.
The information was shared between Britain, Switzerland and the United States and the CIA has also been warned about the risk.
The technician, whose name has not been made public, was arrested by Swiss authorities last summer.
He was later released from prison while a criminal investigation by the office of Switzerland's Federal Attorney General continues.
A European security source said it is believed the IT worker became disgruntled when he felt his advice on operating the data systems was not being taken seriously. 
The technician downloaded hundreds of thousands, or even millions, of printed pages of classified material from the Swiss intelligence service's servers onto portable hard drives.

Read more:

Everyone in US under virtual surveillance' - NSA whistleblower

The FBI records the emails of nearly all US citizens, including members of congress, according to NSA whistleblower William Binney. In an interview with RT, he warned that the government can use this information against anyone.
Binney, one of the best mathematicians and code breakers in the history of the National Security Agency, resigned in 2001. He claimed he no longer wanted to be associated with alleged violations of the Constitution, such as how the FBI engages in widespread and pervasive surveillance through powerful devices called 'Naris.'
This year, Binney received the Callaway award, an annual prize that recognizes those who champion constitutional rights and American values at great risk to their personal or professional lives.

Sunday, December 2, 2012

Counterintelligence Awareness

The FBI vigilantly investigates cases of industrial espionage and theft of intellectual property, but the Bureau also places great emphasis on preventing such crimes by educating industry on ways to keep trade secrets safe. One such innovative program in North Carolina’s Research Triangle is a collaborative effort with other federal partners called RED DART.

The threat to America’s trade secrets—and to our national security—is real, whether it comes in the form of international spies, hackers probing online security systems, or disgruntled employees out for revenge. RED DART seeks to mitigate the threat by raising counterintelligence 

Through briefings to cleared defense contractors and others in technology-rich North Carolina, RED DART makes executives and employees aware of how counterintelligence works and how they can spot suspicious activity both inside and outside their companies.

More here: