Wednesday, November 27, 2013

Tips for Selecting the Best Technical Surveillance Counter Measures Cyber TSCM Expert

Selecting the services provided by a competent, trust-worthy Technical Surveillance Counter Measures, Cyber TSCM Service Provider, can be a difficult decision. But, equipped with the right information, you can be assured to identify the right candidate for your assignment.

How can you identify the best TSCM service provider for your needs? Below you will find a few useful questions that you always need to ask, in order to make the correct decision:

● Ask for verifiable information on the candidates’ training & experience. If you are trying to protect highly sensitive information at all costs, then you definitely need to hire a Cyber TSCM expert with years of professional experience in this field of activity, who has already verifiably demonstrated his/her skills both on a national and global level. Always ask for proof of training & experience, training certificates and references. Counterintelligence training is a definite plus, or professional TSCM training at one of the very few recognized schools or institutions, for example. This will ensure you select the most skilled candidate for your needs.

● After completing this phase, it is crucial to find out if the service provider you have chosen is both licensed & insured. Opt for a candidate who can show you his/her valid business license, and professional liability insurance. Don’t make any kind of compromises that you might end up regretting.

More here.

NSA Spying May Cost U.S. Companies $35 Billion

Network spying could discourage $35 billion in cloud-computing sales through 2016

International concern about digital spying by the National Security Agency could make it difficult for U.S. companies to gain customers in the growing cloud-computing business, and could cost them up to $35 billion through 2016.
European cloud computing businesses could gain customers by portraying themselves as less vulnerable to data requests and spying than U.S. companies, according to a report from the Information Technology and Innovation Foundation, which called for greater transparency about government monitoring to combat this perception.
If the U.S. loses about 10 percent of foreign business to European or Asian competitors and keeps its projected domestic market share, American cloud-computing providers might lose $21.5 billion over the next three years, explained Daniel Castro, the senior analyst at ITIF who wrote the report.
"On the high end, U.S. cloud computing providers might lose $35.0 billion by 2016," Castro said in the report. "This assumes the U.S. eventually loses 20 percent of the foreign market to competitors and retains its current domestic market share."

Egypt says it nabbed espionage ring

CAIRO, Nov. 27 (UPI) -- Egypt said it arrested 17 suspects, including diplomats, who allegedly spied for the United States and Mossad, Israel's intelligence agency, officials said.
Seventeen suspects who allegedly belonged to three spy networks were recently captured, Egyptian intelligence sources told the Arabic language Ma'an News Agency Tuesday.
The suspects include foreign diplomatic staff that operated out of their countries' embassies in Cairo, the report said. Some of the suspects are European passport holders of African descent. Some of the information gathered by suspects was sent via diplomatic mail back to their countries.
The suspects compiled information on the political and economic situation in Egypt as well as details of the army's movements, including photographs of military installations and locations where the military is deployed, the sources alleged.
Some of those arrested claimed they were conducting research in the country and denied carrying out espionage, the report said. However, Egyptian authorities alleged phone records of some of the suspects proved otherwise.

More here.

The SBU's white eavesdropping mini-van

The Security Service of Ukraine, the nation’s intelligence agency, has its white mini-van back, courtesy of the Berkut anti-riot police officers.
Demonstrators seized the van during a protest rally on the evening of Nov. 25, suspecting that it contained sophisticated equipment for eavesdropping on telephone conversations of protest leaders.
The taking of the van prompted clashes last night between police and protesters. After a 30-minute standoff, punctuated by fighting, the demonstrators recovered evidence from the van and the police reclaimed it.
Opposition lawmaker Mykola Kniazhytsky posted a picture of a passport, car tag numbers and what he said were technical listening devises found in the van on his Facebook page. Opposition leaders promised to analyze the recordings and release their findings.
Equipment believed to be listening devices found in the white mini-van that 
SBU officers were using while parked near European Square.

That left officials trying to explain what the van was doing at the protest site.
Kyiv’s Interior Ministry said they received an emergency call alleging that the van of the SBU, as the intelligence agency is known, was mined with an explosive device. It would be ironic, since the SBU said the van’s purpose at the rally was to check for bombs. However, in a separate statement, the SBU on Nov. 26 said their officers were using equipment inside the van to check for radio channels that could be used to set off a bomb in the crowd. They also said that five agents were working inside.

Tuesday, November 26, 2013

Spies worry over "doomsday" cache stashed by ex-NSA contractor Snowden

(Reuters) - British and U.S. intelligence officials say they are worried about a "doomsday" cache of highly classified, heavily encrypted material they believe former National Security Agency contractor Edward Snowden has stored on a data cloud.
The cache contains documents generated by the NSA and other agencies and includes names of U.S. and allied intelligence personnel, seven current and former U.S. officials and other sources briefed on the matter said.
The data is protected with sophisticated encryption, and multiple passwords are needed to open it, said two of the sources, who like the others spoke on condition of anonymity to discuss intelligence matters.
The passwords are in the possession of at least three different people and are valid for only a brief time window each day, they said. The identities of persons who might have the passwords are unknown.
Spokespeople for both NSA and the U.S. Office of the Director of National Intelligence declined to comment.
One source described the cache of still unpublished material as Snowden's "insurance policy" against arrest or physical harm.
U.S. officials and other sources said only a small proportion of the classified material Snowden downloaded during stints as a contract systems administrator for NSA has been made public. Some Obama Administration officials have said privately that Snowden downloaded enough material to fuel two more years of news stories.

"The worst is yet to come," said one former U.S. official who follows the investigation closely.

Monday, November 25, 2013

Mavis Batey dies at 92; renowned code-breaker for Britain in WWII

MAVIS BATEY, 1921 - 2013
Renowned British code-breaker

Among Bletchley Park's brilliant decoders, Mavis Batey stood out. Her work led to a British victory over the Italian navy, and she was the first to crack the German spy service's code.
Fifty miles north of London lies Bletchley Park, a railway town during World War II that had few, if any, sights to recommend it. It was here, to a rundown estate on the other side of the tracks, that 19-year-old Mavis Batey was dispatched in the spring of 1940.
As Hitler's forces advanced across Europe, encoded messages from Panzer divisions, U-boats and even the German high command were being intercepted and relayed to the men and women at Bletchley Park, whose job was to break the German code and help Britain and its allies outwit the Axis powers.

Batey, a college student studying German linguistics, became one of Bletchley Park's nimblest decoders. She decrypted a message that led to a stunning British victory over the Italian navy in the Mediterranean. 
She also was the first to crack the secret messages of the Abwehr, the German intelligence service, a breakthrough that helped ensure the success of the D-day landings.

"She was the last of the great break-in experts…who broke codes or ciphers that no one else had ever broken," said British historian Michael Smith, who wrote several books on Bletchley Park. "She was a remarkable woman and someone I will never forget, nor will anyone who ever met her."

More here.


NSA infected 50,000 computer networks with malicious software

The American intelligence service - NSA - infected more than 50,000 computer networks worldwide with malicious software designed to steal sensitive information. Documents provided by former NSA-employee Edward Snowden and seen by this newspaper, prove this.
A management presentation dating from 2012 explains how the NSA collects information worldwide. In addition, the presentation shows that the intelligence service uses ‘Computer Network Exploitation’ (CNE) in more than 50,000 locations. CNE is the secret infiltration of computer systems achieved by installing malware, malicious software.
One example of this type of hacking was discovered in September 2013 at the Belgium telecom provider Belgacom. For a number of years the British intelligence service - GCHQ – has been installing this malicious software in the Belgacom network in order to tap their customers’ telephone and data traffic. The Belgacom network was infiltrated by GCHQ through a process of luring employees to a false Linkedin page.

Saturday, November 23, 2013

How Edward Snowden Escalated Cyber War With China

For more than a decade, a relentless campaign by China to steal valuable, confidential information from United States corporations flourished with barely a peep from Washington. And now it might never be stopped.
The secret online assault was well-understood by the last two administrations. The program's scope was confirmed in a 2009 classified inquiry that discovered Chinese hackers - many of them traced to facilities connected to the People's Liberation Army - had penetrated not only all of the corporate computer networks analyzed, but also every examined computer system used by state or federal agencies.
Still, the State Department warned - as it had for years - that publicly confronting China over its online economic warfare would damage relations with Beijing, so American government statements about the hacking did not disclose the scope of China's efforts. It was not until October 2011 that the Obama administration pulled back the curtain a bit on a single page of a little-noticed public report by the Office of the National Intelligence Executive. But that muted warning bell did nothing to slow the hacking or to create greater concern on Capitol Hill, and Washington's demands that China rein in its hacking continued to be delivered quietly in diplomatic tête-à-têtes.

Friday, November 22, 2013

Chinese hackers spying on American cloud

With the National Security Agency spying on pretty much everyone inside and out of this country, we can't be too surprised, or offended, to find out that other countries are spying on us.
Besides, the cloud is such a tempting target.
According to the U.S.-China Economic and Security Review Commission's annual report to Congress, "strong evidence has emerged that the Chinese government is directing and executing a large-scale cyber espionage campaign against the United States."
The 465-page report goes on to explain that these practices "may present cybersecurity risks for U.S. users and providers of cloud computing services." China's willingness to combine commerce with spying "represents a potential espionage threat to foreign companies that might use cloud computing services…the Chinese government one day may be able to access data centers outside China through Chinese data centers."
The report also explains that "China’s Ministry of State Security (MSS), the country’s main foreign intelligence collection agency, is closely connected with the Chongqing Special Cloud Computing Zone." This relationship "represents a potential espionage threat to foreign companies that might use cloud computing services provided from the zone or base operations there."
Yet according to a Bloomberg article by Chris Strohm, "The report fails to cite any examples of the Chinese government using [cloud] technology in attacks."

Thursday, November 21, 2013

Spooky Business: A New Report on Corporate Espionage Against Non-profits

WASHINGTONNov. 20, 2013 /PRNewswire-USNewswire/ -- Giant corporations are employing highly unethical or illegal tools of espionage against nonprofit organizations with near impunity, according to a new report by Essential Information.  The report, titled Spooky Business, documents how corporations hire shady investigative firms staffed with former employees of the Central Intelligence Agency (CIA), National Security Agency (NSA), US military, Federal Bureau of Investigations (FBI), Secret Service and local police departments to target nonprofit organizations.
"Corporate espionage against nonprofit organizations is an egregious abuse of corporate power that is subverting democracy," said Gary Ruskin, author of Spooky Business. "Who will rein in the forces of corporate lawlessness as they bear down upon nonprofit defenders of justice?"
Many of the world's largest corporations and their trade associations -- including the U.S. Chamber of Commerce, Walmart, Monsanto, Bank of America, Dow Chemical, Kraft, Coca-Cola, Chevron, Burger King, McDonald's, Shell, BP, BAE, Sasol, Brown & Williamson and E.ON –  have been linked to espionage or planned espionage against nonprofit organizations, activists and whistleblowers.
Many different types of nonprofit organizations have been targeted with corporate espionage, including environmental, anti-war, public interest, consumer, food safety, pesticide reform, nursing home reform, gun control, social justice, animal rights and arms control groups. 

Friday, November 15, 2013

SC DJJ employee charged with wiretapping

 — A woman who works at the S.C. Department of Juvenile Justice was charged with wiretapping after she is alleged to have secretly recorded a conversation in the DJJ’s Inspector General’s office that she was not a party to, the State Law Enforcement Division reported Thursday.
Leann Cudd, 29, of Irmo was working as an administrative assistant Sept. 23 when she allegedly slipped her iPhone under the closed door of the Inspector General’s office and recorded a conversation between two DJJ employees, according to a SLED news release.
According to SLED, Cudd admitted making the recording. No details about the topic or motive for the act was given.
Cudd was being held at the Alvin S. Glenn Detention Center Thursday.
From Staff ReportsMore here.




Read more here: http://www.thestate.com/2013/11/14/3098475/sc-djj-employee-charged-with-wiretapping.html#storylink=cpy

Tuesday, November 12, 2013

Samsung, Nokia say they don’t know how to track a powered-down phone

Privacy International still awaits answers from Apple, BlackBerry, and others.

Back in July 2013, The Washington Post reported that nearly a decade ago, the National Security Agency developed a new technique that allowed spooks to “find cellphones even when they were turned off. JSOC troops called this ‘The Find,’ and it gave them thousands of new targets, including members of a burgeoning al-Qaeda-sponsored insurgency in Iraq, according to members of the unit.”
Many security researchers scratched their heads trying to figure out how this could be so. The British watchdog group Privacy International took it upon itself to ask eight major mobile phone manufacturers if and how this was possible in August 2013. On Monday, the group published replies from the four firms that have responded thus far: Ericsson, Google, Nokia, and Samsung. (Apple, HTC, Microsoft, and BlackBerry have not yet sent in a response.)
A research officer at the organization, Richard Tynan, wrote that “two themes stood out among the companies that replied: hardware manufacturers claim that they strive to switch off almost all their components while the phone is powered down, and if tracking occurs it is likely due to the installation of malware onto the phone.” Here are a few of the responses:

Saturday, November 9, 2013

Corporate espionage: The spy in your cubicle

Even as business crimes decrease, many firms fear industrial espionage more than ever. While the NSA may give them headline-grabbing grounds for feeling that way, the perpertrator is most likely on the company's payroll.


At a trade fair, the head of a company discovers a machine developed by his own employees - but at the stand of a competitor, where the new item is proudly displayed. Looking through his company's inventory, he sees four new printers, even though he in fact ordered five. And to top things off, he's having problems with the state prosecutors, who say his firm is implicated in a bribery charge. His company, in short, has fallen victim to industrrial espionage - three times over.
Since 2001, some 61 percent of German companies have fallen prey to these or similar crimes. In 2013, by comparison, just 45 percent of German firms were entangled in such an affair. Those were the conclusions of a study conducted by business consulting giant PricewaterhouseCoopers (PCW) together with Martin Luther University in Halle-Wittenberg (MLU). For the study, more than 600 German companies, each with at least 500 employees, were examined every two years.

Thursday, November 7, 2013

Fear of bugging prompts tablet ban in British Cabinet meetings

iPads were plucked from users' hands at the British Cabinet meeting last week, because of fears that they might be bugged by foreign intelligence agencies.

The Daily Mail on Sunday reported that the Ministers were using the devices for a presentation by Cabinet Office Minister Francis Maude and Mike Bracken, who's in charge of the Government Digital Service.

The talk was on the topic of saving the economy close to £2bil (RM10.2bil) a year within the next four years.

Typically, the Cabinet isn't particularly generous about applause for presentations, the Daily Mail said, but this time, when the talk wrapped up, Ministers clapped.

That's when the government's security team pounced, the Mail reports, whisking all iPads out of the room to avoid careless talk reaching the wrong ears.

It doesn't stop there, The Telegraph subsequently reported.

Given the security force's fear that foreign intelligence agencies have developed the ability to turn mobile devices into eavesdropping bugs without their owners' knowledge, all tablet computers - which, one assumes, covers all manufacturers' gadgets, and not just Apple's - are now banned from Cabinet meetings.

Monday, November 4, 2013

Singapore boosts cyber defences after 'Anonymous' threat

The Singapore government said Monday it was on "heightened vigilance" following threats from the activist hackers' group Anonymous, but denied that any of its websites had already been compromised.

The statement by the Infocomm Development Authority (IDA) came as Singapore's biggest publisher confirmed users were having difficulty accessing some of its online sites, although no group has claimed responsibility for the incidents.
A person claiming to be from Anonymous last Friday hacked a reporter's blog on the  of the pro-government Straits Times newspaper, and warned of further attacks as it demanded greater Internet freedom in the strictly governed city-state.
In a video clip posted on YouTube on Thursday, a masked person claiming to represent Anonymous also warned the Singapore government it faced cyber attacks from the group unless it scrapped new rules requiring annual licences for news websites.
"The Singapore government takes cyber security and threats to its ICT (information and communication technology) infrastructure very seriously," the IDA said in a statement.
"Government agencies have been on heightened vigilance and have enhanced the security of their IT (information technology) systems in response to the declared threats against the government's ICT infrastructure."


Read more here.