Thursday, May 29, 2014

Former Bard, BD engineer pleads guilty to stealing trade secrets

Ketankumar Maniar pleaded guilty to stealing trade secrets from two former employers, C.R. Bard and Becton, Dickinson and Co. (BD), in federal court in Trenton, NJ, according to a May 28 statement from the Department of Justice. He was charged with two counts of theft and attempted theft of trade secrets for his own economic benefit.

The 37-year-old stole information about the development of the first implantable port used for power injection of pharmaceuticals from Bard, where he worked as an engineer from 2004 to 2011 in the company's Salt Lake City office. Between 2012 and 2013 he stole information about a self-administered disposable pen injector from BD's Franklin Lakes, NJ, headquarters, the statement says.

Maniar stored the information on external hard drives and also sent information from his work email to his personal email account. He admitted to stealing and keeping the information about the products following his resignation from both companies.

Read more here.

Consumers are worried about internet privacy but few do anything to protect themselves

Here’s a wild set of facts:
58% of respondents to an Associated Press poll said they were worried about government spying by the National Security Agency.
41% of consumers don’t know that smart devices collect information about their personal activities.
The truth is, it’s more likely that your new refrigerator is spying on you than the NSA.
Two companies published internet privacy surveys this week, TRUSTe Privacy Indexand one by Consumer Reports, and between them an interesting picture emerged.
Though more than 80% of people said they were concerned about privacy on the internet and from smart devices 62% haven’t done anything about it.
The reason? Most say they simply don’t know how to protect themselves. That’s true. . .up to a point. How about this scenario. I can promise that your personal information will be kept 100% private – all you have to do is stop using a mobile phone.
Yeah, like that’s going to happen.

Friday, May 23, 2014

How much economic espionage is too much?

WASHINGTON — “If we spy for military security, why shouldn’t we spy for economic security?”

Those were the words not of an aggressive Chinese spy but none other than Stansfield Turner, the Carter-era CIA director, who in 1992 argued that the United States should more aggressively carry out intelligence operations aimed at securing America’s leading economic position in the world.
If it weren’t for matters of patriotism, the former CIA director probably wouldn’t raise an eyebrow at allegations of Chinese spying unveiled by a Pennsylvania grand jury and the Department of Justice this week.
Indeed, the tactics the Obama administration has accused China of using have also been debated at the highest levels of the U.S. government as possible instruments of American power.
Other countries haven’t been so gun shy and have carried out operations strikingly similar to those a Pennsylvania grand jury have accused Chinese spies of carrying out.
In the 1970s and 1980s, French agents planted moles inside IBM and Texas Instruments and forwarded the material they collected to a French computer company. Microphones planted in the seats of Air France to pick up talk among traveling businessmen have become a piece of intelligence lore.

Wednesday, May 21, 2014

Sheikh Raed Salah's office bugged by Israeli telecommunications company

The Islamic Movement confirmed that a wiretapping device was concealed inside a telecommunication box installed by a Bezeq (Israeli telecommunications company) employee in the office of Sheikh Ra'ed Salah, chairperson of the Islamic Movement in Israel.
The Islamic Movement reported that a Bezeq employee arrived at the Movement's offices in Umm al-Fahim on the March 13th, following an unexpected fault in the telephone lines, which required Bezeq sending a technician to investigate. 
The technician arrived and after having checked the lines, replaced the telephone wires box and reactivated the line.
Yet the unexpected line fault aroused suspicion and the new box was checked and a sophisticated micro microphone was discovered inside the plastic covering of the new box, almost undetectable, and was only found after the inside layer of the plastic case was broken open.

Friday, May 16, 2014

Spy Chief Sued Over Adviser’s Ties to Chinese Spies

The Office of the Director of National Intelligence (ODNI) has been sued by an advocacy group seeking the release of internal documents of a top intelligence adviser who was also working with a controversial Chinese technology company that has been identified as a potential espionage threat.

The advocacy group Judicial Watch announced on Thursday that it had filed a lawsuit seeking the release of records pertaining to senior DNI adviser Theodore Moran, who was serving as an intelligence adviser while also working as a paid consultant to China’s Huawei Technologies, which has been identified by the House Intelligence Committee “as a potential espionage threat.”

Judicial Watch filed its lawsuit over a Freedom of Information Act (FOIA) request seeking Moran’s internal records.

The group is seeking to determine if and how Moran’s work for DNI conflicted with his paid work for Huawei, which has come under scrutiny for producing phone equipment that congressional investigators believe enabled Chinese spying.

Friday, May 9, 2014

New Anti-Spying Protection for Smartphones Available

Ziklag pioneers technology to protect companies from compromising voice, data hacks
Arlington, VA -- (SBWIRE) -- 05/09/2014 -- Ziklag Systems, the leading developer of next-generation security products for enterprise applications, announced today the launch of Office Anti-Spy™, a new anti-spying App for Android Smartphones. Designed for use by corporations and executives, Office Anti-Spy™ makes it impossible for a hacker, intruder or spy to listen to or record private conversations and meetings.

“People don’t generally realize just how much risk they take when they walk around with Smartphones in their pocket, bag or briefcase” says Dr. Stephen Bryen, former head of the Defense Technology Security Administration. “In some government operations they make you lock them up. But in regular business environments, the vulnerability is there and the potential for being spied on is very great.”

Office Anti-Spy™ also solves the “Bring-Your-Own-Device” (BYOD) problem for companies struggling to secure corporate data on personal devices. Instead of restricting what users can do on their devices, Office Anti-Spy™ allows organizations to retain control of corporate data without touching employee’s personal apps and data.

How It Works...

Read more here.

Wednesday, May 7, 2014

5 Things Every Company's Data Security Program Should Include

What's the one thing every company's data security program must include? That's the question we put recently to experts in the field, knowing that,especially after Heartbleed, the diversity of responses would create an invaluable checklist for all risk managers and corporate leaders charged with the protection of company (and client) data. Here's what we heard back:

1. Ongoing Assessment of Priorities
Effective data security is not a one-size-fits-all concept, and it needs to be nimble so that it can quickly adapt based on your company’s needs, changing technologies, and emerging threats…
From Pat Fowler, partner at Snell & Wilmer: “An effective data security program must include, and arise from, a continuing assessment of the company’s data security needs. The federal government’s new cybersecurity framework would be a reasonable starting point for this assessment. Effective data security is not a one-size-fits-all concept, and it needs to be nimble so that it can quickly adapt to changing technologies and emerging threats. The company needs to establish its priorities for data security – the relative value of the various kinds of data that it collects, maintains or transmits, the risk and liability if such data is lost or breaches – and the assets/resources (financial, technological, human) that it can reasonably commit to meet those priorities. A company’s risk tolerance and various external factors (evolving threats, client/customer requirements, applicable regulatory schemes, industry standards, etc.) also must be included in this continuing assessment in order to have an effective data security program, both today and in the future.”

Cyber Counterespionage

Cloaked in the disguise of a corporate insider, the spy penetrates the outer perimeter, slips past the lurking guardians, cracks the interior vault, loots the corporate secrets—and then turns off the computer and gets another coffee after the high-technology heist. In today’s age of rampant cyber espionage, bet-the-company secrets and billion-dollar technology may be stolen in seconds or exfiltrated for months
before detection. And this threat is here and now—and huge...

Download this excellent pdf on Cyber Espionage from the folks at Crowell & Moring

"Pillaging the Digital Treasure Troves" The Technology, Economics, and Law of Cyber espionage

Tuesday, May 6, 2014

CEO steps down after customer data breach

Note: As you can see from the below, there are consequences to dated or no risk management strategy. Are you in charge of your company's IT or IP? Time to re-think your company's information risk management strategy? Contact me, I can help. ~JDL
Target's CEO has become the first boss of a major corporation to lose his job over a breach of customer data, showing how responsibility for computer security now reaches right to the top.
Gregg Steinhafel, who was also president and chairman, resigned nearly five months after Target disclosed a huge pre-Christmas breach in which hackers stole millions of customers' credit- and debit-card records. The theft badly damaged the chain's reputation and profits.
Steinhafel, a 35-year veteran of the company and chief executive since 2008, also resigned from the Board of Directors, Target announced Monday.
The departure of Steinhafel, 59, suggests the company wants a clean slate as it wrestles with the fallout. Two months ago, Target's chief information officer lost her job.
Steinhafel's resignation leaves a leadership hole at a time when the 1,800-store chain is facing many other challenges.