Saturday, June 18, 2011

Technical Surveillance Threat Series, "Cellular Threats".

Note: This is the first installment in the Spy vs. Spy, "Technical Surveillance Threat Series". Stay tuned. JDL

Technical Surveillance Countermeasures, better known as "TSCM", is defined by "Wikipedia" as:

"A service provided by qualified personnel to detect the presence of technical surveillance devices ("bugs") and hazards and to identify technical security weaknesses that could aid in the conduct of a technical penetration of the surveyed facility".

In the civilian world, the above service is also sometimes referred to as a "Electronic Eavesdropping Detection" sweep or survey, or a "Bug Sweep".

Myself and my team have performed hundreds of TSCM Surveys for fortune 500 corporations, celebrities, executives, embassies, government offices, businesses, private individuals, law firms, etc., etc. There is always a common theme after an area has been cleared, "How can we protect ourselves from electronic surveillance threats after you leave?" The answer is usually complex, and almost always highly dependent upon our review (and recommendations) of our clients security posture and protocols in place at the time of the survey, and after we leave.

In this post, we will deal with one of those threats, "cellular devices", cell phones or "smart phones".

During our pre-survey Technical Threat Assessment, we usually find that "cellular devices" are allowed in almost all areas. There may be a cellular policy in place, but... during our verbal debrief after the area has been cleared, is usually when we find out what we have already discovered, that either there is no security protocol or policy in place regarding the allowance of cellular devices in board rooms and high level meetings, or there is a cellular policy in place, but it is not being enforced.

Almost all cellular phones have cameras, and many smart phones have audio recording features that allow conversations in person or over a smart phone to be easily recorded, stored, and even emailed. If you're like most of us, your cell phone is rarely more than 6 feet away from you. Many have "spy software" installed that allows for the smart phone microphone to be activated in secret without the phone ringing or lighting up. While it sits innocently near you, an eavesdropper can monitor every sound in the room.

So, does this potential eavesdropping threat sound like something that you want to allow in your next confidential boardroom meeting? Can your organization really afford to ignore this type of eavesdropping threat? Does your organization have a cellular policy in place? Is it enforced?

Here are a few personal cellular security tips:

Do not let your cell phone or smart phone out of your physical possession. Most cellular monitoring programs or "spyware" has to be installed through physical possession of the target phone. One of the best countermeasures is to keep tabs on yours.

Password protect your phone. I know it's a pain, but a password on your cell phone could save you or your organization a lot of misery.

Consider a review today of your organizations policy regarding cellular devices. Better safe, than sorry. No time? Contact ComSec, we can help. JDL

Stay tuned for the next installment in the Spy vs. Spy, Technical Surveillance Threat series.

ComSec, LLc provides professional Technical Surveillance & Eavesdropping Countermeasures services to Fortune 500 corporations to small businesses, non-profits, celebrities, executives and select individuals. Headquartered in Virginia Beach, VA | Northern VA-DC-MD. Serving the United States, and select International clients abroad.

Tuesday, June 14, 2011

Chinese government installs spying devices on Hong Kong cars

Beijing is allegedly using audio spying devices on dual-plate Chinese-Hong Kong vehicles to gather information.

Apple Daily reports the eavesdropping devices were originally installed under the name "inspection and quarantine cards” back in July 2007. The Shenzhen Inspection and Quarantine Bureau installed the devices free of charge to thousands of vehicles across Hong Kong. The devices are about the size of a PDA, screwed into the car’s front window.

People in Hong Kong, in particular criminals, began to notice something was awry when the authorities were able to pick out cars carrying illegal goods across borders without problem or hesitation.

"For every ten cars we ran we only had [smuggled goods] in three or four to reduce the risk, but the border agents caught all of them. The accuracy was unreal!" one smuggler told Apple Daily.


Monday, June 13, 2011

Power Cord Hidden Camera

The Desk Accessory You Didn't Know You Needed...

Connect Easily to a DVR and Leave on Your Desk for Completely Covert Recording...

Office theft and vandalism happen every day. The Power Cord Hidden Camera is an inconspicuous camera housed in a standard-looking power cord that sits on your desk and records everything that happens while you're gone. Its slim, sleek and discreet design doesn't draw any extra attention. The device looks like an ordinary charger or computer cable, so no one will think twice that it's anything other than a loose cable forgotten on your desk. If you suspect any wrongdoing to your property, or you work in an environment that makes you suspect that your belongings may be in danger, this is the device for you. Simply pair the camera with any of a number of portable DVRs, plug it in, and you're ready to start recording. And, with a built-in motion sensor, you'll only get the footage you need.


Sunday, June 12, 2011

Functional Fibers: fibers that can detect and produce sound

An MIT investigator has announced a new milestone on the path to functional fibers: fibers that can detect and produce sound. Applications could include clothes that are themselves sensitive microphones, for capturing speech or monitoring bodily functions, and tiny filaments that could measure blood flow in capillaries or pressure in the brain.

Thursday, June 9, 2011

Attacks on Sony, others show it's open hacking season
There seems to be a groundswell of hacking activity recently. From the Epsilon breach that touched dozens of major U.S. companies and their millions of customers, and RSA replacing its customers' SecurID tokens after attacks on several defense contractors to Sony sites getting pummeled by hackers on a regular basis--all within the last few months. What's going on?

"I truly don't think there's a higher instance of hacking right now. I think there's been a wave of media coverage," said Bruce Schneier, chief security technology officer of BT and one of the most respected security experts around. "We saw the same thing with shark attacks. It's not that there are more shark attacks. It's that they made the news when people started looking for them." No one can really say if there are more attacks happening. Reports indicate that the number of breaches is rising every year, as can be expected. But those statistics are based only on incidents that are reported; there are untold numbers that happen all the time that no one knows about except the attacker and, eventually, the victim.

Wednesday, June 8, 2011

West Valley computer thefts: random or industrial espionage?

WEST VALLEY CITY — Was it a simple break-in or industrial espionage? A heist in West Valley City may be one for the conspiracy theorists.

An engineering firm with military contracts had a half-dozen of its most critical computers stolen in a burglary sometime before the business opened Tuesday morning.

El Dorado Engineering creates equipment used to dispose of old munitions. The company has contracts with the U.S. military, NATO and Belgium, among others. It has secret military clearance.

All the computers stolen were critical to the business. Some were used for accounting. Others were utilized for engineering and had special capabilities to work with 3D programs.

“You lose so much information, because everybody’s work is on their computers,” company president Ralph Hayes said.


Tuesday, June 7, 2011

Spear Phishing: More than Spam, it's Espionage
The most frequent comment I see on stories reporting some new dramatically successful phishing attack is from an overly nearly well-informed technophile who thinks people who fall for phishing schemes are just stupid.

Despite a success rate so high it's become standard operating procedure for Chinese military and government cyber-espionage groups, people who respond to phishing e-mails are treated like they're one walker-assisted step above the elderly shut-ins who send money to help Nigerian princes and ministers of finance mysteriously down on their luck.

If only the stupid fell for phishing scams the successful attacks against companies with sophisticated security -- Google, Lockheed Martin, HB Gary, PayPal, various other U.S. military and intelligence agencies -- would have been able to shut down the breaches quickly. Others with security at least as good -- CitiBank, Bank of America, AOL, Western Union -- wouldn't have to send out alerts every 10 minutes warning people that they weren't sending out alerts, so don't mail in your usernames and passwords.

Phishing works, for the same reason grifting works -- given a set of facts that seem to fit all their expectations and experience, and the opportunity to either help out a co-worker or profit from something that's very little trouble for them, most people will take the risk. (See also "4 Security Tips Spurred by Recent Phishing Attacks on Gmail, Hotmail, and Yahoo").


Saturday, June 4, 2011

Espionage Lessons Learned From Bond—James Bond

For "Carte Blanche," the newest James Bond novel, I soaked up a number of fascinating factoids about tradecraft—the subdued term for the techniques of espionage. My knowledge will have faded in a few years, but in the short term, I'm a bit of a spymaster. I thought I might share a few of the more useful tricks of the trade, in case you find yourself tapped (recruited) by a handler (the spy who supervises field agents) to help out the pros.

Apparently this happens quite frequently. At least according to Hollywood.

• To be a spy, you don't need to break into top-secret facilities, climb through air ducts and make your way through laser beam fields. Yes, agents do some of that acrobatic stuff, as well as sit in front of really neat high-def monitors, a la Jack Bauer in "24," while vacuuming up cellphone calls and emails. But a huge amount of "product," as intelligence is called, comes from open sources, information available to everyone, found in newspapers, on TV, in unclassified government, corporate and nonprofit reports and from observations in public. You can be sure that somebody in Russia's SVR, one of the KGB's successor agencies, is jotting down notes about this article even as you read it.


Thursday, June 2, 2011

Google breaks up Gmail spying campaign

Google has identified and disrupted a campaign operating out of eastern China meant to hijack and monitor the Gmail accounts belonging to hundreds of users, the technology giant revealed Wednesday.

Victims included U.S. and Asian government officials -- mostly from South Korea, military members, journalists and Chinese political activists, said Eric Grosse, engineering director of the Google's security team, in a blog post.

The campaign appears to trace back to Jinan, China and involves the theft of user's Gmail passwords, likely through phishing, he said. Google was able to disrupt the campaign, secure the affected accounts and notify the targeted individuals.

"The goal of this effort seems to have been to monitor the contents of these users' emails, with the perpetrators apparently using stolen passwords to change peoples' forwarding and delegation settings," Grosse wrote. "Google enables you to forward your emails automatically, as well as grant others access to your account."


Corporate Spying: The Next Growth Industry

The corporate spying business is booming. The largest companies around the world are all involved in “competitive intelligence gathering” by highly trained professionals according to PricewaterhouseCoopers.

"Corporations have people trained to obtain raw data from a wide range of sources and apply traditional intelligence analysis techniques to produce usable information," PwC dispute analysis and investigations director Richard Batten said.

In a story from Wired:

Veterans from the most infamous private security firm on Earth and one of the military’s most controversial datamining operations are teaming up to provide the Fortune 500 with their own private spies - who call themselves Jellyfish.

Jellyfish is about corporate-information dominance. It swears it’s leaving all the spy-world baggage behind. No guns, no governments digging through private records of its citizens.

“Our organization is not going to be controversial,”
pledges Keith Mahoney, the Jellyfish CEO, a former Navy officer and senior executive with Blackwater’s intelligence arm, Total Intelligence Solutions.

During a Thursday press conference in Washington that served as a coming-out party for the company, Jellyfish’s executives described an all-purpose “private-sector intelligence” firm.


Wednesday, June 1, 2011

CI Centre Announces Global Launch of SPYPEDIA

The Centre for Counterintelligence and Security Studies® (CI Centre), the nation’s leading counterintelligence (CI), counterterrorism (CT), and security training and education company, today announced the global launch of SPYPEDIA. This exclusive online database provides the security and intelligence community with instant and up-to-the-minute access to all Security, CI, and CT related news and events of yesterday and today.

SPYPEDIA™ is the first online database of its kind to be offered to private and government security and intelligence professionals from around the world to include educators, academics, students, and all who share an interest in Security, CI and CT. The research and development of this project began 15 years ago with the ultimate objective of developing the world’s most comprehensive, informative, and up to date library of such information.


Cyber attack shows constant threat to key intel

The attempted hacking of defense contractor Lockheed Martin once again shined the spotlight on the security of the high-tech infrastructure guarding the United States' most closely held secrets.

The threat of attacks by enemies of the United States on the country's cyber security is one that has been known about for years, officials and experts in the field of national security have said.

(Last year, a former chief of U.S. intelligence told "60 Minutes" that the United States was unprepared for cyber attacks.)

Cyber war: Sabotaging the system
Video: Full "60 Minutes" segment
Video: Hacking the D.O.D.

Joel Brenner, who held the title of national counterintelligence executive from 2006 to 2009, told the Reuters news agency Tuesday that not just Lockheed Martin but most large defense contractors, if not all of them, have had their networks breached.

"This has been happening since the late '90s," he told Reuters before referring to China, Iran and Russia, three countries he said are the American government's main suspects of cyber espionage. "They're after our weapons systems and R&D."

That research and development is of interest to the more than 100 intelligence groups the Defense Department says have tried to crack American cyber security, Reuters reported.