Thursday, February 28, 2013

Vatican admits secretly bugging its own clergy

The Vatican admitted on Thursday that it had secretly bugged clergy within the Holy See as part of the investigation into the Vatileaks scandal, which resulted in the Pope's butler being imprisoned for stealing confidential pontifical documents.

Like much of the rest of his papacy, Benedict's last day in office was overshadowed by claims of secrecy and intrigue.
An Italian news magazine, Panorama, claimed that Vatican authorities had conducted, and are still conducting, an extensive covert surveillance programme, tapping the phone calls and intercepting the emails of cardinals and bishops in the Curia, the governing body of the Catholic Church.
The surveillance operation was to weed out Vatican insiders who may have helped Paolo Gabriele, the butler, steal and leak to the press compromising papal documents, in a scandal that rocked the Catholic Church and reportedly contributed to Benedict's decision to resign.
The Vatican confirmed that secret surveillance had indeed taken place, but on a far smaller scale than that portrayed by Panorama.
In response to a question by The Daily Telegraph at a press briefing, Federico Lombardi, the Vatican spokesman, said surveillance had taken place but "not of the dimensions described".

Gynecologist Hid Camera Inside Pen

A Johns Hopkins Hospital gynecologist accused of secretly videotaping patients wore a pen around his neck that may have been used to conceal a camera, according to the employee who reported the doctor.

The employee told hospital officials of her suspicions Feb. 4, according to a letter from the hospital's CEO, Dr. Paul B. Rothman. The letter was dated Tuesday and sent to the law firm of Silverman Thompson Slutkin & White, which is working with the Maryland Crime Victims' Resource Center. The law firm gave a copy of the letter to The Associated Press on Wednesday.

The employee's report to officials ultimately led to the discovery that Dr. Nikita Levy had been recording patients during exams at a Hopkins clinic. Police have said Levy, 54, killed himself in his home on Feb. 18.

Rothman's letter said the Hopkins employee had noticed what she believed to be a device, like a writing pen, that Levy had worn around his neck while examining patients. She said she believed the device was a camera.

Rothman writes that Hopkins security personnel questioned Levy at his office on Feb. 5, and devices similar to the one described by the employee were seen in the office and on Levy.

Levy was barred from patient contact that day and escorted off hospital grounds. Hopkins notified Baltimore police the day after, and investigators have said they found large amounts of multimedia evidence.

Police have said more than 2,000 patients and former patients of Levy have called a hotline set up by the hospital. Class-action lawsuits have been filed against Hopkins.

Wednesday, February 27, 2013

Researchers discover new global cyber-espionage campaign

Security researchers have identified an ongoing cyber-espionage campaign that compromised 59 computers belonging to government organizations, research institutes, think tanks and private companies from 23 countries in the past 10 days.

The attack campaign was discovered and analyzed by researchers from security firm Kaspersky Lab and the Laboratory of Cryptography and System Security (CrySyS) of the Budapest University of Technology and Economics.
Dubbed MiniDuke, the attack campaign used targeted email messages -- a technique known as spear phishing -- that carried malicious PDF files rigged with a recently patched exploit for Adobe Reader 9, 10 and 11.
The exploit was originally discovered in active attacks earlier this month by security researchers from FireEye and is capable of bypassing the sandbox protection in Adobe Reader 10 and 11. Adobe released security patches for the vulnerabilities targeted by the exploit on Feb. 20.
The new MiniDuke attacks use the same exploit identified by FireEye, but with some advanced modifications, said Costin Raiu, director of Kaspersky Lab's global research and analysis team, on Wednesday. This could suggest that the attackers had access to the toolkit that was used to create the original exploit.

Read more:

Thursday, February 21, 2013

Report Fingers Chinese Military Unit in US Hack Attacks

A Virginia-based cyber security firm has released a new report alleging a specific Chinese military unit is likely behind one of the largest cyber espionage and attack campaigns aimed at American infrastructure and corporations.
In the report, released today by Mandiant, China's Unit 61398 is blamed for stealing "hundreds of terabytes of data from at least 141 organizations" since 2006, including 115 targets in the U.S. Twenty different industrial sectors were targeted in the attacks, Mandiant said, from energy and aerospace to transportation and financial institutions.
Mandiant believes it has tracked Unit 61398 to a 12-story office building in Shanghai that could employ hundreds of workers.
Read the report here:

Wednesday, February 20, 2013

Obama administration reportedly considering fines, trade penalties for cybertheft

The White House is reportedly considering fines and other trade penalties against China or any other country guilty of cyberattacks amid evidence of an unrelenting cyber espionage campaign linked to the Chinese government.
The Associated Press reported Wednesday that the actions are being considered as part of the Obama administration's response to a report that claimed the Chinese Army is behind a series of cyberattacks on U.S. companies.
Officials familiar with the administration's plans spoke on condition of anonymity because they were not authorized to speak publicly about the threatened action.
The Chinese government denies being involved in the cyberattacks cited in a cybersecurity firm's analysis of breaches that compromised more than 140 companies. On Wednesday, China's Defense Ministry called the report deeply flawed.
Mandiant, a Virginia-based cybersecurity firm, released a torrent of details Monday that tied a secret Chinese military unit in Shanghai to years of cyberattacks against U.S. companies. Mandiant concluded that the breaches can be linked to the People's Liberation Army's Unit 61398.

Read more:

Tuesday, February 19, 2013

American death in Singapore raises questions about espionage, foul play

Was it suicide or was it murder? And is a major Chinese company trying to use restricted U.S. technology for a military purpose? In a case with possible national security implications for the U.S., an American electronics engineer was found hanged in Singapore last year. Local police suggested Shane Todd's death was suicide. He was troubled and was just leaving his job, but the family isn't buying it.
A story in the Financial Times is raising troubling questions about the circumstances of the death and work Todd was doing for IME, a Singapore government research institute. The work reportedly involved gallium nitride, a semiconductor that can withstand high levels of heat and power with both civilian and military applications. There are also possible connections to Huawei, the big Chinese phone company that American lawmakers worry could be involved in espionage.
"What we know from a file on Mr. Todd's computer was that he has a project labeled 'Huawei' and there was a project plan where IME and Huawei would be working on a project from 2012 to the end of 2014," explains Christine Spolar, investigations editor for the Financial Times, who says that Todd's family suspects foul play related to this work.
According to the family, Todd told them he feared he was working on a project that was hurting U.S. national security.
More here:

Thursday, February 14, 2013

The Spying Trade: Success by stealth

SPIES are often wrongly presumed to work in a shadowy and exotic world. In fact they are more like unusually crafty bureaucrats than James Bond. Their skills would be quite handy for business executives, according to J.C. Carleson, a former CIA officer. In “Work Like a Spy”, her gripping layman’s guide to spycraft, she shows how adopting an intelligence officer’s mindset can make managers more efficient and better at handling people. 

In her eight years undercover, Ms Carleson (not her real name) ran agents in hostile countries, getting them to risk their lives to steal secrets for America. Targeting and recruiting such people offers lessons in what might be called “strategic networking”: gaining information about customers and competitors. How do you make contact without seeming pushy? What is the hook, and what are the incentives? It turns out that offering consultancy fees and lavish entertainment rarely works; appealing to the ego is far more effective.

While steering clear of real secrets, Ms Carleson gives an accurate account of how intelligence officers operate. Her “strategic elicitation exercise”, in which she pushes readers to get random information from a stranger, is particularly well described.

More here:

Wednesday, February 6, 2013

Disgruntled employee spends three years destroying work computers with Cillit Bang

Note: This was just to bizarre of a case to pass up! ~JDL

A credit controller who was denied a pay rise at work took revenge by using Cillit Bang on his firm's computer equipment.

In a three-year sabotage spree he repeatedly squirted the caustic cleaning fluid into the company's computers, causing system failures and £32,000 worth of damage.
His employers eventually installed CCTV cameras in the offices and when they caught the 44-year-old embarking on one of his Cillit Bang missions.
Edward Sobolewski was today starting a eight month jail sentence after a judge ordered him to also pay £10,000 costs for his "malicious" attacks.
The accounts controller admitted causing the damage at the Oxford office of market research company Frost and Sullivan because he was "p-----d off" after not getting a pay increase.
He routinely used Cillit Bang - famous for its advertising catchphrase "bang and the dirt is gone" - to bring the firm's IT systems to a halt between 2009 and 2012.
Prosecutor Steve Malloy QC told a judge at Oxford Crown Court that managers had light-sensitive cameras placed in the firm's server room after they suspected foul play.

He said: "On Saturday, June 30 2012, Mr Sobolewski was seen on the CCTV camera in the main server room at a time he should not have been in there at all.

"He entered into the room with a distinctive purple bottle of Cillit Bang and the following day he was seen spraying it into the computer grills and then wiping the excess fluid away with a cloth.

"He is then seen pouring a container of liquid into one of the machines."

When challenged by his managers, Sobolewski initially said he was merely cleaning the servers.

However, he soon owned up to his crime when he was confronted with the CCTV footage.

More here:

Tuesday, February 5, 2013

School District Director of Technology Accused of Spying on Employees

The former director of technology of a local school district is under investigation, after being accused of spying on district employees and holding naked pictures of women on his work computer, according to Lehigh Valley Live.
Tom Drago, 53, was the director of technology of the Easton Area School District for more than 11 years, responsible for running the school district’s technology plan. Lehigh Valley Live reports officials began to investigate Drago back on October 22, after the district’s Director of Teaching and Learning accused Drago of remotely accessing his computer.
Court records state Drago initially denied accessing the computer before then claiming he did it by accident, according to Lehigh Valley Live. Lehigh Valley Live reports Drago then allegedly claimed he had permission to access it. He was suspended with pay and his work computer was examined by an information and technology firm. During the investigation, Drago’s computers, flash drives, camera, iPad, and iPod were all seized by police, according to Lehigh Valley Live. The firm discovered Drago had accessed the computers of several employees hundreds of times without the authorization of the district superintendent, according to court records.
More here:

Monday, February 4, 2013

Cisco flags threat Generation Y pose to corporate security

Note: Please pay close attention to this article! As my friend & colleague David Major, President of the CI Centre in northern Virginia likes to put it "Generation Y" is The "Cause" Generation. "Globalization is natural since "everyone" is connected...~JDL

Generation Y employees are most likely to divulge personal information about themselves online, according to a study by networking giant Cisco.
The Cisco Connected World Technology Report (CCWTR) exposes the thoughts and opinions of the world's next generation of workers.
Referred to as Generation Y, or as the "millennial generation", they consist of individuals born in the late 1980s and 1990s, and are generally considered to be more "tech savvy". According to Adam Philpott, director of EMEAR security sales for Cisco, these “millennials" are now entering the workplace and sport a very different attitude towards data privacy.
"They believe in the demise of privacy — that it’s simply defunct in practice, and it’s in this paradigm that organisations must operate a concept that will be alarming to the older generation in the workplace,” he said.
The Cisco study surveyed Generation Y college students and IT workers between the ages of 18 and 30 in various industries.
Both categories included hundreds of respondents from 18 countries (Argentina, Australia, Brazil, Canada, China, France, Germany, India, Japan, Mexico, Netherlands, Poland, Russia, South Africa, South Korea, Turkey, United Kingdom and United States), making a total of 3,600 respondents. Many of the Generation Y respondents said the age of privacy is over (91 percent), while one third claimed not to be worried about the data captured about them online.
The report also showed that, although 75 per cent of Generation Y respondents do not trust websites to protect their personal information, many of them continue to use sites that require personal details, such as credit card numbers.
This becomes an issue for companies when these employees take risks online with work devices that run on corporate networks.
More here:

Sunday, February 3, 2013

Washington talks cybersecurity after Chinese attacks

Washington is grappling again with the prying eyes of Chinese hackers.
A string of computer breaches at The New York Times, The Wall Street Journal, The Washington Post and other media organizations has drawn a frustrated response from the White House and galvanized lawmakers who have failed for years to improve the country’s cyberdefenses.

There isn’t much the Obama administration or Congress could have done in advance to stave off the latest series of attacks. But the incidents illuminate the threats emanating from abroad, not to mention the lagging Washington work to protect tech companies, power plants, big banks and now major newspapers from them.
“This is just another reminder of how relentless and sweeping China’s cyberattacks are,” said Rep. Mike Rogers (R-Mich.), the chairman of the House Intelligence Committee. “The attacks on the U.S. banking industry and now major media outlets who dared publish stories critical of the Chinese government prove this is not a theoretical threat.

“Foreign cyberattackers are targeting every aspect of the American economy every day and Congress needs to act with urgency to protect our national security and our economy.”
The renewed Beltway interest in cybersecurity follows the Wednesday revelation that the Times had fallen prey to a four-month attack thought to have originated in China. The trouble began shortly after the newspaper published a critical story about the country’s prime minister.
In the days to come, though, it became apparent that the Times wasn’t alone: The Wall Street Journal also said it battled back Chinese hackers who spied on reporters covering issues related to the country. Sources told the Times that Bloomberg News once experienced similar difficulties. And The Washington Post acknowledged on Saturday its own run-in with digital spies thought to be operating in China. Authorities in Beijing reportedly have rejected any connection to the incidents.

Read more:

Saturday, February 2, 2013

Confessions of a Corporate Spy

What do you think it means to be an expert in "hard-to-get elicitation"? It means people tell you things. A competitive intelligence consultant discusses things that can help a business--at the expense of another.

When I strolled into a Talbots near closing time on a Wednesday night, I wasn't expecting Phipps Plaza in Atlanta's ritzy Buckhead neighborhood to be so dead. Perfect for me. Less so for the store manager. I entered keenly aware of how completely out of place I must have seemed--a heavyset thirtysomething black guy in Walmart dress slacks, trying to look casual while fondling Hil­lary Clinton-esque blouses. If I were on staff, I might have briefly considered the possibility that I had come in only to knock over the place while things were quiet.
And I would have been about right.
I'm a competitive-intelligence researcher. A spy, of sorts. I don't break the law. But I always feel like I'm right on the edge of it, never mind my rigid ethical standards. The information I secure is given freely and obtained legally, and I don't lie to get it, but in the back of my mind I'm always thinking, You probably don't want me to know this. I found myself on this perverse shopping trip for a smart green pleated skirt because a company had hired me to learn the sales targets and promotional activity from Talbots store managers. I had been recruited to attempt face-to-face social engineering--basically wheedling out the information in person.

More here:

Friday, February 1, 2013

Chinese Hackers Hit U.S. Media

WASHINGTON—Chinese hackers believed to have government links have been conducting wide-ranging electronic surveillance of media companies including The Wall Street Journal, apparently to spy on reporters covering China and other issues, people familiar with the incidents said.

Journal publisher Dow Jones & Co. said Thursday that the paper's computer systems had been infiltrated by Chinese hackers, apparently to monitor its China coverage. New York Times Co. disclosed Wednesday night that its flagship newspaper also had been the victim of cyberspying.

Chinese hackers for years have targeted major U.S. media companies with hacking that has penetrated inside newsgathering systems, several people familiar with the response to the cyberattacks said. Tapping reporters' computers could allow Beijing to identify sources on articles and information about pending stories. Chinese authorities in the past have penalized Chinese nationals who have passed information to foreign reporters.

Journal sources on occasion have become hard to reach after information identifying them was included in emails. However, Western reporters in China long have assumed that authorities are monitoring their communications and act accordingly in sensitive cases.

More here:

Is your television watching YOU? Smart TVs can spy on their owners

by J. D. Heyes (NaturalNews) It sounds like some wild conspiracy theory or like something out of a science fiction movie, but it's true: it's possible that while you're watching your television, it could be watching you.

A security firm has discovered a glitch in Samsung's Smart TV that "can give hackers access to the device's built-in camera and microphones, allowing them to watch everything you do," reported recently.

The Malta-based security company, ReVuln, posted a video demonstrating how a team of researchers were able to hack into the Smart TV and access its setting, widgets, channel lists, USB drives and configurations for its remote control. The flaw permits hackers to gain access to any and all personal data stored on the TV as well, said the firm.

"We can install malicious software to gain complete root access to the TV," the video noted.

'I always feel like somebody's watching me...'

With that kind of access, hackers are able to use the television's built-in camera and mics to see and hear everything that is in front of it (like you). "Instead of just watching TV, viewers could themselves be watched without knowing it," said

Moreover, the flaw is not inherent on just one model - it is present on all 11 Samsung TVs of the company's latest generation of sets. The Smart TVs feature many of the same components as do computers, but they don't have the same kinds of protections, like firewalls and antivirus software.

There is at least some good news, though. In order to breach your TV, hackers first have to breach the network the television is connected to, and they must know the IP address of the device. As such, security breaches most likely would only occur as a targeted attack against a particular individual, not something that would occur randomly.
A co-founder of ReVuln, Luigi Auriemma, told NBC News that his firm's primary concern is that hackers may be able to target specific individuals or companies in whose businesses they have an interest.

"In our opinion, it's more interesting and realistic to think about attacks [against] specific targets reached via open/weak/hacked Wi-Fi or compromised computers of a network, instead of mass-exploiting via the Internet," Auriemma said in a statement. "That's interesting due to the effects of the vulnerability (retrieving information and the possibility of monitoring) which are perfect for targeted attacks, from a specific person with a TV at home to a company with TVs in its offices."

Hackers must be connected to a local network in order to access a Smart TV, said reports, so it becomes extremely important to keep wifi passwords secure. Also, anyone who has stalkers or who keeps valuable data on their device should be particularly careful, experts note.

"Consider that little kid next door that's good with computers," Travis Carelock, content director and research technologist at Black Hat, said, according to

"We're moving into a whole different world," added Trey Ford, general manager of the group. "Growing up, you and I didn't have a wirelessly connected camera pointing at the couch."

'A whole lot more fun'

The security firm said owners of any of the plasma 8000 series, the 7500 LED LCD series, the 8000 LED LCD series or the 9000 LED LCD series should seriously consider keeping all personal data off their TVs and then be careful about what is said or done in the presence of the TV.

While such devices are technologically promising, the security flaw can definitely become problematic.

"That's what will make this a whole lot more fun in the future," Ford said.

Samsung has since announced it is launching an investigation into the security flaw. No word on how it might be fixed.


More espionage now than during the Cold War

The Canadian government has done everything it can to play down the espionage damage done this country and our allies by naval Sub-Lt. Jeffrey Delisle.
But the case continues to rumble through the Western intelligence world as one of the biggest spying debacles possibly in decades.
It also says a lot about the bizarre nature of global espionage today when the victims play down their defeats in order to avoid harming relations with those who would filch secrets.
Ottawa barely whispered its discontent to Moscow after Delisle was arrested near the end of 2011.
That was after Russian Military Intelligence (the GRU) used Delisle over four years to buy, at bargain prices, some of the most closely guarded defence and intelligence secrets of Canada and its closest allies. Following Delisle's arrest, six Russian embassy officials were so calmly requested to go home that the smiling Russian ambassador could pooh-pooh the whole business as insignificant.
"I have a deal with your people to keep quiet," Ambassador Georgiy Mamedov told a reporter when news of departures came out.
Well, true enough. Public Safety Minister Vic Toews wouldn't even comment when asked about the scandal, and the government has maintained mostly a gloomy silence about the matter ever since.
Yet the military and former intelligence officials that I know shiver in horror when they speak of this case, and even the normally restrained CSIS calls the Delisle damage "severe and irreparable."
More here: