About Exec Security

.

“Here’s looking at you, kid…” Are your web enabled cameras safe? Many are not.

A fairly new website has caused a recent stir.  Insecam.com provides links to thousands of webcams around the world.  It has been mentioned in recent news reports ranging from Lifehacker and CNET, to the UK Daily MailPC World, and more. Vulnerable webcams are not something new, though, yet their popularity has certainly grown along with the threat of misuse.

The first well documented webcam was set up to watch a coffee pot at Cambridge University in 1991 [read more]. That camera (and coffee pot) was finally turned off in 2001, but by then, many more webcams had been turned on. (See more about the history of the coffee cam at the end of this article.)

First Webcam, Cambridge University

In early part of this century (2004) while I was searching online for information on webcams I came across […]

2016-12-16T20:23:46-05:00November 10th, 2014|
Read More

Taiwan political eavesdropping scandal- phone wiring tapped

Audio wiring was found attached to phone terminal block that serviced the Taipei mayoral candidate’s office. 
Some interesting security points are mentioned in the following article:

  • A routine privacy inspection uncovered the extra cable- regular sweeps are important!
  • Telecom technicians verified that conversations from Ko’s ninth-floor phone were audible through the third-floor line.
  • No CCTV: No staff members work on the third floor and therefore no security cameras were set up to monitor the area
  • No access control: No electronic security card is needed to access the third-floor elevators.
  • In the blame-game, information leaks were blamed on the director being a “blabbermouth” rather than eavesdropping

The China Post

TAIPEI, Taiwan — Taipei mayoral candidate Sean Lien (連勝文) said yesterday that his opponent Ko Wen-je (柯文哲) should drop out of the election if police are not able to confirm the existence of the alleged eavesdropping […]

2016-12-16T20:23:46-05:00November 5th, 2014|
Read More

Pest control tech arrested for eavesdropping- de-bugger needs to be de-bugged

Red Oak, Iowa, KMAland.com

Red Oak Police say 38-year-old Aaron Theodore Johnson was arrested Monday for electronic and/or mechanical eavesdropping, a serious misdemeanor, and felon in possession of a firearm, a class D felony. Johnson is charged in connection with an investigation that began at around 11:10 Monday morning, when police received a complaint from 29-year-old Jessica Hale of Red Oak regarding a recording device found in her residence in the 400 block of North 7th Street.

Upon further investigation, authorities later found a second device in the residence’s bedroom. The victim told police that the only person granted access to her residence was a pest control technician. Later in the day, a search warrant was obtained for Johnson’s residence in the 2700 block of State Highway 48–which is also the location of RMPKA Pest Control Services.

 

Officers with Red Oak Police and deputies with […]

2016-12-16T20:23:46-05:00November 5th, 2014|
Read More

Telephone fraud and PBX hacking revisited… “will you accept the charges?”

A recent article in the NY Times caught the attention of some of our clients. It documented an architectural firm in Norcross, Georgia, that had their phone system hacked, resulting in a phone bill for $166,000 over just one weekend.

In past ExecSecurity posts we have discussed a few methods used by hackers for compromising phone systems. One aspect of the threat is actual eavesdropping and theft of information. That type of threat can be considered targeted attacks, where someone is attempting to steal information specifically from you or your company. But as mentioned in the Times article, hackers with fraud and financial gain as their motivation are hitting random targets throughout the US and the world. In such cases, the hackers do not care whose system they attack, and they will try thousands of systems looking for one that is vulnerable.

silhouette on phone

The Times article […]

2016-12-16T20:23:47-05:00October 24th, 2014|
Read More

Citigroup security team in Mexico accused of dealing with eavesdropping and fraud

from The New York Times/ Dealbook

The accusations read like a pulp thriller:Citigroup employees in Mexico are suspected of pocketing millions of dollars in kickbacks from vendors. And bodyguards for bank executives bought audio recordings of personal phone calls and created shell companies to disguise their fraud.

A new scandal has erupted at Citigroup’s Mexican unit just months after a $400 million fraud involving a well-connected client. Now the sprawling global bank — which separately announced plans on Tuesday to withdraw from consumer banking in 11 other markets — is wrestling with how to get its house in order in one of its oldest foreign operations. A crucial part of that decision rests on how to nudge aside the most powerful executive overseeing Mexico, a country where Citigroup has been doing business since 1929.

What makes that decision particularly difficult is that the Mexican […]

2016-12-16T20:23:47-05:00October 16th, 2014|
Read More

State Department concerned about Chinese espionage at Waldorf Astoria

State Department concerned about Chinese spying at Waldorf Astoria after sale to insurance company with possible Communist Party ties.

The State Department said it is reviewing the sale of the hotel to Beijing-based Anbang Insurance Group, and that it may stop leasing space for the U.S. ambassador to the UN or the General Assembly. Anbang is reportedly linked to China’s Communist Party, which has overseen a massive effort to use cyberspying to steal U.S. trade and military secrets.

WASHINGTON — The sale of the Waldorf Astoria to a Chinese insurance giant is really bugging the State Department.

Grand plans by Beijing-based Anbang Insurance Group “to restore the property to its historic grandeur” has some Washington diplomatic and security insiders wondering if the Chinese will be adding more than a view to kill for.

Officials said Monday they are reviewing the sale — and implied the glittering renovation scheme for the iconic Park Ave. […]

2016-12-16T20:23:47-05:00October 14th, 2014|
Read More

Court Hears Pocket-Dial Eavesdropping Case

Tip: Keep your cell phone secure, double check that it is not mistakenly on a call, especially when in conferences or important meetings.

CINCINNATI (CN) – A woman who allegedly pressed record on her co-worker’s “pocket-dialed” call will likely defeat privacy claims, 6th Circuit judges said Tuesday.
Jim Huff, chair of the Kenton County, Ky., Airport Board, said the Oct. 24, 2013, call occurred while he was attending a conference in Italy relating to operations at the Cincinnati/Northern Kentucky International Airport.

Huff sued Carol Spaw, the Erlanger, Ky., woman who answered that call in December 2013, for alleged eavesdropping.      The federal complaint alleges that Huff’s cellphone “accidentally” dialed the airport’s administrative offices, and that Spaw, administrative assistant to the airport’s CEO, answered.
During the alleged 91-minute call, Huff says he spoke with fellow board member and his wife, Bertha, at the conference and in his private hotel room.      Spaw meanwhile allegedly recorded […]

2016-12-16T20:23:47-05:00October 9th, 2014|
Read More

Surveillance drives South Koreans to encrypted messaging apps

from The Verge

Two weeks ago, Kakao Talk in South Korea users got an unpleasant surprise. After months of enduring public criticism, President Park Guen-Hye announced a crackdown on any messages deemed as insulting to her or generally rumor-mongering — including private messages sent through Kakao Talk, a Korean messaging app akin to WhatsApp or iMessage. Prosecutors began actively monitoring the service for violations, promising punishment for anyone spreading inappropriate content.

In response to the crackdown, South Koreans have voted with their feet, heading en masse to encrypted chat programs hosted outside the country, particularly an app called Telegram known for its encryption features. Based in Germany, Telegram reports roughly 1.5 million new South Korean users have signed up in the past seven days, giving the app more than 50 million users worldwide. Telegram’s Markus Ra says it’s not the only country where government controls have made Telegram an attractive […]

2016-12-16T20:23:47-05:00October 6th, 2014|
Read More

Ford to offer Police Interceptor surveillance tech to competitors

by Chris Bruce, www.Autoblog.com

Ford unveiled its surveillance mode technology last year as an option for 2014 Ford Police Interceptor Sedan and Utility models, and it has been a huge success. Now, the automaker and its partner InterMotive Inc. have decided to license the patent-pending system, including possibly to competitors and the military.

The surveillance mode technology is all about improving officers’ situational awareness when their vehicle is stationary, and they aren’t paying total attention to their surroundings; when filling out paperwork, for example. When an officer activates the system, the rear radar begins monitoring what’s happening behind the cruiser. If it detects someone coming up on the vehicle, then the rear camera turns on, the driver’s side window closes and the doors lock. Of course, in busy environments with people constantly walking around, the police can also just keep surveillance mode turned off.

The whole […]

2016-12-16T20:23:47-05:00October 6th, 2014|
Read More

“Burner phones” – George Clooney recognizes their value.

Pay-as-you-go phones (aka “burner phones”) can be purchased without the need to set up an account, so the phone will not be tied to your identity.  When someone has concerns that their smart phone may have been hacked or compromised, a good option is to pick up a burner phone to use for those phone calls that need to be kept private and confidential.  The less expensive models that are not “smart phones” will not support apps that may contain spyware. It is much cheaper and quicker than having a smart phone analyzed electronically for spyware.

George Clooney and his new wife recognized burner phones as a way to help control some of the privacy of their recent wedding.

TMZ reported the rules for wedding guests:

— Leave your cellphone in your hotel room
— If you think you may need your phone, then bring it … but leave it at […]

2016-12-16T20:23:47-05:00October 1st, 2014|
Read More

Cars may be monitored for quality assurance… eavesdropping feature built in to some new vehicles.

New security feature “Valet Mode” can be turned on to record vehicle activity, including cameras and conversations when your vehicle is left in the hands of others. “All party consent” laws in many states causes manufacturers to consider updates.

Valet Mode = Eavesdropping Mode

GM warns Corvette spy feature may break law

Chris Woodyard, USA Today

General Motors is warning Chevrolet Corvette buyers and owners not to use one of the car’s most exotic high-tech features because it could inadvertently result in committing a crime in some states.

The feature involves “Valet Mode,” an aspect of the Performance Data Recorder in the 2015 Corvette, which is built in Bowling Green, Ky. It allows owners to secretly record conversations in their cars and performance data when they’re not along for the ride, such as when the car is being parked by a […]

2016-12-16T20:23:47-05:00September 30th, 2014|
Read More

Where have you been? Google knows.

If you have a Google account and you have Google apps’  “Location Reporting” or “Location Services” active on your phone, you can find out where you have been for just about any day that you have had the feature turned on. These could be apps on an iPhone or iPad, or just built into your Android phone. Whenever an app shows you that something is nearby, suggests local businesses, or helps you find the closest gas station, it’s using Location Reporting.

It is an “opt-in” service, but many people have said yes to it without realizing when they first initialized a new phone.  Location Reporting sends your GPS or other location information to Google periodically through out the day.  The information that has been logged for your device can be viewed here:  https://maps.google.com/locationhistory/b/0/
It looks like this:

With this service you can see the basic […]

2016-12-16T20:23:47-05:00September 24th, 2014|
Read More

Landlord used baby monitor to eavesdrop on tenants.

TOWANDA, PA. Sept 9, 2014: A Towanda landlord, who is accused of possessing child pornography and using an electronic device to listen to a tenant having sex, is being held on $500,000 bail, according to court records. Daniel L. Bell, 65, of Towanda was charged Monday with 19 counts of possession of child pornography and three counts of wiretapping, both third-degree felonies, police said.

…The illegal activity was uncovered during a search that the Bradford County Probation Department conducted of Bell’s residence on April 4, police said. At the time, Bell was on probation and being supervised by the Probation Department, police said. During the search, the Probation Department seized the receiver unit for a baby monitor, which the Probation Department had information to believe Bell was using to eavesdrop on a tenant of his who lives in an adjoining building, police said.

…The sending unit for the baby monitor, which includes a […]

2016-12-16T20:23:47-05:00September 10th, 2014|
Read More

King City’s eavesdropping case re-opened. City administrators gave eavesdropping instructions.

Revisiting the problems of King City, CA., if you recall in a previous episode, the City Council brought in their local phone vendor to review their PBX system. They found that while there was the capability of listening to room conversations via the intercom features, it was not active during their investigation.  That really doesn’t prove anything, but it apparently was enough for the Council to drop the case. I think they probably wanted the situation to go away quietly.

The District Attorney has decided to re-open the case, though, due to the revelation that instructions were sent from City Hall administrators to previous city managers with instructions on how to enable the microphone to eavesdrop on employees.

From the Monterey County WeeklySaturday, September 6, 2014; by Sara Rubin

2016-12-16T20:23:47-05:00September 6th, 2014|
Read More

Voicemail hacking scandal with George Clooney (coming to the big screen)

The voicemail hacking scandal that caused the collapse of News of the World, Rupert Murdoch’s UK tabloid, is about to be made into a movie, taken on by director George Clooney. 

Journalist Nick Davies recently published the book “Hack Attack” telling the story of how he took on the News of the World and their investigators who hacked phones, listened to live calls, sent Trojan horse emails, bribed the police, and committed burglaries to dig up tabloid scoops. (Available at Amazon [here]).  George Clooney will be heading up an adaptation of the book for Sony pictures, scheduled to begin filming in 2015.

From the Hollywood Reporter:

George Clooney has made the call on his next directing project. The actor-producer-director will helm an adaptation of the book Hack Attack, exploring the British phone-hacking scandal surrounding Rupert Murdoch‘s news […]

2016-12-16T20:23:48-05:00September 6th, 2014|
Read More

King City closes case into wiretapping allegations

ExecSecurity reported a couple weeks ago about a case in King City, CA, where the city manager was accused of eavesdropping on conversations between the police chief and other parties.  This monitoring was suspected of being accomplished through improper use of telephone system features.

The town took the steps to have their phone system vendor investigate the phone system. The vendor’s report indicates that they did not find and physical wire taps or improper wiring connections, but the report explains that features of the system could have allowed monitoring to happen.  The report only indicates that monitoring was not happening at the time of their inspection and that the features of the manager’s phone were no different from any other phone.   Unfortunately, the accessibility of such features to all phones does not indicate that they were not used improperly.

The city council was apparently satisfied that no eavesdropping had taken place, though, and has closed […]

2016-12-16T20:23:48-05:00September 2nd, 2014|
Read More

Spy History: John Walker Jr., spy family ringleader, dies in prison at 77

John A. Walker Jr., a former Navy officer who in 1986 pleaded guilty to recruiting his son, a brother and a friend into a spy ring that stole military documents and sold the information to Soviet agents, died on Thursday (8/28) at the federal prison complex in Butner, N.C. He was 77.

His death, at the prison medical center, was confirmed by Chris Burke, a spokesman for the Bureau of Prisons.

Mr. Walker was a Navy communications specialist when he began spying for the Soviets at the height of the Cold War in 1967. After his arrest in May 1985, the government said he had led one of the most damaging spy operations in American history. All four members of it were convicted.

Mr. Walker worked alone initially and by most accounts without an ideological […]

2016-12-16T20:23:48-05:00September 2nd, 2014|
Read More

Voicemail hacks still prevalent, causing fraudulent phone charges to small businesses.

There are a number of reasons to try to keep your voicemail secure. The most significant may be to prevent theft of information. Celebrities and politicians could be the most obvious targets, the escapades of reporters working for Rupert Murdoch’s News of the World are testament to this (see Hack Attack). Business leaders and decision makers should also be concerned, of course, much proprietary information is left on voicemail messages.

Many businesses though, have found their voicemail systems compromised resulting in very large phone bills due to fraudulent calls.

The Better Business Bureau recently warned of it, calling it a “new” type of fraud. It is far from new, though. At ExecSecurity, we have worked on such cases starting as far back as 1996, and I’m sure incidents were probably occurring ever since voicemail systems were first put to use.

From KMTV in OMAHA, Neb. – The Better Business Bureau is warning about a new kind […]

2014-09-02T12:41:54-04:00September 2nd, 2014|
Read More
Go to Top