A couple of recent articles reveal some spy history. Spy chamber found under Moscow streets believed to be used by Ivan the Terrible. And a recent documentary reveals spying on King Edward VIII in 1936 by the British government.
Sharon Nelson and John Simek, of Sensei Enterprises, host a monthly podcast called Digital Detectives on the Legal Talk Network. Their guest for March 2017 was Charles Patterson of Exec Security TSCM. They discussed electronic surveillance countermeasures and how electronic security sweeps can help ensure privacy for lawyers and their clients.
I had the privilege to be interviewed by Chuck Harold of SecurityGuyRadio.com. He has a weekly podcast and YouTube channel discussing all aspects of security. We discussed TSCM, eavesdropping detection, bug sweeps and other security concerns.
A lawsuit has been filed claiming that a unit of Panasonic Corporation secretly bugged a conference room where a business partner was holding a confidential meeting. Panasonic Avionics is accused of stealing confidential, proprietary information related to the software used to run in-flight entertainment systems.
In IT and Cyber security, penetration testing or “pen testing” for short, is a necessary activity for discovering and revealing network vulnerabilities.
One company known for it’s pen testing tools is Hak5. They have a number of informative videos discussing IT security and pen testing techniques as well as offering products designed with both security testing and hacking in mind.
An inherent challenge then, is that many of the same tools available for testing cyber defenses are also usable for defeating security. Any cyber security consultant should undoubtedly be aware of these tools, but it is also important for anyone concerned with network security to be on the lookout for any related devices that might show up in unauthorized hands or in inappropriate locations (such as connected to your own computer for instance).
A recent addition to the Hak5 product line up is a device they call the Bash Bunny […]
Jack Platt (John C. Platt) passed away on Jan 4, 2017 at the age of 80.
Jack had forged a lasting friendship with KGB officer Gennadiy Vasilenko, beginning in the 1970’s. Vasilenko suffered at the hands of of the KGB partly due to his relationship with Platt and was put in prison twice. After his second imprisonment of five years, from 2005 to 2010, he was able to be released as part of a spy trade with the US.
Gennadiy Vasilenko and Mr. Platt were keynote speakers at the 2013 conference of ERII (Espionage Research Institute International). Jack introduced Mr. Vasilenko who proceeded to tell their story, while Jack quietly took a seat in the back of the room. Some of their complicated relationship was explained in a recent NY Times article.
Jack […]
Too often employees do not understand that they are the caretakers of privileged information and the must treat it with confidentiality and respect.
Even basic information such as the time and place of a meeting could give an enemy or competitor a chance to set up unauthorized surveillance or other attack. Be sure to educate your employees, staff, contractors, and meeting participants that the information they may be receiving is private and confidential and is not to be shared.
Some of these points were brought home by the 2017 Superbowl ad for Avocados From Mexico. It’s a cute ad, but whether you like avocados or not, it does points out that many people may not understand the value and sensitive nature of what is being discussed in your meetings.
Turning off sound-masking, internal leaks, posting meeting info on social media are all problems of the “Secret Society”.
During a routine TSCM sweep a bugging device had been found embedded in a chair in the hotel room used by the All Blacks rugby team. Sweeps can be important for any business, and sports teams as well. Information discussed prior to major games could be desirable from many directions- the opposing team, news media, not to mention gambling and possible organized crime activities. In this case however, it appears that the security consultant hired to help protect the team had ideas of his own and is now charged with planting the device himself. The risk posed by insiders to any corporation is significant. Employees, executives, vendors, and consultants could all come under suspicion.
from ShanghaiDaily.com
CHINESE insurance regulator said that a state insurer used an iPhone and a voice recorder to eavesdrop on inspectors.
China Insurance Regulatory Commission Shandong bureau said Saturday that the eavesdropping devices were found at the Weifang office of Yingda Taihe Property Insurance.
The regulator had been inspecting the Shandong branch.
On Jan. 6, inspectors found the iPhone and voice recorder taped under their chairs. Neither Yingda nor the regulator elaborated on how the tapping devices were found.
“Their purpose was to listen in on the discussions, so that they could obstruct and thwart inspections,” sources with the insurance regulator said.
Four people — Lu Wentao, vice general manager of the Weifang subsidiary, and three other company employees Han Tao, Yang Changhao and Cui Zhao, have been implicated in the incident. Yingda said all four have been removed from their posts and are under […]
Our surveillance detection department has discovered an increase in spy activity coming from foreign actors to the north. Images leaked by NPA contractor Edward Snowflake (North Pole Agency) reveal what appears to be a secret command post manned by Kris Kringle and a team of highly skilled hackers.
Deloitte is looking to hire a federal contracts manager, a federal cybersecurity consultant and is even advertising for military officers with top-secret government clearances. What none of the people applying for those jobs know — and few of the people doing the hiring know, either — is the secret history of Deloitte's robust federal practice.
Not surprisingly, North Korea reportedly bugs the residences of party officials.
SEOUL, Dec. 19 (UPI) — The North Korean diplomat who fled from Pyongyang’s embassy in London testified Monday that former Defense Minister Hyon Yong Chol was executed based on information from wiretapped conversations at his home.
Thae Yong Ho, who arrived in South Korea with his family in August, provided the statement to Seoul lawmakers Monday, local news service News 1 reported.
Thae, who was in charge of propaganda at the embassy, said all high-ranking members of North Korea’s security department are “constantly being eavesdropped on,” according to Lee Cheol-uoo, chairman of the national assembly’s intelligence committee.
“In North Korea, surveillance becomes more intense with rank and it has become the norm for homes to be wiretapped, according to Minister Thae,” Lee said.
North Korea’s former […]
From The Mainichi, December 8, 2016
According to Mito Municipal Government officials, it was tipped off about the bug on Dec. 6. Specialized workers hired by the local government began searching for the device from the evening of Dec. 7 and found it in a waiting room for three assembly members from “Suiseikai” — a conservative parliamentary group — on the first floor of the temporary two-story prefabricated assembly building. The bug plugs into an electric outlet.
The Mito Municipal Government is still using a temporary office building […]
Researchers from the Negev Cyber Security Research Center of Ben-Gurion University have presented a paper explaining that the software controlling signals to headphone jacks in many computers can be altered or re-tasked to change the jack from an output to an input, thereby turning the earphones into potential microphones.
Eavesdropping attempts may not always be well thought out, they could be spur of the moment opportunities. A camera recording with audio was found under a chair during a private meeting of MPs. British sportswear company Sports Direct was being paid an unannounced visit by members of the House of Commons' Business Select Committee. The MPs were there to insure that good working practices were being upheld by CEO Mike Ashley and the rest of the company.
News journal Mother Jones has an exclusive report that the Democratic National Committee told the FBI that they may have found evidence their headquarters was bugged. Nov. 4, 2016
…the Democratic Party recently informed the FBI that it had collected evidence suggesting its Washington headquarters had been bugged, according to two Democratic National Committee officials who asked not to be named.
In September, according to these sources, the DNC hired a firm to conduct an electronic sweep of its offices. After Russian hackers had penetrated its email system and those of other Democratic targets, DNC officials believed it was prudent to scrutinize their offices. This examination found nothing unusual.
In late October, after conservative activist James O’Keefe released a new set of hidden-camera videos targeting Democrats, interim party chairwoman Donna Brazile ordered up another sweep. […]
A number of computers at a five-star Geneva hotel that has hosted sensitive talks, including Iranian nuclear negotiations, were found to be infected with malware used for espionage, Swiss prosecutors have revealed. In Vienna, where the Iranian nuclear talks concluded in July 2015, the state prosecutor has launched two separate investigations into possible espionage. A spokesperson for the justice ministry told the Guardian that the two ongoing investigations were launched in June 2015 after bugging devices were discovered at Palais Coburg.
Most are familiar with the old question, “If a tree falls in the forest, but no one is there to hear it, does it make a sound?” Here is the new one that lawyers are facing: “If a microphone is turned on, but no one is there to hear it, is it still eavesdropping?”
Fear of eavesdropping is helping to spawn lawsuits as so many devices in daily use now come with some sort of microphone built in. An Indianapolis Colts fan has brought a lawsuit against the Colts, their app developer, YinzCam, and LISNR who created the technology used.
The Colts smartphone app uses fairly new technology to help deliver news, information, and ads to their fans. It supposedly can activate the smartphone microphone and be able to detect ultra high frequency sounds, far above the normal range of […]