Un-social engineering: David Cameron gets spoofed by drunk hoax caller.

Do you have good procedures in place for handling executives’ phone calls? How easy would it be for someone to get their messages or phone calls put through to your principals, or to be given private numbers? And if they did get through, is there a method for verification and follow up? In this report a hoaxer got through to Prime Minister David Cameron by claiming to be the head of GCHQ. This caller apparently was just having fun, but it doesn’t take much effort to think of malicious deeds that could result from such attempts, especially in the world of corporate espionage and executive protection.

Reuters 1/26/2015:

British Prime Minister David Cameron said on Monday security would be reviewed, but no harm had been done, after an apparently drunk hoaxer claiming to be the director of Britain’s eavesdropping agency was put though to his mobile phone.

Cameron had been walking near his home in central […]

2016-12-16T20:23:42-05:00January 27th, 2015|
Read More

UK: Mirror Group Newspapers payout more compensation for their phone hacking escapades.

If you haven’t learned yet, you need to make your password difficult to guess!  1234, 1111, and 0000 will not cut it. Hacking lawsuits against first The News of the World, and then the Daily Mirror and associated publications have made voicemail hacking a well known concept. Mirror Group Newspapers, MGN, is said to have over £8 million set aside to help pay the lawsuits against them. The hacking appears to have been possible because the victims used simple passwords. 

from BBC News, 22 Jan 2015

Singer Cilla Black is among celebrities to have settled phone-hacking claims for “substantial” damages, the High Court has been told. Her son Robert Willis, actor Darren Day, EastEnders star Jessie Wallace and singer Peter Andre also settled claims, all against Mirror Group Newspapers. Their barrister David Sherborne said their privacy was “grossly violated” by the newspapers, “solely for profit”.  MGN counsel Matthew Nicklin […]

2016-12-16T20:23:42-05:00January 23rd, 2015|
Read More

P.I.s accused of using GPS tracking get restraining order but keep their licenses.

GPS tracking devices are readily obtainable. The legality of their use on unauthorized vehicles is questionable at best. The story below highlights that such devices can pose a significant threat to privacy and security. 

Orange County Register: Two private investigators accused of illegally tracking and harassing a pair of Costa Mesa councilmen have been ordered to stay away from the politicians, but a judge on Thursday declined to immediately approve a state request to take away their work and weapons permits.

Orange County Superior Court Judge Elizabeth Macias issued a restraining order against Christopher Joseph Lanzillo on Thursday, several weeks after a similar order was issued against Scott Alan Impola.

As part of the order, Lanzillo and Impola must stay away from Costa Mesa Mayor Steven Mensinger and Mayor Pro Tem Jim Righeimer – whom the two men are accused of targeting prior to a recent election – and to […]

2016-12-16T20:23:42-05:00January 20th, 2015|
Read More

UK: Former deputy prime minister finds car was bugged.

John Prescott seems to be taking this find in stride, but it could be a sign of something more sinister going on. Vehicle TSCM sweeps are an important part of regular security precautions.

The former Deputy Prime Minister discovered the device hidden in his car when he took it to a garage because it had problems starting. John Prescott has turned detective after finding his Jaguar had been bugged.

John Prescott with tracker found in his car.

Mechanics found a tracker concealed under the driver’s seat that was hooked up to the car battery, draining its power.

The sophisticated device uses mobile phone technology and is capable of reporting the Jag’s movements at all times. It also has an inbuilt microphone enabling it to pick up conversations.

And the 6 inch-square black box is even capable of immobilizing the car if instructed to by mobile phone.

Lord […]

2015-01-18T19:03:53-05:00January 18th, 2015|
Read More

Waiting to be hacked… new consumer devices offer new eavesdropping potential.

Internet connected devices are attracting a lot of attention. Many, though, have potential security vulnerabilities just waiting to be hacked.  The following devices may not have been exploited yet… but considering the possibilities, it’s only a matter of time. Some of these just appeared at the CES show in Las Vegas and may not have hit the street yet but many are already at work in homes and offices.

Netatmo Welcome, uses facial recognition to detect and alert you to people in view. “Welcome” sends the names of the people it recognizes to your smartphone. The camera also notifies you when it sees an unknown face. Through the app you can check who is currently home, access live stream and past events.

Netatmo Welcome

Netatmo touts “stunning HD images, extensive 130 degree field of view, and superior night vision

 

Petcube brings video and audio monitoring into your living room. […]

2016-12-16T20:23:43-05:00January 12th, 2015|
Read More

Australia: Obama strips down entire hotel floor to search for bugs and listening devices

Hotels can be fertile ground for eavesdropping. Security teams for executives as well as politicians should consider hotel TSCM sweeps to be part of their standard protocol especially when important meetings are planned. 

Brisbane, Australia, via DailyMail, Nov 9, 2014

U.S. security officials have stripped down an entire floor of a Brisbane hotel and removed furniture to prevent President Barack Obama being spied on during his stay for the G20 summit this weekend.

Mr Obama’s security agents ordered beds, mirrors and bedding be removed from rooms surrounding the suite where the President will stay at the five-star Marriott Hotel in Queensland’s capital city, the Courier-Mail reported.

The floor will be checked for bugs before Mr Obama arrives on Saturday, to ensure he can make secure phone calls and conduct meetings.

President Obama and his staff will occupy […]

2014-11-17T11:10:28-05:00November 17th, 2014|
Read More

“Here’s looking at you, kid…” Are your web enabled cameras safe? Many are not.

A fairly new website has caused a recent stir.  Insecam.com provides links to thousands of webcams around the world.  It has been mentioned in recent news reports ranging from Lifehacker and CNET, to the UK Daily MailPC World, and more. Vulnerable webcams are not something new, though, yet their popularity has certainly grown along with the threat of misuse.

The first well documented webcam was set up to watch a coffee pot at Cambridge University in 1991 [read more]. That camera (and coffee pot) was finally turned off in 2001, but by then, many more webcams had been turned on. (See more about the history of the coffee cam at the end of this article.)

First Webcam, Cambridge University

In early part of this century (2004) while I was searching online for information on webcams I came across […]

2016-12-16T20:23:46-05:00November 10th, 2014|
Read More

Taiwan political eavesdropping scandal- phone wiring tapped

Audio wiring was found attached to phone terminal block that serviced the Taipei mayoral candidate’s office. 
Some interesting security points are mentioned in the following article:

  • A routine privacy inspection uncovered the extra cable- regular sweeps are important!
  • Telecom technicians verified that conversations from Ko’s ninth-floor phone were audible through the third-floor line.
  • No CCTV: No staff members work on the third floor and therefore no security cameras were set up to monitor the area
  • No access control: No electronic security card is needed to access the third-floor elevators.
  • In the blame-game, information leaks were blamed on the director being a “blabbermouth” rather than eavesdropping

The China Post

TAIPEI, Taiwan — Taipei mayoral candidate Sean Lien (連勝文) said yesterday that his opponent Ko Wen-je (柯文哲) should drop out of the election if police are not able to confirm the existence of the alleged eavesdropping […]

2016-12-16T20:23:46-05:00November 5th, 2014|
Read More

Citigroup security team in Mexico accused of dealing with eavesdropping and fraud

from The New York Times/ Dealbook

The accusations read like a pulp thriller:Citigroup employees in Mexico are suspected of pocketing millions of dollars in kickbacks from vendors. And bodyguards for bank executives bought audio recordings of personal phone calls and created shell companies to disguise their fraud.

A new scandal has erupted at Citigroup’s Mexican unit just months after a $400 million fraud involving a well-connected client. Now the sprawling global bank — which separately announced plans on Tuesday to withdraw from consumer banking in 11 other markets — is wrestling with how to get its house in order in one of its oldest foreign operations. A crucial part of that decision rests on how to nudge aside the most powerful executive overseeing Mexico, a country where Citigroup has been doing business since 1929.

What makes that decision particularly difficult is that the Mexican […]

2016-12-16T20:23:47-05:00October 16th, 2014|
Read More

Court Hears Pocket-Dial Eavesdropping Case

Tip: Keep your cell phone secure, double check that it is not mistakenly on a call, especially when in conferences or important meetings.

CINCINNATI (CN) – A woman who allegedly pressed record on her co-worker’s “pocket-dialed” call will likely defeat privacy claims, 6th Circuit judges said Tuesday.
Jim Huff, chair of the Kenton County, Ky., Airport Board, said the Oct. 24, 2013, call occurred while he was attending a conference in Italy relating to operations at the Cincinnati/Northern Kentucky International Airport.

Huff sued Carol Spaw, the Erlanger, Ky., woman who answered that call in December 2013, for alleged eavesdropping.      The federal complaint alleges that Huff’s cellphone “accidentally” dialed the airport’s administrative offices, and that Spaw, administrative assistant to the airport’s CEO, answered.
During the alleged 91-minute call, Huff says he spoke with fellow board member and his wife, Bertha, at the conference and in his private hotel room.      Spaw meanwhile allegedly recorded […]

2016-12-16T20:23:47-05:00October 9th, 2014|
Read More

“Burner phones” – George Clooney recognizes their value.

Pay-as-you-go phones (aka “burner phones”) can be purchased without the need to set up an account, so the phone will not be tied to your identity.  When someone has concerns that their smart phone may have been hacked or compromised, a good option is to pick up a burner phone to use for those phone calls that need to be kept private and confidential.  The less expensive models that are not “smart phones” will not support apps that may contain spyware. It is much cheaper and quicker than having a smart phone analyzed electronically for spyware.

George Clooney and his new wife recognized burner phones as a way to help control some of the privacy of their recent wedding.

TMZ reported the rules for wedding guests:

— Leave your cellphone in your hotel room
— If you think you may need your phone, then bring it … but leave it at […]

2016-12-16T20:23:47-05:00October 1st, 2014|
Read More

Cars may be monitored for quality assurance… eavesdropping feature built in to some new vehicles.

New security feature “Valet Mode” can be turned on to record vehicle activity, including cameras and conversations when your vehicle is left in the hands of others. “All party consent” laws in many states causes manufacturers to consider updates.

Valet Mode = Eavesdropping Mode

GM warns Corvette spy feature may break law

Chris Woodyard, USA Today

General Motors is warning Chevrolet Corvette buyers and owners not to use one of the car’s most exotic high-tech features because it could inadvertently result in committing a crime in some states.

The feature involves “Valet Mode,” an aspect of the Performance Data Recorder in the 2015 Corvette, which is built in Bowling Green, Ky. It allows owners to secretly record conversations in their cars and performance data when they’re not along for the ride, such as when the car is being parked by a […]

2016-12-16T20:23:47-05:00September 30th, 2014|
Read More

King City closes case into wiretapping allegations

ExecSecurity reported a couple weeks ago about a case in King City, CA, where the city manager was accused of eavesdropping on conversations between the police chief and other parties.  This monitoring was suspected of being accomplished through improper use of telephone system features.

The town took the steps to have their phone system vendor investigate the phone system. The vendor’s report indicates that they did not find and physical wire taps or improper wiring connections, but the report explains that features of the system could have allowed monitoring to happen.  The report only indicates that monitoring was not happening at the time of their inspection and that the features of the manager’s phone were no different from any other phone.   Unfortunately, the accessibility of such features to all phones does not indicate that they were not used improperly.

The city council was apparently satisfied that no eavesdropping had taken place, though, and has closed […]

2016-12-16T20:23:48-05:00September 2nd, 2014|
Read More

Northern Ireland: Listening device found in vehicle of dissident republican

From BBC.com: A dissident republican from Lurgan, County Armagh, is taking legal action after finding surveillance equipment hidden in his car.

The man, who does not want to be named, is a member of the Republican Network for Unity.

He discovered what appear to be battery packs and a transmitter hidden behind the rear bumper of his car.

They are believed to have been attached to a listening device hidden somewhere in the vehicle.

There was also a smaller device, believed to be a GPS locator that would have enabled those who planted it to track his movements as well as listen to anything said inside the car.

Vehicle listening device.

The man believes the equipment was placed in his car after he refused an attempt to recruit him as an informer.

He told the BBC he was approached at Belfast International Airport in April as he […]

2016-12-16T20:23:49-05:00June 12th, 2014|
Read More

Wash. Post: Companies can spend millions on security measures to keep executives safe

By , Washington Post

When he stepped down as the chief executive of Lockheed Martin in 2012, Robert Stevens received a base salary of $1.8 million, millions more in bonuses and incentives, use of the corporate aircraft and another expensive perk: personal security.

Lockheed spent $1.3 million to keep Stevens safe during his last year as CEO, then another $407,000 last year while Stevens, who was named during a 2011 terrorism trial as an al-Qaeda target, stayed on as a strategic adviser. The protection will continue, the company said in a recent regulatory filing, “based upon an assessment of the degree to which Mr. Stevens continues to be associated with the corporation and the assessed level of risk.”

Andrew Harrer/Bloomberg – When Robert Stevens, former chairman […]

2016-12-16T20:23:49-05:00June 10th, 2014|
Read More

Monaco heiress dies from her injuries after mysterious ambush by gunmen

ExecSecurity note: It is worth remembering that most attacks and serious security breaches begin with some form of surveillance taking place. Countermeasures against surveillance are not just for protecting information, it is also for protecting other significant assets including personnel. We will be watching this case to see where the investigation leads.

From theguardian.com:
Police, who first described the attack on Pastor’s car as an “ambush” and an “attempted execution”, admitted they had no idea whether it was Pastor or her chauffeur who was the target of the gunmen, and said the choice of weapons did not suggest a professional assassin.

A police officer examining the car of Hélène Pastor after the shooting outside a Nice hospital, where she was visiting her son. (Photo: Valéry Hache/AFP/Getty)

 

A wealthy Monaco heiress shot two weeks ago in a mysterious attack on the French Riviera […]

2016-12-16T20:23:50-05:00May 27th, 2014|
Read More

Eavesdropping as art? NYC ‘artists’ install listening devices in lamps in public places then posting tweets of conversations.

As reported in Wired magazine, artists Brian House and Kyle McDonald have been installing wifi listening devices in lamps in public areas around New York City.  The intercepted conversations are uploaded to a server and parts of the transcription gets tweeted live. 

The components of Conversnitch, including a Raspberry Pi miniature computer, an LED light source and a plastic flower pot. Photo: Kyle McDonald

From Wired:

As former NSA director Michael Hayden learned on an Amtrak train last year, anyone with a smartphone instantly can become a live tweeting snoop. Now a whole crowd of amateur eavesdroppers could be as close as the nearest light fixture.

Two artists have revealed Conversnitch, a device they built for less than $100 that resembles a light bulb or lamp and surreptitiously listens in on nearby conversations and posts snippets of transcribed audio to […]

2016-12-16T20:23:50-05:00April 23rd, 2014|
Read More

Hotel eavesdropping fears and security tips.

TURKISH AK PARTY CHANGES HOTEL OVER WIRETAPPING FEARS

ANKARA — AK Party officials decided not to hold their biannual meeting at the Asya Termal, a hotel run by a Gülen Movement affiliate, over concerns that the venue may be bugged. The hotel in Ankara’s Kızılcahamam district was the traditional venue for the biannual consultation meetings of AK Party members until after private conversations in the previous meeting were secretly recorded and leaked. 

Gülenists are also accused of secretly recording private meetings at hotel rooms via hidden cameras.

The meetings on May 3 and 4 will be held in Antalya instead of the Ankara hotel. [Read more- the Daily Sabah]

Hotel Conf table 2

——————————————————–

Hotels are popular places for important meetings, but there is a lot to be concerned about. The rooms themselves are not very complicated to sweep, as the furniture is usually minimal, […]

2016-12-16T20:23:50-05:00April 21st, 2014|
Read More
Go to Top