Counterespionage

Cyber Attacks May Be Revealed to Investors as SEC Rules Push Disclosures

comsecllc — Tue, 10 Jan 2012 15:29:00 +0000

Note: This was bound to happen as more and more companies become victims of Cyber Espionage. Has your company become a victim of Cyber Espionage? And, more importantly, does your company have a Cyber TSCM / Cyber Counterespionage strategy in place to mitigate this risk?
Contact me, I can help. ~JDL

bloomberg.com

China-based hackers rifled the computers of DuPont Co. (DD) at least twice in 2009 and 2010, hunting the technological secrets that made the company one of the world’s most successful chemical makers.

It’s not something investors would have learned from DuPont’sregulatory filings, or from those of other companies victimized by hackers. The 10-K’s DuPont submitted to the U.S. Securities and Exchange Commission over the period don’t identify hacking as even a significant risk, much less reveal what two U.S. intelligence officials later said was a successful case of industrial espionage.

Over the next three months, as publicly traded companies file 10-K’s, investors may see new admissions of corporate networks being hacked after the SEC said companies can’t continue to hold back the details of those incidents.

As cyberspies from China, Russia and other countries ransack the computer networks of one major U.S. and European firm after the next, the SEC in October offered its new interpretation of disclosure requirements as applied to cybercrime. The amount of information that’s forthcoming will depend on whether company lawyers determine the incidents had, or will have, a material effect on the enterprise.

Daniel Turner, a spokesman for Wilmington, Delaware-based DuPont, said, regarding the previously-reported hack, “We let our disclosures speak for themselves.”

More…

Filed under: anonymous, bug sweep, cyber cyberespionage, cyber tscm, cyberespionage, cyberspying, cybertscm, electronic eavesdropping, hack, hackers, spy watch, TSCM

Symantec Confirms Anonymous Took Product Source Code

comsecllc — Mon, 09 Jan 2012 21:56:00 +0000

crn.com

Symantec (NSDQ:SYMC) confirmed Friday that an India-based chapter of hacker collective Anonymous had accessed the network of an unidentified third party and had taken source code from two of its corporate security products.

The vendor said code samples provided Thursday to an online community of security professionals called Infosec Island were from two products: Symantec Endpoint Protection 11 and Symantec AntiVirus 10.2. The vendor supports the latter, but no longer sells it, while the former is currently on version 12.1. The code was four or five years old, according to Symantec.

“It would be very difficult to do anything with (the code), because it is so old,” Symantec spokesman Cris Paden said.

Malware designed to take advantage of the code would only work on the older products. Therefore, hackers would have to find a company that had not updated its security software in years, an unlikely scenario. “They would have been annihilated a long time ago from cyber threats,” Paden said.

Symantec claimed the theft did not indicate that source code in its current products could be taken. The software today is architected differently, so the techniques used to take code from the older products won’t work, Paden said. “It’s not possible that they would be able to access current-day code.”

More…

Filed under: anonymous, bug sweep, bugged, bugging, Counterterrorism, cyber espionage, cyber tscm, cybersecurity, cyberspying, cybertscm, electronic eavesdropping, hack, hackers, spy, spy watch, spying, TSCM

Brute force tools crack Wi-Fi security in hours, millions of wireless routers vulnerable

comsecllc — Thu, 05 Jan 2012 16:23:00 +0000

computerworld.com

If you set WPA/WPA2 security protocol on your home or small business wireless router, and you think your Wi-Fi is secure, there two recently released brute force tools that attackers may use to bypass your encryption and burst your security bubble. The irony is that the vulnerability which can be exploited was intended to be a security strength, a usability issue to help the technically clueless setup encryption on their wireless networks. Wi-Fi Protected Setup (WPS) is enabled by default on most major brands of wireless routers including Belkin, Buffalo, D-Link, Cisco’s Linksys and Netgear, leaving millions of wireless routers around the world vulnerable to brute force attacks which can crack the Wi-Fi router’s security in two to ten hours.

Most wireless routers come with a WPS personal identification number (PIN) printed on the device. When a user is setting up a wireless home network via a network setup wizard, enabling encryption is often as easy as pushing a button on the router and then entering the eight digit PIN which came with it. When an attacker is attempting to brute force the PIN and an incorrect value was entered, a message is sent that basically tells an attacker if the first half of the PIN was right or not. Additionally, according to Stefan Viehbock, the security researcher who reported the flaw, “The 8th digit of the PIN is always the checksum of digit one to digit seven,” meaning it only takes an attacker about 11,000 brute force guesses to own the password. Unfortunately most wireless routers don’t have a lockout policy after several failed password attempts.

More…

Filed under: bug sweep, bugged, bugging, cyber espionage, cyber tscm, cyberespionage, cyberspying, cybertscm, electronic eavesdropping, encryption, hack, hackers, wifi, wireless

How to Know If Someone Bugged Your Room

comsecllc — Wed, 04 Jan 2012 18:16:00 +0000

theatlanticwire.com

For tips on sweeping a room for surreptitious surveillance devices, look no further than the Federal Bureau of Investigation. That’s where members of the federal government have been going for years to find out who’s wiretapped their telephone or implanted a microphone in their corner office. And now we know a lot more about the bureau’s routine wiretap inspections thanks to GovernmentAttic.org, a website that publishes documents from Freedom of Information Act requests. The site has published a 66MB cache of correspondence from 1952 to 1995 detailing various issues of telephone security often involving paranoid government officials from senators to post master generals to secretaries of the Department of Agriculture to President Richard Nixon who think someone is surreptitiously listening to their conversations.

It’s going to take an army of readers to rummage through the entire cache of FBI documents but from what we’ve read so far, much of the correspondence involves government officials requesting wiretap inspections from the FBI, typically because they fear sensitive information has leaked from their office, and, upon inspection, the FBI finds nothing. Interestingly, they do often provide an informative report on how they went about sweeping the room.

As you can imagine, the descriptions of wiretap sweeps get much more technical from the ’50s to the ’70s to the ’90s. In the old days, a wiretap inspection was simpler. Take this sweep of the office of Postmaster General Arthur Summerfield in 1953.

More…

Note: A “Do it yourself” sweep, is kind of like “do it yourself” plumbing…you get what you pay for…

Don’t let those “leaks” continue…contact me, I can help. ~JDL

Filed under: bug, bug sweep, bugged, bugging, bugs, cyber tscm, eavesdropping detection, electronic eavesdropping, fbi, spy watch, spying, TSCM, wiretapping

Police group members react to Anonymous hacking

comsecllc — Wed, 04 Jan 2012 15:50:00 +0000

news10.net
SACRAMENTO, CA – A day after Anonymous hacked into California Statewide Law Enforcement Association’s website, CSLEA members are still learning about the security breach.

Plus, the CSLEA homepage is still down.

The well-known international hacking group released the names, home addresses, and phone numbers of public safety professionals, many of them police officers. It also exposed credit card information on purchases made in their online gift shop.

Anonymous claimed on their post that they have 2,500 names and passwords, and in some cases, credit card numbers. The hacker group justified releasing the information asserting, “California law enforcement officers are notorious for brutality.”

Union president Alan Barcelona said CSLEA had information taken in November. All members who had their information breached then were contacted by phone or letter. The letter, dated Nov. 10, “confirms that credit card information of customers of the CSLEA online store had been compromised”

It stated, “Fortunately, most of the credit cards that were compromised had expired.” And, it went on to state, “Additionally, all of the information which was previously maintained on the site has been purged.”

Teresa Dobbins, an employee of the Department of Justice, never got word of the breach in November. And she wasn’t informed that her personal information, including her email address, phone number, and home address, were leaked onto the web New Year’s Day, until News 10 contacted her.

“If they were aware of it, they should have tried to notify me before the media did,” Dobbins said.

More…

Filed under: anonymous, bug sweep, bugged, bugging, cyber cyberespionage, cyber tscm, cybersecurity, cyberspying, cyberwarfare, eavesdropping detection, hack, hackers, National Cybersecurity Center, police, TSCM

VoIP eavesdropping: Hardening network security to contain VoIP risks

comsecllc — Tue, 03 Jan 2012 18:21:00 +0000

searchsecurity.techtarget.com

Every organization considering a Voice over Internet Protocol (VoIP) telephone system deployment hears the same dire warnings: “Routing voice calls over a data network exposes calls to eavesdropping.”

While it’s certainly true that any telephone call carries a certain degree of eavesdropping risk, is it true that VoIP calls have an inherently higher degree of risk? In this tip, we explore the ins and outs of VoIP eavesdropping.

VoIP eavesdropping is possible First, it’s important to be clear about one thing: It is absolutely possible to eavesdrop on a VoIP telephone call. It’s also possible to eavesdrop on a telephone call placed using the traditional public switched telephone network (PSTN). The difference lies in the tools and skill set needed to conduct the eavesdropping.

On a traditional telephone network, someone seeking to eavesdrop on a call generally must have physical access to either the telephone or telephone cable, at least at the initiation of the attack. This type of attack is typical in the movies. Whether it’s the good guys or the bad guys conducting the eavesdropping, someone gains access to either a telephone handset or the telephone network interface box — sometimes located outside a home or office — places a wiretap listening device on the box, and then monitors calls on an ongoing basis.

More…

Filed under: bug sweep, bugged, bugging, counterespionage, cyber counterespionage, cyber tscm, cyberspying, eavesdropping detection, hack, hackers, TSCM, Uncategorized, VoIP, wiretap, wiretapping

Anonymous exposes 75,000 credit card numbers

comsecllc — Sun, 01 Jan 2012 21:38:00 +0000

washingtonpost.com

Hacker collective Anonymous has just dumped 200 GB of names, email addresses and passwords for around 860,000 Stratfor users. Anonymous also exposed credit card numbers for 75,000 paying customers of Stratfor.

Stratfor, a security think tank, provides reports on international security and related threats to government and military personnel as well as to the private sector. It is unknown whether Anonymous gained access to other, more sensitive information during the Stratfor hacks, which occurred on December 24.

“The time for talk is over,” wrote Anonymous last night on Pastebin.

“It’s time to dump the full 75,000 names, addresses, CCs and md5 hashed passwords to every customer that has ever paid Stratfor. But that’s not all: we’re also dumping ~860,000 usernames, email addresses, and md5 hashed passwords for everyone who’s ever registered on Stratfor’s site… Did you notice 50,000 of these email addresses are .mil and .gov?”

Anonymous’ motives for the attack are also somewhat hazy. In last night’s statement, representatives of the movement wrote, “All our lives we have been robbed blindly and brutalized by corrupted politicians, establishmentarians and government agencies sex shops, and now it’s time to take it back.”

In addition to the Stratfor attack and exposure, Anonymous is threatening a new action on New Year’s Eve, December 31.

More…

Filed under: anonymous, bug sweep, counterespionage, cyber counterespionage, cyber tscm, cyberattack, cybercrime, cyberespionage, cyberspying, cybertscm, hack, hackers, spy watch, terrorism, TSCM

Internet Crime Complaint Center’s (IC3) Scam Alerts December 29, 2011

comsecllc — Sat, 31 Dec 2011 16:54:00 +0000

ic3.gov

This report, which is based upon information from law enforcement and complaints submitted to the IC3, details recent cyber crime trends, new twists to previously-existing cyber scams, and announcements.

POPULAR PASSWORDS

An Internet site who manages passwords recently posted an article pertaining to the lack of secure passwords being utilized which may be a factor in data breaches — past, present, and future. One reason for the lack of security is the amount of passwords a user is required to remember to access the many databases, applications, multiple networks, etc., used on a daily basis. Sharing passwords among users in a workplace is becoming a common theme to continue the flow of operations. Users have prioritized convenience over security when establishing passwords.

The article provided a list of millions of stolen passwords posted on-line by hackers and ranked the top 25 common passwords.

password
123456
12345678
qwerty
abc123
monkey
1234567
letmein
trustno1

dragon
baseball
111111
iloveyou
master
sunshine
ashley
bailey
passw0rd

shadow
123123
654321
superman
qazwsx
michael
football

More…

Filed under: bug sweep, bugged, cyber counterespionage, cyber espionage, cyber tscm, cyberattack, cyberspying, hack, hackers, spy watch, TSCM

Cameramaker Red claims espionage

comsecllc — Fri, 30 Dec 2011 19:04:00 +0000

variety.com
In a saga worthy of a Hollywood thriller, allegations of email hacking and industrial espionage have surfaced in the camera industry in a lawsuit filed by digital camera maker Red against rival Arri.

In the suit filed Dec. 21 in federal court in Orange County, Calif., Red accuses Arri of stealing technical details and development plans for Red cameras, giving Arri an unfair advantage.

Much of Red’s complaint rests on facts revealed in an August plea deal between federal prosecutors and former Arri executive Michael Bravin, who is also a defendant in the suit. Bravin pleaded guilty to a misdemeanor charge of email hacking, admitting as part of the deal that he accessed the email account of Band Pro chief executive Amnon Band.

Bravin, who according to his LinkedIn profile worked for Band Pro for more than 16 years, resigned as Band Pro’s chief technology officer to become Arri’s VP of market development for digital camera products in January 2010.

From around December 2009 through June 2010, Bravin had access to Amnon Band’s email account, as Bravin has admitted. Under his plea deal, he was to serve two months in jail and pay $20,000 in restitution to Band Pro as well as legal costs. Bravin now lists himself on LinkedIn as principal at the Digital Picture Co.

In its complaint, Red asserts that during the time Bravin was hacking Band’s email account, Band Pro and Red were discussing a possible joint venture. Red says Band’s emails contained detailed descriptions of the technology used in Red’s cameras and Red’s plans for introducing new models and features.

Red alleges that Bravin passed that information to Arri, giving Arri an unfair competitive advantage, especially with respect to the launch and marketing of the Arri Alexa camera. The Alexa was released in 2010 and is seen as a direct competitor to Red’s Epic.

More…

Filed under: bug sweep, bugged, corporate espionage, cyber tscm, eavesdropping detection, hackers, industrial espionage, spy watch, spying, trade secret, TSCM

Wiretap suits OKd against U.S., not telecoms

comsecllc — Fri, 30 Dec 2011 18:57:00 +0000

sfgate.com

The nation’s telecommunications companies can’t be sued for cooperating with the Bush administration’s secret surveillance program, but their customers can sue the government for allegedly intercepting their phone calls and e-mails without a warrant, a federal appeals court ruled Thursday.
In a pair of decisions, the Ninth U.S. Circuit Court of Appeals in San Francisco upheld a 2008 law immunizing AT&T and other companies for their roles in wiretapping calls to alleged foreign terrorists, but revived a suit that accused the government of illegally intercepting millions of messages from U.S. residents.
That lawsuit was partly based on testimony in 2003 by former AT&T technician Mark Klein about equipment in the company’s office on Folsom Street in San Francisco that allowed Internet traffic to be routed to the government.

‘Dragnet’ surveillance

The Electronic Frontier Foundation, a privacy-rights organization representing AT&T customers, claimed the company had similar installations in other cities and used them for “dragnet” surveillance of everyday e-mails and phone calls, which the National Security Agency purportedly screened electronically for connections to terrorism.
“We look forward to proving the program is an unconstitutional and illegal violation of the rights of millions of ordinary Americans,” said Cindy Cohn, the foundation’s legal director.
Justice Department spokesman Dean Boyd declined comment.

More…

Filed under: bug sweep, bugged, bugging, electronic eavesdropping, electronic surveillance, nsa, secret, spy watch, spying, TSCM, wiretap, wiretapping