Technology and Techniques Used in Industrial Espionage
Industrial Espionage. These methodologies are being used on a daily basis by competitors maybe even against you. I knew a Private Investigator who used to break into other firm's voicemail boxes. He was suspected of erasing messages and stealing potential clients. I know you may bethinking that is not right. Maybe so but if a Private Investigator cannot protect him/herself than what use are they to a client.
This happens all the time. If you think it is bad here in the United States try overseas. It is pretty muchconsidered fair game and rarely enforced. Even the Concord was remembered for being heavily bugged.
What you may find surprising is just how easy it is to do. You could even use off the shelf items, although fully assembled models are readily available and cheap.
The best way to learn is to do. A little bit of paranoia and a lot of imagination goes a long way. Just look around your house and see what can be used. Baby monitors can be remotely activated and used to listen in on you. Your cell phone can be hacked through its Bluetooth Feature, so not only can all the data be copied, but also settings could be changed. Your phone could be called and answered without you knowing; thereby listening to your conversation. Yourphone can also be used to make a call to someone else without you touching a button ideal for incrimination purposes. There was a technique originally developed to remotely view what you watch on your television,now adapted for computer screens. You can find the plans to build this on the Internet from many sites. This is used in Europe, particularly the Balkans all the time against ATMs. There is still the good oldfashion radio scanner to listen to cordless phone calls. Then you can say, "Well I use a digital, spread spectrum model using 2.4 or 5.8 frequencies."
True that is good protection, but given time the packets of data (digital remember) can be reassembled and decoded. Thankfully that takes time, but you can buy a digital scanner to listen to real time conversations. You can also buy software overseas to work with scanners and laptops for listening to cell phone calls. An interesting side note: Some of these same companies that provide suchequipment constantly steal from each other.
Outside your house or in the basement of your apartment building are boxes where your land line phone service comes through. You just need a telephone/linesman butt set or build one from a phone to listen in.
So you say, "What does this have to do with industrial security?" Well usually certain people are targeted when looking for a means into an organization. Plus, they can make a convenient scapegoat and distraction to investigators.
Believe it or not it is often I.T. and security personnel who are targeted. Although they may be more aware of security they also have higher privileges than most. Many times they use a popular and recognized remote access program when telecommuting. If you can capture their username and password that may be all that you need. Sometimes there may be more advanced authentication procedures.
For instance, the server you will log into or firewall you wish to bypass may require extra authentication. Sometimes it may request a MAC address. This is theunique serial number burned into network cards. This can be copied and you can change yours to that one with a software application. If you have the IP Address, then you can switch your IP Address as well.
When you access the victim's computer and place a remote access program of your own, don't use one with obvious hacker names like Back Orifice. Using one that they already have, such as PC Anywhere or Remote Desktop would be ideal. Don't worry about tackling a wireless computer network. Even with security enabled that could just be a speed bump to the dedicated. If probing a victim's computer then I recommend making it appear as spam. If they have a firewall, you can probe it and see what version they are using. Afterwards look around for data on cracking that firewall. Any firewall can be cracked and guess what? You can always break into their home and place whatever it is that needs to be placed.
Alarm systems can be defeated rather easily if you know how. Many times these burglar alarm systems were installed by poorly trained or overworked employees who take short cuts to get the job done. Sometimes you will actually see the keypads mounted outside the door to a home or easily viewable through a window. What happens if they cut the phone line or cover the siren box? Locks can also be bypassed by means other than just lock picking. You could install a high security lock, but if all the hardware around it is weak than what good is it?
Dogs can be tricky and are usually the toughest obstacle to overcome. Believe it or not, little dogs that are the worst. Big attack dogs can be overcome and sedated or contained; even the well trained ones. But little dogs that run around and make a racket are a menace. Once a dog starts barking, the rest neighborhood's dogs will join in. Even using a high frequency sound device to annoy the dog on a property you wish to enter can alert other dogs.
If you do break in, check the bedroom and den first. Bedrooms are where the most important items usually are. You are not there to steal but to place bugs, software etc. and to copy anything of interest, such as a security card, hard drive or key. Bring a digital camera and photograph the scene before moving anything. If there is too much dust then leave it alone. Dust leaves a telltale sign, which is very noticeable when moved. Most locks used to secure desks are easy to pick so that's not a big deal.
Bring a hard drive cloning devices and a Linux Boot Disk to copy entire hard drives. This way even if they are password protected and encrypted you can crack them later at your leisure. You can carry MP3 players andiPods to act as a second portable hard drive. That can be particularly handy when in a public environment. Someone thinks you are fiddling with a MP3 player but you are actually downloading somebody'shard drive. Carry all the cables you may need since some machines may not have a particular port like firewire. If they do have a faster transfer rate type port, then by all means use it. You can do something else while it is busy copying data. Remember to look under the keyboard for passwords and pay attention to Post-its. Those little pieces of paper are gold mines. Also, and maybe more importantly, copy data from cell phones and PDAs, if they are available. This can be done with cables to your own PDA or laptop. There are portable dedicated units for this purpose as well. The safe if they have one are usually in the bedroom. Use a metal detector to find it. Place the metal detector wand on its lowest setting, so only a significant metal object will trigger it. Sometimes a safe can contain something you can use as blackmail.
There are devices which mount to a safe's dial which automatically attempt countless combinations; some are stand-alone, while others are connected via laptop. You can also try the basic combinations for that make and model. Some safe technicians use the default combination or may try to use some thing you can remember like a child's birthday. If all else fails try 36-24-36, it'svery popular with certain bachelors. Placing bugs around the house is usually useless. Most people have a tendency to put the television set or stereo on when they are home. The only exception may be over the head of the bed and wait for pillow talk. You may as well concentrate on telephones lines. They may use a cell phone in the house but once again you may not be able to hear the conversation. Even when using a laser mike which focuses a beam against a window and picks up vibrations in a room may not work, especially if they have plush carpeting or heavy drapes.
You can record a conversation on video you can always lip-read if audio is not available. If you have the time and they have a garage, see if it opens automatically. Go over to the garage door and make a copy of the remote for yourself. This works even with the rolling code models. This is just a general outline of what you can do. Make sure to check the soles of your shoes before and after a break in. I suggest wearing a popular brand in case the police make a cast of your footprints. You can also place a pair of hospital booties over your shoes to cover your tracks.
It is not a bad idea to wear a jogging suit as opposed to being dressed as a ninja. If you have to run, you would not seem too suspicious. It is wise to take as few chances as possible.
If you have more time, the best way to infiltrate an organization is to join it. If not directly then as one of it's support people such as food services or building maintenance. Cleaning crews usually work after hours under little scrutiny. These companies have such a high turnover that they are always hiring and do no background checks. If you do show up for an interview or to do some sort of sales pitch come mentally prepared. Hang around the places where the target organization's employees are and pretend to be a headhunter. Hand someone your demo CD. Of course that CD should have more on it than they expect. Anti-virus protection can be completely by-passed using this method. I will even guess that you have done this countless times without a second thought.
If the job interview is for a technology-based position, they will tip their hand by asking you what do you know about such and such. A good skill to pickup will be the ability to read documents facing away from you on a desk. While you are at it develop an excellent memory for detail, especially numbers.
Taking a few acting classes could help here, too. What I like about situations like this is that these are the ideal times to place bugs. If you think it may bediscovered, then just dispose of something in their wastebasket. Blow your nose while placing a micro-transmitter in it. I doubt any one will inspect the contents of a used tissue. They will end up getting rid of it for you. There is a chance thatsaid item could be discovered by personnel who do paper shredding services. Most companies do not use this service. This could also be a good idea to do some dumpster diving later and see what they throwout. You can carry a micro digital camera and record everything you see. Just pretend to be listening to an iPod or something. Whatever you do, pretend that you belong. If someone tries to stop you, start grooving to some imaginary tunes and head for the elevator. Always have an excuse ready. You can also use something known as video ham radio. This transmits video images via radio signals; more commonly used by rescue crews. This is different from the more conventional covert video systems used out there.
Video systems tend to use a lot of battery power so bring spares. Ideally it would be nice to place cameras in the copy machine but usually a copy machine technician best accomplishes this. Some operators havegone as far as replace whole machines. The FAX machine is the best fortapping. No one seems to ever suspect that is tapped but will scrutinize everything else. You may think that that is an oversized DSL filter on it but maybe it is not. If there is a damaged door with a lock still attached try to remove it. A goodlocksmith can build master keys by analyzing the pin tumblers. With some practice you can do this as well. Cut a key for both before and after removing spacers from pins if they have them. This is what is called amaster keying system. What you would want to make is the grandmaster key. This will allow you total access.
If you do start opening doors, be aware that there may be door contacts. These are magnetic switches used in burglar alarm and access control systems. You can use basic electronic tools to locate the magnet and use your own magnet to fool the door.
There are different devices out there which can record and analyze security/prox/access control cards Weigand output. The Weigand output is when a card reader emits a radio wave, which energizes the card. The card then sendsout a unique identifier. This is what you want to catch. With another device you can replicate this identifier, mostly using a PDA. Laptops are better but conspicuous compared to a PDA. Smart cards and the magnetic strips from more conventional credit card types can be duplicated on the spot. Just be aware that with most modern access control software the face will show up on the computer screen that accompanies the card being used so enter with a group. If thereis a numeric keypad you can use ultraviolet light to check for smudges and you can guess from there. If you have access to a thermal imagery device, you cansee the heat signatures. These are so cheap now that they are popping up in the most unlikely places. Hunters are using them for the slight advantage itgives them. Usually the stronger trace is the most recent. That will be the last one pressed. From there you can guess accordingly. Many systems have athree strikes and you are out policy, so proceed with caution. Otherwise, if you are in a mantrap the doors will stay locked and you are trapped and security will be alerted.
Biometrics is growing in popularity but as you probably guessed by now, can be defeated. It is rare for somebody to wipe their prints off. A lot of these devices are fingerprint based so get copies of fingerprints. One way is to get them from the biometric reader itself. Some crime scene photographers have special software or film that accentuates photos of fingerprints. Some scanners that check for retinas and such can occasionally be tricked by trying out a bunch of well-made fake eyeballs and a flashlight. You can remotely access the security and camera system either by the Internet or through a phone line (pre-paid cell phone included). You can give yourself privileges on a blank access card and erase video files of your activities.
Sometimes the video files may be also network storage based. Once again you should access anything with any trace of your existence. You can also defeat the cameras individually. Strong light devices can blur an image or anything that emits strong electrical signals can cause static or snow. If the camera is too far you can use a HERF (hi-energy radio frequency) gun. This can send a focused burst which can either be disruptive or destructive. Think of using your cell phone next to a clock radio for an analogy. These are not as hard to acquire as you might think.
If you are this close you should monitor the security guards' radio frequency. You can use a radio that can communicate with theirs try not to talk to them for any reason. Many sites are now recording radio transmissions for insurance reasons.
Voice print recognition has come a long way. Be aware of their call signs and any related lingo. If you have a crazy notion of knocking out a guard just be aware that their radios have a tilt feature so if a guard goes down there is an alert. If you are thinking about doing a late night sneak and peek consider the perimeter defenses. The use of fiber optics in fencing is common and almost invisible to the intruder. Break a branch onto it so that part of the fencing system is deactivated or simply overlooked.
In and around can also be seismic intrusion detection, which basically is sensitive to footsteps. This can be tricked with a device called a thumper. It is basically a box that stamps its foot at whatever pace. Certain cameras may be programmed to react to the disturbance. If you are looking for infrared sources use a passive night vision scope/goggle. You are looking for IR emissions; you are trying not to create your own which an active model could do. There are little badges you can wear that can alert you if you are under IR observation. Do not wear divers watches since the tritium will light you up like a ghost to any nocturnal observer with night vision goggles. If the facility is using thermal imagery, than you will need to really do your homework; chances are they are serious about protecting whatever it is they are tasked with. One way to defeat that is by wearing different types of neoprene suits. Everything must be covered not a very comfortable way to spend an evening. Otherwise you will have to wait for a storm to hit before you make a move.
Now you may not approve of the disclosure of such information. The truth is such knowledge is freely available to anyone. Just buy a video game to get the latest inventions and their use. Remember this: the most successful operations are the kind that go undetected. Maybe a little bit of paranoia isa good thing.
The author of this article is a freelance security consultant contracted by competitive intelligence firms, such as BHE Security, and private investigators.
There seems to be a decided lack of knowledge on the techniques and technology of Industrial Espionage.
Apartment security guard accused of firing shots at man’s car WREG NewsChannel 3
IDF to close off road in Israel's South, activate security systems The Jerusalem Post
D.C. police cite 'lax security' in closing lounge after shooting The Washington Post
Beijing should be cautious about going too far on public security, academic says - South China Morning Post
Beijing should be cautious about going too far on public security, academic says South China Morning Post
Ransomed.vc group claims hack on 'all of Sony systems' Cyber Security Connect
Has Sony been hacked again? Help Net Security
A ransomware group claims to have breached 'all Sony systems' | VGC Video Games Chronicle
Six Steps Toward AI Security Nvidia
Teen Arrested After Shooting At Fairgrounds, Officials Work To Enhance Security For Next Year - news9.com KWTV
Teen Arrested After Shooting At Fairgrounds, Officials Work To Enhance Security For Next Year news9.com KWTV
Notice of Funding Availability: Food Security Mini-Grants Advisory Groups & Commissions
New U.S.-Poland Foreign Military Financing Direct Loan Agreement ... Department of State
Are We Really Helping? U.S. Security Assistance to Partner Nations ... - Government Accountability Office
Are We Really Helping? U.S. Security Assistance to Partner Nations ... Government Accountability Office
Border Security is National Security - Kansas Common Sense - U.S. ... Senator Jerry Moran
DNS security poses problems for enterprise IT Network World
Security forces rescue 14 students abducted in Nigeria’s Zamfara state Al Jazeera English
Salinas looks to private security to patrol popular park KSBW Monterey
Readout: U.S. - Mexico Meeting on Joint Actions to Further Enhance ... - Customs and Border Protection
Readout: U.S. - Mexico Meeting on Joint Actions to Further Enhance ... Customs and Border Protection
Security issues hit Pakistan’s ICC Cricket World Cup warm-up match in India Al Jazeera English
Pennsylvania woman caught with loaded gun at Pittsburgh ... - Transportation Security Administration
Pennsylvania woman caught with loaded gun at Pittsburgh ... Transportation Security Administration
Security Think Tank: Three ways to identify the best encryption use ... ComputerWeekly.com
Update on Naked Security Sophos
Biden-Harris Administration Announces Final National Security ... US Department of Commerce
Enhanced Security Automation: Lexington Police Urges Integration ... Robotics and Automation News
Director General Grossi: IAEA is Instrument for Peace, Security and ... - International Atomic Energy Agency
Director General Grossi: IAEA is Instrument for Peace, Security and ... International Atomic Energy Agency
China produces world record peanut test crop amid national food security push - South China Morning Post
China produces world record peanut test crop amid national food security push South China Morning Post
Biden Administration Announces Additional Security Assistance for ... Department of Defense
Ultimate Guide to IoT Security Testing Security Boulevard
The Intersection of network security and Wi-Fi The Register
Austin Lauds Mozambique's Leadership on Regional Security > U.S Department of Defense
The Security Risks of Forking The New Stack
Georgia election officials respond to lawmakers' security demands - The Atlanta Journal Constitution
Georgia election officials respond to lawmakers' security demands The Atlanta Journal Constitution
US, Kenya Sign Defense Agreement Ahead of Haiti Security Mission Voice of America - VOA News
Winston-Salem bar owner speaks out after security guard ‘brutally attacked,’ police say - WGHP FOX8 Greensboro
Winston-Salem bar owner speaks out after security guard ‘brutally attacked,’ police say WGHP FOX8 Greensboro
Abilene Pride Festival canceled due to security concerns, vendors come together with ‘Rainbow Market’ - KTAB - BigCountryHomepage.com
Abilene Pride Festival canceled due to security concerns, vendors come together with ‘Rainbow Market’ KTAB - BigCountryHomepage.com
Afghanistan: Briefing and Consultations : What's In Blue Security Council Report
IND airport security detected most-ever firearms in 2023 FOX 59 Indianapolis
Security exercise scheduled Wednesday and Thursday Peninsula Daily News
Fact Sheet: The Biden-Harris Administration Takes New Actions to ... Homeland Security
Security Beat: Tame Start to the Fall Semester — MARIST CIRCLE Marist College The Circle
Operation Lone Star Bolsters Border Security To Stem Historic Influx Office of the Texas Governor
Ukraine's Security Service directs HIMARS at meeting at Russians' HQ near Kherson, 8 officers killed – Ukrainska Pravda source - Yahoo News
Ukraine's Security Service directs HIMARS at meeting at Russians' HQ near Kherson, 8 officers killed – Ukrainska Pravda source Yahoo News
MLB Insider Provides Update on Buck Showalter's Job Security Sports Illustrated
Anthony Fauci says he still needs a security detail after Ron DeSantis threatened to ‘grab that little elf and chuck him across the Potomac’ - Yahoo Finance
Anthony Fauci says he still needs a security detail after Ron DeSantis threatened to ‘grab that little elf and chuck him across the Potomac’ Yahoo Finance
Statement by President Charles Michel at the UN Security Council ... - Présidence française du Conseil de l'Union européenne 2022
Statement by President Charles Michel at the UN Security Council ... Présidence française du Conseil de l'Union européenne 2022
Council still looking at security cameras | News | mountaineagle.com Daily Mountain Eagle
Three Countries Commit to Safe, Secure and Peaceful Use of ... International Atomic Energy Agency
SUNY Orange to increase number of security guards Mid Hudson News Website
How To Cover Your Tracks On The Internet
Every single time you access a website, you leave tracks. Tracks that others can access.
Identity Theft Article - A Phisher Is Trying To Steal Your Identity!
Sooner or later everyone with an email account will receive a phishing attempt from some internet scammer. What is phishing? How can you protect yourself? These are some of the questions this identity theft article will provide, along with some free resources and practical advice on how to protect your online identity.
SPYWARE - Whos Watching Who?
I am in the midst of Oscar Wilde's The Picture of Dorian Gray. "The basis of optimism is sheer terror.
7 Ways to Spot a PayPal Scam E-Mail
Paypal is a great site and is used by many to send and receive money. Unfortunately some dishonest people are using the Popularity of Paypal to line their own pockets with gold at the expense of unsuspecting Pay Pal members.
Internet Identity Theft - How You Can Shield Yourself
With the advent of the World Wide Web, a whole new breed of criminals have surfaced, posing threats to more than just our material assets, but also to our very identities. Although there are a number of effective methods for protecting yourself from internet identity theft, not everyone takes the necessary steps to initiate such a plan.
Spyware, This Time Its Personal!
First the basic definition of Spyware: It is a type of software which is installed onto your computer without your permission..
Can I Guess Your Password?
We all know that it's dangerous to use the same password for more than one program. If you sign up for a program run by someone of low moral fibre, what is to stop them running through various programs with your username and password to see what they can access? But of course remembering all the different passwords can be a headache.
Virus and Adware - Fix them Both!
We all get the odd virus now and then, but sometimes that one virus could cause so many problems. In this article I shall be going though just some of the problems that these virus software programs can do, and how to fix them.
Message Board Security Problems
Security leaks can be a big problem for any site using a message board. Hackers can actually use your message board to go in and change things on your site.
How to Manage Your Username and Password The Easy and Secure Way
Have been an Internet user for more than 9 years, I have 100's of logins and passwords to keep. I'm paranoid.
Spyware SolutionProbably Today's Biggest Computer Problem.You Suffer Without Knowing Your PC is Infected!"The effects can be devastating.
Click Here To Defeat Evil
Microsoft routinely releases new security updates, many of which are given it's highest severity rating "critical". Here's a typical announcement:"A security issue has been identified that could allow an attacker tocompromise a computer running Internet Explorer and gain control over it.
If You Steal It, They May Come!
Business on the internet is getting down right shameless. This week, my email box was literally filled with hype, overly inflated promises, phish mail, scams, ezines I did not order, and about 14 viagra gimmicks.
Top Five Spyware Fighting Tips
Spyware and adware are becoming major problems for onlinesurfers and PC owners. Some highly respected sources such as AOL, Earthlink and Webroot place the rate of infection at 80-90% of all computers.
NETWORK SECURITIES: IMPORTANCE OF SECURITIESComputers and securities must form a strong partnership to keep information safe and secure. It is important for people who spend time surfing the web to understand much of the information given out is easily accessible by individuals who desire to eavesdrop on the data.
Hacked: Who Else Is Using Your Computer?
A friend called me one day and asked if I would stop by to look at his computer. He said it was running abnormally slow and he had found something on his hard-drive he could not explain.
3 Simple Steps to Stay Safe from Spyware
There are several basic concepts to keep in mind when deciding to stay spyware free for good. This article will outline a spyware checklist for you to keep in mind when getting tough on spyware and taking back control of your computer using two popular free applications, Ad-Aware,and Spybot - S&D.
Internet Small Business and Fraud
Be careful of sites that promise to send you "instant pins". These companies usually have lax credit card security and can afford customer charge backs from fraudulent transactions.
Phishing - Its Signs and Your Options
Phishing is the act of some individual sending an email to a user in an attempt to scam the user to release personal information. Is it easy to determine if it's a scam? Sometimes - but not always.
Viruses and Worms, Protection from Disaster
Virus damage estimated at $55 billion in 2003. "SINGAPORE - Trend Micro Inc, the world's third-largest anti-virus software maker, said Friday that computer virus attacks cost global businesses an estimated $55 billion in damages in 2003, a sum that would rise this year.
|home | site map|