South Korea – Concerns have re-emerged over the illegal transfer of high technology abroad, which has been worsening in recent years, in the wake of the latest leak case in which industrial spies handed over key automobile building technology of Hyundai Motor to Chinese firms.
Prosecutors Friday arrested two Hyundai Motor employees, who stole core technology for the automatic transmission of a sports utility vehicle (SUV) that the carmaker has developed with an investment of 300 billion won ($323 million) for two years, to a Chinese carmaker….
Samsung Electronics, for example, has already adopted an advanced security system in its Digital Media Research Center, where each researcher’s location can be traced through satellite-recognized identification cards, in addition to anti-eavesdropping devices.
Rapid7 announced that an attacker with a directional antenna and a laptop can eavesdrop on wireless keyboards manufactured by Microsoft, Logitech, and other vendors, capturing every keystroke from a distance of over 30 feet away. This leaves corporate networks open to illicit intrusion and data theft that will probably look like a data breach originating from within the company.
For a look at the hacker will get, go to this interesting presentation.
Would this be Reckless Personal Information Handling if this vulnerability was exploited at your company?
Blogger and analyst for the Federation of American Scientists (FAS), Hans M. Kristensen, recently discovered a photo of a second and possibly a third Jin-class nuclear-powered submarine at Bohai Shipyard in northeast China. He discovered the image using Google Earth, an online mapping service provided by Internet search engine giant Google, and posted his discovery on his blog on October 4.
The use of Google Earth for this creates some interesting challenges for both governments and private industry. In the private sector, security officials now must consider the loss of proprietary and competitive data through satellite imagery. An example of this might be the construction of new production facilities. In the past, overflights of such facilities have given rise to law suits. Now that the data already exists and is searchable, how does one protect against a loss of critical information in this manner?
I predict the creative use of camouflage will become normal practice over the next couple of decades.
Google accounts present a serious risk to employees who use them in the workplace. Google accounts allow you access to Gmail and another interestng feature, your search history. Unfortunately, your Google account does not time-out.
Now imagine you’re at work. You sign-on to your Google account and check your mail and use Google Reader to check some RSS feeds. You are then called away from your desk. You don’t sign-off, afterall, its only Google. Well your collegue drops by and decides to do a search and check his mail. He searches for a prostitute for tomorrow evening and checks his Gmail and finds yours.
Your collegue has now added some interesting entries to your search history and read your mail. My Yahoo presents a similar risk.
This leads me to think of some interesting oportunities that this offers if I set-up virgin Google and My Yahoo accounts and place them on an unattended PC.
A whistle blower is a person who discovers illegal activity going on in government and exposes that illegal activity.
Jeffrey Monaghan, who was arrested for leaking documents that prematurely revealed details of the government’s climate- change plan, was not a whistleblower. If he released the documents, then he violated the terms of his employment and committed a criminal offence.
Monaghan might like us to believe he is a crusader for the public good, but that is no more creditable than his claim to be an anarchist while working for the government and a member of a “collective” that runs a book store. Don’t let this nomenclature-challenged individual, and his media groupies, confuse you. He’s not a whistleblower and he is not an anarchist. Shame on the so-called journalists for using this incorrect nomenclature.
In the R v Waters [2007], the UK Court of Appeal upheld the sentence of four months imprisonment for a man who had conspired to install spyware software on his wife’s computer. The Court of Appeal ruling stated:
Computers are an established part of modern life. An increasing amount of personal and private information is kept on computers, not only by the State and large organisations but also by individuals. The privacy of that information must be protected and it is vulnerable to the kind of unauthorised interference and intrusion that occurred in this case. The judge correctly identified deterrence as an element of sentencing in this case. In our judgment, a sentence of imprisonment for offences such as this was not wrong in principle.
A friend who works for a very security conscious government organization surprised me when he asked why I had a plastic cup on my desk containing half a dozen dice cubes. Everybody knows why you keep dice at your desk, don’t they?
Passwords were the cornerstone of data security. It doesn’t matter if you are signing onto the company LAN, starting your laptop, or receiving email, passwords were required to keep out the thieves and brigands. Well today passwords are obsolete! Today you need a passphrase! Continue reading ‘Information Security is a Roll of the Dice Away’
The BBC offers several short examples of Industrial Espionage.
Even Marks & Spencer is not immune. Again the BBC describes how mobile telephones represent a significant risk and superb opportunity to spy on top executives.
The use of national intelligence assets to support business and economic goals is common in many countries. However, when it is debated by the CIA we should pay attention. A Time article from 1993, Next for the Cia: Business Spying? illustrates the issues surrounding this topic.