Menu
Navigation

Global articles on espionage, spying, bugs, and other interesting topics.

Keep abreast of the espionage threats facing your organisation.

Ikea: Four executives sacked over store spying

IKEA has sacked four executives, including a country manager and head of security, after an internal probe into spying on workers at its French operations.

In March, police searched the French HQ of the Swedish furniture group at Plaisir, in the west of Paris, after employees complained about spying. Ikea launched an inquiry with the help of independent advisors.

“There have unfortunately within the Ikea group existed work practices contrary to the company’s values and ethical standards,” it said in a statement.

“As a result of this, a former country manager, a former human resources manager, a former chief financial officer and the current head of security will leave their positions and the Ijea group.”

Satirical weekly Le Canard Enchaine published in February e-mails allegedly exchanged between Ikea bosses in France and a private security company.

The paper said they showed Ikea had sought information from police files on numerous people including a union leader and a client in dispute with it.


Rutgers student gets 30 days for spying on gay roommate with Webcam

Tyler Clementi apparently committed suicide after his college roommate, Dharun Ravi, spied on him with another man and tweeted about it.

(Credit: Tyler Clementi)

A Rutgers University student was sentenced to 30 days in jail today for spying on his gay roommate’s romantic encounter, an act that may have been related to the roommate’s subsequent suicide.

Dharun Ravi, 20, set up the Webcam several times, urged others to watch and tweeted about watching his roommate, Tyler Clementi, “making out with a dude.” The 18-year-old Clementi jumped to his death from a bridge a few days after learning about the spying.

Ravi, who faced up to 10 years in prison, was charged with 15 counts, including invasion of privacy, bias intimidation, hindering apprehension and tampering with a witness and evidence. He was also sentenced to three years’ probation, 300 hours of community service and ordered to pay a $10,000 probation fee and to get counseling about cyberbully sensitivity.

Although the judge had told the jury that the suicide was not relevant to the case, he noted Ravi’s lack of remorse for his actions.

“You lied to your roommate who placed his trust in you without any conditions, and you violated it,” said Judge Glenn Berman of New Jersey State Superior Court, according to the New York Times. “I haven’t heard you apologize once.”

The prosecutor had made the same argument, noting that the day after Clementi’s suicide, Ravi texted a friend about wanting to return to Rutgers: “How can I convince my mom to let me go back Friday night and get drunk.”


‘Mobile Spy’ app may be open to, yep, spying

The irony is too significant to ignore: A smartphone app that enables customers to spy on others’ phones may itself be vulnerable to attackers looking to spy on them.

The surveillance app, called “Mobile Spy,” is designed to let its customers monitor the information, including text messages, GPS location and call logs, of other phones installed with the app. That private info is then uploaded to the app user’s account and can be viewed in any Web browser, either on a computer or phone.

Unfortunately for those doing the watching, Mobile Spy contains several security vulnerabilities that allow an attacker to inject malicious code into the target’s phone, via SMS message, and hijack their spy session, according to researchers at Vulnerability Lab, who disclosed the flaws.

Because the developers of Mobile Spy say it is available for iPhone, Android, BlackBerry and Windows Phone, the presence of a security glitch makes it a top target for exploitation.

To make things even more confusing, there are at least five separate Android apps in the Google Play store called “Mobile Spy,” and none of them seem to be the one about which Vulnerability Lab issued its warning. Nor is there any app in the iTunes App Store by that name.

The Mobile Spy website states that iPhones must be jailbroken in order to install Mobile Spy, and hints that Android versions will need to be “side-loaded” from a PC. Usage licenses run from $50 for three months to $100 for a full year.

Anyone who jailbreaks an iPhone or sideloads Android apps is running a big security risk. And from the looks of the “Mobile Spy” apps that are in the official Google Play store, you probably shouldn’t install them either.


French company denies IKEA spying link

A French security company, linked to allegations that Swedish furniture giant IKEA illegally spied on staff and customers, has denied involvement, blaming a renegade former employee.

Prosecutors have opened an investigation following a complaint from a trade union and a newspaper report which published what it said were email exchanges between the head of the company’s risk management department and Surete International about getting access to the police force files.

IKEA says it’ll examine claims the firm paid for illegal access to secret French police files in order to gain information about its employees, clients and even people who came near its property.

The former management of Surete International, which was wound up in 2011, has denied responsibility for everything attributed to it.


Probe links corporate spying to Chinese government

A chance discovery during an FBI investigation uncovered what authorities say is proof of a phenomenon long suspected by corporate espionage experts: Companies owned by the Chinese government have a growing appetite for the trade secrets of American corporations, and they’re soliciting foreign nationals in the U.S. to steal them.

In this case, a couple allegedly spent more than 10 years tracking down the formula for a white pigment produced by chemical company DuPont. The Wall Street Journal reported that Walter and Christina Liew planned to turn over their findings to Pangang Group, a company owned by the Chinese government.

“Chinese actors are the world’s most active and persistent perpetrators of economic espionage,” the Office of the National Counterintelligence Executive wrote in a congressional report last October. “Of the seven cases that were adjudicated under the Economic Espionage Act … in Fiscal Year 2010, six involved a link to China.”

DuPont’s method for manufacturing titanium dioxide is closely guarded by the company. Correspondence uncovered in a safe-deposit box linked the operation back to Pangang and high-level Communist Party officials in China, according to the Journal. The paper said DuPont alerted the FBI after receiving an anonymous letter about Liew’s activities and finding DuPont information on the computer of a colleague, who has not been charged.

The Liews were arrested in July and have been charged with trying to steal trade secrets and sell them to China. They have denied the charges.

Last week, the Department of Justice announced that another participant in the operation, Tze Chao, pleaded guilty to conspiracy to commit economic espionage. Chao, a former DuPont employee, “admitted that he provided trade secrets concerning DuPont’s proprietary titanium dioxide (TiO2) manufacturing process to companies he knew were controlled by the government of the People’s Republic of China,” the DOJ said in a statement.

M.E. “Mich” Kabay, chief technical officer of Adaptive Cyber Security Instruments Inc., and professor of information assurance and statistics at Norwich University, called state-sponsored corporate espionage “standard operating procedure” for China, although this case unearthed the first paper trail showing a request for trade secrets that began with the state, rather than a corporation, according to the Journal.

Chinese government officials have denied knowledge or endorsement of these kinds of activities. But Kabay said it’s hard to believe that an autocratic, controlling government with significant involvement in the nation’s industrial sector would be unaware of efforts to steal American trade secrets.

Unlike the relatively low-tech methods used by the spies in the DuPont case, Kabay said many attempts to steal trade secrets from American businesses are undertaken by computer hackers. He cited this as another example of Chinese state complicity or involvement in the theft of intellectual property, given its notoriously tight grip on its citizens’ use of the Internet. “Their tolerance of criminal hacker groups is inexplicable without the assumption that the government is encouraging criminal hacking,” he said.

“Cyberspace is a unique complement to the espionage environment,” the congressional counterintelligence report said, adding that “an onslaught” of recent attempts to penetrate the online security systems of American companies were traced to Chinese Internet  addresses.

Author and former sr. partner at Goldman Sachs Peter Kiernan discusses America’s complicated relationship with China and why the two countries need each other.