Menu
Navigation

Global articles on espionage, spying, bugs, and other interesting topics.

Keep abreast of the espionage threats facing your organisation.

McAfee: Corporate Espionage Is the Currency of Cybercrime

Corporate espionage is a business almost as old as corporations, but thanks to the Internet revolution it has a new business model: cybercrime. A new report from McAfee illustrates how intellectual property and trade secrets are becoming the primary target for hackers, and providing the currency that fuels the cyber underground.

The recent attack against RSA–resulting in the compromise of sensitive data related to the SecurID two-factor authentication that many corporations rely on to guard against unauthorized access and protect data–is an example of how even the very companies that we trust to help guard against corporate espionage are not invulnerable themselves. Hacked SecurID tokens could be used as a stepping stone to more serious corporate espionage.

“Cybercriminals have shifted their focus from physical assets to data driven properties, such as trade secrets or product planning documents,” said Simon Hunt, vice president and chief technology officer, endpoint security at McAfee. “We’ve seen significant attacks targeting this type of information. Sophisticated attacks such as s Operation Aurora, and even unsophisticated attacks like Night Dragon, have infiltrated some of the of the largest, and seemingly most protected corporations in the world. Criminals are targeting corporate intellectual capital and they are often succeeding.”

Personal information–names, addresses, birth dates–are still hot commodities for identity theft, and financial details–credit card numbers, bank account passwords–are big business as well. Don’t hold your breath waiting for botnets and other malware to stop trying to steal those types of data. But, hacking into corporate networks and stealing intellectual capital is generally safer and more lucrative.

For one thing, financial and healthcare organizations which are frequently the target of such data breaches, are also the most vigilant at detecting them. Combine that with the fact that most states have data breach notification laws requiring companies to disclose when data involving personal details or account information of individuals is involved, and it becomes increasingly difficult to fly under the radar and avoid having law enforcement agencies involved.

But, if a hacker instead steals the marketing plans and financial projections from one company, and sells it on the cyber underground to that company’s biggest competitor, there is less risk of alarm bells going off. Organizations don’t like to announce publicly that they have been hacked–so if there are no data breach notification laws compelling them to do so, odds are fair that the theft will be kept on the down low even if it is discovered.

Evolving trends such as the migration to the cloud, and the exodus from the internal network to mobile gadgets make the task of protecting corporate intellectual property that much more difficult. Think of a bank. When all of the money is stored in a steel vault inside the building, it is relatively easy to contain and protect it. Now, give that same money to hundreds of people to carry with them as they wander about, and make it accessible digitally from the Internet as well, and you can see that it is a much more complex issue to secure it.

IT admins need to take proactive steps to assess risk and implement appropriate security controls and defenses, and be vigilant about monitoring for suspicious and malicious behavior. You may not have the secret recipe for Coca Cola on your company file server (you don’t, do you?), but the data you do have is of value to your competitors, and could prove lucrative on the cyber underground.

 


French probe espionage at defence firm unit

PARIS (Reuters) – France’s intelligence services have unearthed a case of suspected industrial espionage at an engine subsidiary of French aerospace and defense firm Safran, Le Monde newspaper said in its weekend edition.

A Safran spokeswoman declined to comment on Sunday when contacted by Reuters about the report, which spoke of a Chinese link.

The newspaper said investigators had placed about 10 people in custody as they dig for information about a 2010 attack on the computer networks of Safran subsidiary Turbomeca, which makes helicopter engines.

It said hackers broke into the computer networks and gained access to sensitive information about propeller systems at Turbomeca, as well as Safran documents containing information about billing and the cost of various company projects.

The computer break-ins took place during the first eight months of 2010 and may have involved help from company insiders, Le Monde reported it was told by an unnamed judicial source.

French magistrates in Nanterre have been following up on the preliminary information unearthed by the domestic intelligence services (DCRI), the newspaper said.

While the Safran spokeswoman contacted by Reuters declined to comment, Le Monde said it had contacted the firm and been told: “All we know of is a minor case in 2009 that concerned Turbomeca.”

Turbomeca says on its website it is the leading helicopter engine supplier in China, with one in two helicopters there equipped with a Turbomeca engine or licensed product.

It also says it co-operates with Chinese firms Harbin Aircraft Industries Group, Changhe Aircraft Industry Group and the helicopter-making divisions of China’s Aviation Industry Corp, the state-owned aircraft maker.

Safran is roughly 30-percent owned by the French state, which is still smarting after another case of supposed espionage at carmaker Renault that turned out to be a case of fraud.

Suspicions of industrial espionage at Renault — which also involved a suspected Chinese link in the early days — were deflated last month when the case turned out to be one of fraud and Renault executives apologized to three executives it had fired.

(Reporting by Brian Love and Cyril Altmeyer; Editing by Sophie Hares)

 


UI investigates Use of Baby Monitor to Eavesdrop on Employees

IOWA CITY, Iowa (AP) — The University of Iowa has launched an investigation after employees at a medical clinic complained their supervisors hid a baby monitor to eavesdrop on them.

John Stellmach, president of a union that represents university employees, said Department of Urology workers discovered the monitor hidden on a shelf near a reception area on Monday. He says it would have picked up chatter by five secretaries and clerical workers.

Stellmach says managers explained the monitor was being used to determine whether secretaries were chatting too much and it was removed after they complained. He says employees feel their privacy was violated by the monitoring, which may have also picked up confidential medical information.

UI Vice President for Strategic Communication Tysen Kendig said Tuesday that human resources officials are leading the investigation.


Anti-corruption unit to probe allegations of espionage at Montreal city hall

Quebec is sending its new anti-corruption squad to unearth dirt at Montreal city hall, an investigation that has set off a ping-pong round of finger-pointing between the Charest government and Montreal’s mayor.

The Public Security Minister announced Wednesday that Quebec’s anti-corruption unit will set its sights on Montreal in the wake of startling disclosures of spying and illegal computer hacking against an elected official.

Claude Dauphin, a borough mayor and former Liberal MNA, surreptitiously had his e-mails opened by a high-ranking city functionary, without police authorization. The revelation came on the tail of a string of other allegations of corruption and ethical breaches under Mayor Gérald Tremblay’s tenure.

“There is profound concern about what’s going on,” Public Security Minister Robert Dutil said in Quebec City. “The allegations of recent days are not acceptable. We cannot tolerate the weakening of an institution like the city of Montreal.”

The succession of scandals has eroded the mayor’s standing and led to a poisonous atmosphere at city hall. But hours after Quebec’s announcement, a defiant Mr. Tremblay pushed back, saying the tumult was the result of his campaign to clean house.

“I said that I would clean up, and when you clean up, it bothers people,” the mayor told a City Hall press conference. “I’m not worried. Our books are open.”

The mayor, irritated that Mr. Dutil didn’t phone him before announcing the provincial probe, shot back with some house-cleaning advice of his own. He said what’s really needed in Quebec is a provincial inquiry into corruption in the construction industry – an oft-repeated call in Quebec that Premier Jean Charest has refused to heed.

“That’s where the real problem is,” the mayor said. “Not just in Montreal, but in Quebec.”

The tit-for-tat jabs did little to dissipate the less-than-stellar image of the body politic. It’s all the more surprising because Mr. Tremblay is a former provincial Liberal cabinet minister.

The investigation into Montreal’s affairs marks the maiden assignment for the Liberal government’s anti-corruption squad, which was created in February and became a Canadian first. Headed by long-time civil servant Robert Lafrenière, it already includes about 100 of the eventual 189 people on the team, and will make its report public.


France investigates cyber espionage at defence helicopter firm

FRENCH AUTHORITIES are investigating a suspected case of cyber hacking and espionage at a helicopter engine company.

Turbomeca, a subsidiary of the defence firm Safran, had its computer networks hacked and data about propeller systems stolen, according to a report in Le Monde.

Reportedly about 10 people are being held in custody and the attack took place during the first eight months of 2010. There is some suspicion that the attack had help from company insiders.

The report linked the Chinese because Turbomeca is the country’s leading helicopter engine supplier working with both private and state companies. Safran is also owned 30 per cent by the French state, which means there could have been a political motivation for the attacks.

Also, last year hackers targeted the French Finance ministry, looking for files related to the G20 summit in Cannes. The Chinese state was also suspected to have been involved in that attack, but there was no firm evidence to support that conclusion.

It seems too easy to point the finger at China, because organised crime also has the resources and motivation to pull off these types of attacks. It’s just that China has previously been suspected of state sponsored hacking and espionage, with Google having directly accused the Chinese government of interfering with its technology.