Spyware equipment sales worldwide range into over a billion dollars per year. Spy equipment is being illegally deployed globally in businesses and private residences. Much of this is going undetected due to a lack of awareness and action.
According to ASIS International, 95% of corporate espionage is not reported to the authorities by the victims for various reason such as they:
Often they just fire the security manager after ensuring he has signed a confidentiality contract.
Take a look at the clear and present danger around you:
Australian Crime Commission (ACC), July 2013
“According to PricewaterhouseCoopers’ Global Economic Crime Survey released in March 2012, 30 per cent of businesses surveyed in Australia reported a cyber crime incident—including malicious software attacks, tampering of hardware, leaking of confidential data, hacking and attacks on websites—over the past year. Of those, 16 per cent had lost more than $5 million and half had lost more than $100,000.”
McAfee / Intel Security, June 2014
Net Losses: Estimating the Global Cost of Cybercrime
Economic impact of cybercrime II (Executive Summary)
http://www.mcafee.com/us/resources/reports/rp-economic-impact-cybercrime2-summary.pdf
“Large-scale attacks have occurred against retailers, hotel chains, an airline, and financial service companies in Australia, with losses averaging over $100 million per company.”
The full report indicates that cybercrime is calculated as .08% of Australia’s GDP.
See Appendix C in the full report:
http://www.mcafee.com/us/resources/reports/rp-economic-impact-cybercrime2.pdf
Australian Government, Private Sector Face Increased Risk from Foreign Hackers: ASIO Report
ABC Online (Australia) (20/10/14)
Australia’s domestic spy agency has disclosed Australia is facing an increased danger from foreign governments trying to steal electronic information. The Australian Security Intelligence Organisation (ASIO) said in a report that it is possible for hackers backed by foreign governments to obtain considerable amounts of valuable information and that the espionage is difficult to find. ASIO warned that it is prevalent and also affects community groups, academic institutions, and businesses. The report also said the number of Australian passports denied on security grounds has more than doubled in the last financial year. ASIO said most of the passports that were refused were linked to conflict in Syria.
http://www.abc.net.au/news/2014-10-21/australia-faces-risk-from-foreign-hackers3a-asio/5828512
Terrorism Fears Prompt Boost to Spy Powers
Sydney Morning Herald (Australia) (05/08/14); Osborne, Paul; Curtis, Katina
Australian Prime Minister Tony Abbott is defending the federal government’s plan to increase counterterrorism efforts. Abbott says the increased security is necessary as more Australian passport holders travel to conflict zones in the Mideast and receive training from terrorist groups. The government is set to give spy and police agencies $630 million to implement new laws to address the problem of Australians who fight, train, or support terrorist groups. One proposed law would allow the government to require people to provide proof before traveling to certain areas that they are doing so for humanitarian or family reasons. Other proposed laws will make it easier to arrest terrorists by lowering the threshold for arrest without a warrant for terrorism offenses; make it easier to prosecute foreign fighters; and extend the Australian Security Intelligence Organization’s (ASIO) questioning and detention powers beyond July 2016, among other things. The government is also planning to require telecommunications firms to store data such as phone numbers, call times, dates and duration of calls, cell tower locations, and names of customers for two years.
Australia Opposition Seeks Cyberspying Regulation Pact
Wall Street Journal (31/05/13); Curran, Enda
Australia’s Liberal-National coalition, the favoured party in the upcoming September election, would like to see a global pact to regulate the use of cyber spying among tech-savvy nations like the United States and China. The coalition’s Malcolm Turnbull said it would be in the best interest of all parties to agree upon “some ground rules” to make sure significant damage is not done to businesses or infrastructure through cyber attacks. China is largely considered to be the main perpetrator of cyber espionage, but Turnbull said it is likely the country is also being spied on. “The days when all of the advanced technology was in the Western world and none of it in China are long over. Chinese firms are just as vulnerable as Western ones,” he explained. Ironically, Australia’s concern for cyber espionage and its diplomatic approach to the issue have made it the target of cyberattacks, some of which reportedly struck the nation’s central bank. “Attacks, both hacktivist and state-sponsored, have become more intense and varied,” said Commonwealth Bank of Australia Chief Information Officer Ian Harte.
http://www.wsj.com/articles/SB10001424127887324412604578516533136696770
Hackers Targeting Australia’s Electronic Secrets
ABC Online (Australia) (09/25/12); Cooper, Hayden
Cyber security experts and officials in Australia are pointing to a major increase in cyber attacks targeting Australians in recent years. Professor Alan Dupont of the University of South Wales says that government agencies alone are likely targeted as many as 400 to 600 times a month, while Carolyn Patteson, the executive director of Australia’s Computer Emergence Response Team (CERT), says that some 130 attacks are reported to her organization every week. The organizations being targeted in the attacks, which have a number of different illegal and disruptive goals, range from government agencies to small businesses. Financial service provider Sulieman Ravell describes a distributed denial-of-service attack on his company Web site last year as, “… like having a shop on a high street, and somebody coming and dumping several tons of dirt outside your shop. Nobody’s actually broken in, nobody’s actually stolen anything from you, they’ve just stopped you from operating.” Ravell says the attack was part of an effort by unknown hackers to extort money from him, and while the attacks were eventually tracked to a Russian-operated botnet, others say that some of the most worrying activity comes from China. Former U.S. Admiral Dennis Blair and retired intelligence analyst Paul Monk say that, despite strenuous denials from Chinese officials and businessmen, the evidence is clear that state-sponsored Chinese hackers are behind a great deal of the cyber espionage targeting intellectual property and commercial secrets in Australia.
http://www.abc.net.au/news/2012-09-25/hackers-target-australias-electronic-secrets/4280104
Cyber Crackdown Will Lift Costs, Huawei Tells ALP
The Australian (Australia) (28/08/12); Hepworth, Annabel
Chinese telecom tech giant Huawei Technologies recently issued a statement to an Australian Parliamentary committee, expressing concerns about proposed cyber security legislation and criticizing the Australian government for what Huawei perceives as discrimination against Chinese firms. Huawei was blocked from tendering bids for the development of Australia’s publicly-owned National Broadband Network in 2010 after the Australian Security Intelligence Organization and Defence Signals Directorate warned Parliament that Huawei had been implicated in corporate espionage for and with the assistance of the Chinese government. ASIO and the DSD warned that allowing Huawei to participate in the establishment of the NBN could result in Beijing having access to the network. Huawei has denied these allegations, and their latest submission to Parliament objects to new cyber security measures proposed by the Attorney-General’s Department. Huawei says that it is concerned, based on recent statements by members of parliament regarding Chinese espionage, that the measures could unfairly target, “vendors from a particular country of origin with little or no benefit for security outcomes.” The company then warns that,” discriminatory regulation risks resulting in higher end-user costs, less equipment availability, and reduced innovation.”
ASIO Chief Warns of Business Espionage
Sydney Morning Herald (Australia) (21/08/12); Yeates, Clancy
David Irvine, the director-general of the Australian Security Intelligence Organization, on Aug. 20 spoke to business men and women in Canberra and warned of the dangers posed to Australian businesses by cyber crime and industrial espionage. In particular Irvine spoke of the need for rigorous security assessments before uploading sensitive data to cloud storage and the need for increased mobile device security, especially when traveling abroad. “Telephones and laptops are all vulnerable to exploitation at the customs barrier and at the hotel; they should never be left alone,” said Irvine. Indeed many Australian and international companies have adopted a strategy of assigning their workers “clean” computers and devices when they travel to countries such as Russia or China in an effort to protect their data. Such devices are often so thoroughly contaminated with malware after these visits that they are simply disposed of rather than restored. Domestic assets are not necessarily safe from digital espionage efforts, either. In 2007 Australian mining company BHP Billiton’s efforts to acquire rival Rio Tinto were derailed in part by a cyber attack campaign thought to have originated in China, which strongly opposed the deal.
http://www.smh.com.au/national/asio-chief-warns-of-business-espionage-20120820-24ioc.html
Don’t let your private life be public, save you and your client the embarrassment by taking action.
1999 Price Waterhouse Coopers Estimated:
The cost of industrial espionage was 45 billion dollars per year in the USA alone.
2002 US congress report on foreign economic collection and industrial espionage stated:
“The Combined cost of foreign and domestic economic (industrial) espionage, including theft of intellectual property, as high as $300 billion per year and rising in the USA.
Eavesdropping attacks that focus on gaining in room audio or video require what is known as: “Time on target”, meaning someone has to physically install a bug or transmitter into the higher value areas such as offices, boardrooms, and cars.
Many hoped it wouldn’t happen to them. They got the blame or were fired for incompetence due to failure to protect the business or family home in their custody. Many in this case tried to save a few thousand dollars, and lost hundreds of thousands to millions in law suits due to:
They thought they knew everything industrial espionage, and didn’t want to take professional advice. They also mistakenly thought that because they were the boss or business owner, employees had his or her, not their own, best interests at heart.
Historically, many tried to blame the:
Why? Because they had absolutely no idea what was happening to them until the bug was found. It was everyone else’s fault, but in the end it was the decision makers who were blamed.
Total up the damage cost of ALL of the above threats to your business, your family and yourself.
Calculate how much money you spend yearly on unskilled physical security.
Calculate how much you spent on a CCTV system, door locks, and access control.
Calculate the total amount of money you spend on IT security: virus scanners firewall, consulting wages etc.
The total of this is how much you are prepared to spend to prevent an attack on the business.
NOW calculate how much money you have allocated to actually finding out the truth by conducting a TSCM sweep of your premises. All of the above have little or no effect on an eavesdropper attack on you without your knowledge.
Compare a few sweeps per year to your total budget, and the cost justifies itself.
Get a properly trained, equipped, licenced and insured TSCM specialist deployed to:
If TSCM is not in your security budget, who will be blamed when there is an incident.
Surreptitious eavesdroppers go for the softest target they can find to access their workstation, papers, live conversation, vehicles, electronics, phones and friends.
A dishonest employee will attempt to cover their tracks by using another employee’s electronics or passcodes.
You may be targeted as the best method of bugging the business because:
Humans are complex creatures who may not want to admit it, but they will always act within their own best interests at all times. Emotion drives behaviour so a raft of feeling will drive criminal behaviour as:
TSCM is generally viewed by the public as “White Collar crime” and not easily understood by law enforcement, and is hard to prove. Many offenders when caught justify their actions to the authorities, and say they didn’t think it was a big deal.
As there should be no difference from robbing a bank with a gun; to stealing millions of dollars’ worth of research and design intellectual property, there seems to be in the eyes of the law.
You have a fiduciary duty to protect your business and family. Decide not to be a victim who thought it would not happen to them.
People commit electronic crime because they think that they will get away with it, as it will be:
A: Just like Physical, IT, alarms, perimeter and door access and CCTV…. BEFORE you suspect you have been attacked, instead of after.
ALWAYS CALL US FROM A DEFINITELY CLEAN/DIFFERENT PHONE,
Such as a phone off site, as to not alert the bugger. If there are devices deployed in the building, we do not want to alert the bugger so that they remove them before the sweep.
Preferably, we need to undertake the sweep in as “Least Alerting” mode as possible, in order to find and potentially catch the bugger, without alerting them first that we have started looking. We want to know if there was one at the time of the sweep and not give the bugger a chance to dismantle their assets in your business.
The best times for maximum impact and effectiveness would be
Who is a trespasser? The unfortunate truth of human nature.
“Self-interest is the best horse in the race” – Paul Keating
Transient, disgruntled, ambitious, employees and ex-employees
Who do they really work for?
If truth be known their true loyalty is to themselves, their family, their community, their religion, their beliefs. You may provide an income to support these things and sustaining an income, and job stability is important. The justifications for people’s greed are always personal. The workforce is transient in this day and age and when a person is offered more pay and conditions, their loyalty will obviously have to shift.
Have the keys to the kingdom unsupervised. Bribed and blackmailed staff will be very motivated, and may not want to but feel they have to, especially to their new employer e.g. steal clients lists, financials, front running etc.
Hartman received a 4.5 year jail sentence; but immeasurable reputation damage was sustained to the firm who employed and trusted him. Hartman used confidential company information to insider trade for his own personal gain, at his employer’s expense.
The main method of establishing contact by offenders to children is now electronic.
The infamous bugged cold war “gift” from Russia to the US Ambassador took a long time to be discovered. Unfortunately the damage was done.
Staff on working visas/ working holidays – have been notorious for relaying data back to their real employer overseas. Caught or uncaught, employees have their family, friends and “previous” employer typically in the same industry back in their home country, where they will eventually return to. Sponsored staff normally has to have previously gained the necessary skill sets from these employers to get a sponsorship from your business and therefore a working Visa.
The multi-billion dollar pornography industry being recognised as the main driver of world internet and computer speeds. The free, easy access of this type of media now being electronically powered, gives an indication of human nature and everyone’s ability to operate electronics and software that may be used against you. Just because you may not understand how to operate or use something, doesn’t mean everyone else cannot.
Who has an interest in you? Your partner? Or your children? Maybe you should find out.
If you are a politician on a large or small scale, you don’t have to get involved in, but must protect your party from smear campaigning, researchers, data miners, and debunkers.
If you are in competition with them for the promotion; promotions mean money and status, and getting ahead quicker. What might they do to get ahead? What have you already seen them do to get ahead? They wouldn’t do that to you as well would they? Or just everyone else.
Police, ASIS, ASIO, ATO, WorkCover, Industrial relations commission: all want to make sure you are doing what you are supposed to.
Stakeholders: unions, employees, customers, suppliers.
Friends, suppliers, customers, employees and their associates may be coerced, or forced to act against you. Cases have revealed the motives of people close to you were of being blackmailed, instead of personal financial gain, in order to keep their personal secrets undisclosed. E.g. affairs, hidden sexuality, or any indiscretion.
They want your profit and you out of the picture.
You know yourself that management receive information on their competitors from ex- employees. When your employees are leaving, and have been promised a job, they are a big risk. They may not even bug your office till the last day to avoid suspicion. This way they can still have a data theft pipeline to help them in their new job work against you.
Some people see your successes as their failures. Electronic eavesdropping is the easiest way to get what you’ve got without their fingerprints.
Want as much of your life and assets as they can find out about. A Private investigators main business is asset location and catching cheating spouses.
People and action groups take action against people, businesses and governments they perceive don’t believe in what they stand for.
What other individuals or groups may not like your industry, business, employees, success, affiliations, history, projects, or you personally; and will take any steps to spy on you for weaknesses to exploit.
Famous or not, obsessed people can think they love you, (but also may resent the fact at the same time).
Time and time again tech savvy paparazzi intercept celebrities phone conversations, emails, homes, apartments, track their cars looking for anything to make a story.
Some people may think that the public has the right to your information, privacy, life’s work, money family or assets. They may think you make too much money, or you do not deserve what you have.
For whatever reason, you cannot afford to let someone destroy you and your family, business or reputation.
