[ISN] Bosses get into 007 gadgets

From: InfoSec News (alerts@private)
Date: Sun Nov 19 2006 - 22:17:00 PST


http://news.com.com/Bosses+get+into+007+gadgets/2100-1029_3-6136615.html

By Steve Ranger
Special to CNET News.com
November 17, 2006

It's not just James Bond who gets to play with all the cool gadgets. 
More and more business executives are investing in secret agent-style 
hardware to make sure their top-secret company plans stay under wraps.

Bug-detectors disguised as fountain pens, keyboards that can secretly 
record everything typed on them, and clock radios with hidden 
cameras--devices once only of interest to spies--are now being bought by 
company chiefs who fear they are being spied on.

"The majority of the customers are buying countersurveillance 
equipment," said Julia Adams, director of surveillance gadget store 
Spymaster. "The majority are concerned with what is being leaked. They 
want to make sure they aren't being bugged and that the competition 
isn't listening."

Some executives carry pocket-size bug detectors when they are in 
meetings, on their own premises or elsewhere, that vibrate if they pick 
up on eavesdropping equipment.

Adams said that people usually pay the Spymaster store a visit because 
they have a feeling that something is not quite right and, as she points 
out, "more often than not that feeling is correct." Once they have 
equipped themselves with countersurveillance gadgets, executives often 
come back and stock up on surveillance devices, so that they can then 
find out which staff member in their office has been leaking 
information.

Business chiefs may well be right to watch their backs. According to a 
survey of 2,000 office workers commissioned by Samsung Electronics, 57 
percent of respondents said they have found and read confidential 
information on a printer, and 21 percent admit to having read 
confidential information on a colleague's monitor.

And it's not just staff leaking company secrets to rivals that bosses 
have to watch out for. With the Cold War long over, corporate espionage 
has been heating up.

According to MI5, as the U.K.'s national security service is commonly 
known, foreign intelligence services are now targeting commercial 
enterprises "far more than in the past," in an attempt to get their 
hands on communications technologies, IT, lasers, optics and 
electronics, to name just a few targets.

At least 20 foreign intelligence services are operating to some degree 
against U.K. interests, MI5 warns, trying to get secrets from people by 
exploiting technology such as communications and computer systems. This 
means as well as buying countersurveillance gadgets to protect 
themselves, companies need to make sure their computer systems aren't 
coming under attack.

MI5 has a list with IT security advice on its Web site. It warns that 
electronic attacks may come from a range of sources: criminals, foreign 
intelligence services, lone hackers or terrorists. Companies should 
conduct a risk assessment to establish whether they are at particular 
risk of an electronic attack, it warns. Indeed, its sister agency, MI6, 
recently advertised for techies to help keep its own networks secure.

Other recommendations include:

* Buy IT gear from reputable manufacturers and suppliers.

* Ensure that software is as up-to-date as possible. Consider checking 
  for patches and updates at least weekly.

* Ensure that Internet-connected computers are equipped with antivirus 
  software.

* Always ensure that your information is regularly backed-up.

* Try to ensure that those who maintain, operate and guard your systems 
  are reliable and honest.

* Seek regular security advice from system and service providers and 
  make sure you act upon it. Pre-empt attacks instead of waiting for 
  them.

* If there are particular categories of material you wish to protect, 
  you could consider encryption.

* Take basic security precautions in order to prevent software or other 
  information from falling into the wrong hands. Implement a program of 
  security awareness among your staff. Train them not to leave sensitive 
  material lying around and to operate a clear-desk policy.

* Invest in security cabinets and fit locking doors.

* Ensure the proper destruction of confidential material.

Steve Ranger reported for Silicon.com from London.


_________________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Sun Nov 19 2006 - 22:28:47 PST