[ISN] Canadian coins bugged, U.S. security agency says

From: InfoSec News (alerts@private)
Date: Wed Jan 10 2007 - 22:36:18 PST


http://www.cbc.ca/technology/story/2007/01/10/rfid-defence.html

The Canadian Press 
January 10, 2007

They say money talks, and a new report suggests Canadian currency is 
indeed chatting, at least electronically, on behalf of shadowy spies.

Canadian coins containing tiny transmitters have mysteriously turned up 
in the pockets of at least three American contractors who visited 
Canada, says a branch of the U.S. Department of Defence.

Security experts believe the miniature devices could be used to track 
the movements of defence industry personnel dealing in sensitive 
military technology.

"You might want to know where the individual is going, what meetings the 
individual might be having and, above all, with whom," said David 
Harris, a former CSIS officer who consults on security matters.

"The more covert or clandestine the activity in which somebody might be 
involved, the more significant this kind of information could be."

The counter-intelligence office of the U.S. Defence Security Service 
cites the currency caper as an example of the methods international 
spies have recently tried to illicitly acquire military technology.


Nearly 1,000 'suspicious' contacts

The service's report, Technology Collection Trends in the U.S. Defence 
Industry, says foreign-hosted conventions, seminars and exhibits are 
popular venues for pilfering secrets.

The report is based on an analysis of 971 "suspicious contact reports" 
submitted in fiscal 2005 by security-cleared defence contractors and 
various official personnel.

"On at least three separate occasions between October 2005 and January 
2006, cleared defence contractors' employees travelling through Canada 
have discovered radio frequency transmitters embedded in Canadian coins 
placed on their persons," the report says.

The report did not indicate what kinds of coins were involved. A service 
spokeswoman said details of the incidents were classified.

As a result, the type of transmitter in play and its ultimate purpose 
remain a mystery.

However, tiny tracking tags, known as RFIDs, are commonly placed in 
everything from clothing to key chains to help retailers track 
inventory.

Each tag contains a miniature antenna that beams a unique ID code to an 
electronic reader. The information can then be transferred by the reader 
into a computerized database.


Makes no sense

The likely need for such a reading device means the doctored coins could 
be used to track people only in a controlled setting, not over long 
distances, said Chris Mathers, a security consultant and former 
undercover RCMP officer.

"From a technology perspective, it makes no sense," he said. "To me it's 
very strange."

Then there's the obvious problem: what if the coin holder plunks the 
device into a pop machine?

"You give the guy something with a transmitter that he's going to spend 
I mean, he might have it for an hour," Mathers said with a chuckle.

Harris speculates recent leaps in miniaturization could allow for a 
sophisticated transmitter capable of monitoring a target's extensive 
travels.

"I think we can be pretty darn confident that the technology is there 
for the sorts of micro-units that would be required to embed these 
things in a coin," he said.

"It's a brave new world, and greatly concerning on so many levels."

Passing the coin to an unwitting contractor, particularly in strife-torn 
countries, could mark the person for kidnapping or assassination, Harris 
said.

"You could almost, by handing a coin to somebody, achieve the equivalent 
of the Mafiosi's last kiss on the cheek."

The Defence Security Service report says employees of U.S. contractors 
reported suspicious contacts from individuals, firms or governments of 
more than 100 countries during the year.

Technologies that generated the most interest were information systems, 
lasers and optics, aeronautics and sensors.

A foreign approach often meant a simple request for information from the 
contractor.


Can contain built-in scanners

But the report also underscores clandestine means of acquiring secrets 
from U.S. employees, particularly those travelling abroad.

"It is important to recognize copiers and shredders can contain built-in 
scanners to copy the data."

Other common methods include placing listening devices in rooms, 
searching hotel rooms, inspecting electronic equipment and eavesdropping 
on conversations.

The report, which first came to light in a U.S. newspaper, has since 
been posted on the website of the Federation of American Scientists, an 
organization that tracks the intelligence world and promotes government 
openness.

The Canadian Press, 2006


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Wed Jan 10 2007 - 22:55:25 PST