This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.bbc.co.uk/news/business-37154314
The article has changed 3 times. There is an RSS feed of changes available.
| Version 0 | Version 1 |
|---|---|
| Are hi-tech spies stealing all your firm's secrets? | Are hi-tech spies stealing all your firm's secrets? |
| (about 11 hours later) | |
| Last weekend's reports about the New Zealand rugby team's discovery of a listening device sewn in to a hotel meeting room chair, have illustrated just how much spying technology has advanced in recent years. | Last weekend's reports about the New Zealand rugby team's discovery of a listening device sewn in to a hotel meeting room chair, have illustrated just how much spying technology has advanced in recent years. |
| These days, you don't need to sit outside in a van with your headphones on, listening to static for an hour before the battery runs out and the tape recorder gives a tell-tale clunk. | These days, you don't need to sit outside in a van with your headphones on, listening to static for an hour before the battery runs out and the tape recorder gives a tell-tale clunk. |
| Tiny matchbox-sized gadgets are now capable of transmitting audio and video for hours on end to the other side of the world. | Tiny matchbox-sized gadgets are now capable of transmitting audio and video for hours on end to the other side of the world. |
| Not only that, but we are all constantly connected to the internet via mobile phones and computers, and happily share details of our work and home life on social media - all valuable information for spies. | Not only that, but we are all constantly connected to the internet via mobile phones and computers, and happily share details of our work and home life on social media - all valuable information for spies. |
| For experts like Alex Bomberg, whose company International Intelligence provides counter espionage services to large organisations, the result is that the threats to company security are now almost too many to count. | For experts like Alex Bomberg, whose company International Intelligence provides counter espionage services to large organisations, the result is that the threats to company security are now almost too many to count. |
| He is casting his eye over one corporate head office to demonstrate the kind of things he "sweeps" for when giving security advice. | He is casting his eye over one corporate head office to demonstrate the kind of things he "sweeps" for when giving security advice. |
| The organisation doesn't want to be named - no-one is keen to have their security weaknesses pointed out publicly. Despite having identity passes and security guards, the company is still vulnerable, he says. | The organisation doesn't want to be named - no-one is keen to have their security weaknesses pointed out publicly. Despite having identity passes and security guards, the company is still vulnerable, he says. |
| Traditional vulnerabilities, such as sensitive documents casually thrown into the bin or poorly paid cleaning and security staff being bribed to steal secrets, are now being amplified by technology. | Traditional vulnerabilities, such as sensitive documents casually thrown into the bin or poorly paid cleaning and security staff being bribed to steal secrets, are now being amplified by technology. |
| Almost every meeting room is furnished with a conference phone that could be hacked. Anyone with a portable memory stick and a few minutes at a work station could download vast amounts of data or upload a virus. If you chuck out an old photocopier these days, the hard drive can hold years of stored data. | Almost every meeting room is furnished with a conference phone that could be hacked. Anyone with a portable memory stick and a few minutes at a work station could download vast amounts of data or upload a virus. If you chuck out an old photocopier these days, the hard drive can hold years of stored data. |
| And corporate spies are continually developing new tech-based tricks. | And corporate spies are continually developing new tech-based tricks. |
| "You pre-load a USB [memory] stick [with malware], and leave it where someone will find it," says Mr Bomberg. "It's human nature to wonder whose it is... especially if it says Accounts or HR on it." | "You pre-load a USB [memory] stick [with malware], and leave it where someone will find it," says Mr Bomberg. "It's human nature to wonder whose it is... especially if it says Accounts or HR on it." |
| And then there's the smartphone. | And then there's the smartphone. |
| "They are very, very dangerous things," he says. "You are bringing basically a transmitting device into a building." | "They are very, very dangerous things," he says. "You are bringing basically a transmitting device into a building." |
| We are all effectively carrying the perfect James Bond gadget in our pockets. | We are all effectively carrying the perfect James Bond gadget in our pockets. |
| "A lot of the larger companies now are creating sterile areas in which to hold a meeting. You can't even take your mobile phone in, which is very good practice, because what have we got on our phones? A microphone." | "A lot of the larger companies now are creating sterile areas in which to hold a meeting. You can't even take your mobile phone in, which is very good practice, because what have we got on our phones? A microphone." |
| When it comes to business travel, executives are routinely advised nowadays to check a hotel suite thoroughly for listening devices, not to leave their laptop unattended, and to shun public wi-fi networks. | When it comes to business travel, executives are routinely advised nowadays to check a hotel suite thoroughly for listening devices, not to leave their laptop unattended, and to shun public wi-fi networks. |
| Alex adds that executives - like criminals - would be wise to take a "burner" phone with them - a basic phone that can be binned at the end of the trip. | Alex adds that executives - like criminals - would be wise to take a "burner" phone with them - a basic phone that can be binned at the end of the trip. |
| 'They're investigating you' | 'They're investigating you' |
| But the most effective corporate espionage attacks of recent times have relied as much on human frailty as technology. | But the most effective corporate espionage attacks of recent times have relied as much on human frailty as technology. |
| Former FBI agent Eric O'Neill is National Security Strategist at the Washington-based cybersecurity company, Carbon Black. | Former FBI agent Eric O'Neill is National Security Strategist at the Washington-based cybersecurity company, Carbon Black. |
| He says the race between virus and antivirus software has reached a stalemate - the new battleground is personal. | He says the race between virus and antivirus software has reached a stalemate - the new battleground is personal. |
| "Today, attackers are using sophisticated, 'spear-phishing' attacks," says Mr O'Neill. | "Today, attackers are using sophisticated, 'spear-phishing' attacks," says Mr O'Neill. |
| These are emails that have been carefully tailored to chime in with your own interests and experiences, using personal details gleaned about you from social media and elsewhere. | These are emails that have been carefully tailored to chime in with your own interests and experiences, using personal details gleaned about you from social media and elsewhere. |
| "They're investigating you," he says. "They're learning about an individual and putting together emails that people will click on." | "They're investigating you," he says. "They're learning about an individual and putting together emails that people will click on." |
| The email might suggest your local golf shop is having a sale, for example, or that the renovation work on your office building is near completion. The aim is usually to entice you to click on a link containing malware. | The email might suggest your local golf shop is having a sale, for example, or that the renovation work on your office building is near completion. The aim is usually to entice you to click on a link containing malware. |
| In 2014, the US accused five Chinese military officers of spying on US industrial giants - including Alcoa, Solarworld, US Steel and Westinghouse - by sending emails that appeared to come from executives within the company, the US indictment said. | In 2014, the US accused five Chinese military officers of spying on US industrial giants - including Alcoa, Solarworld, US Steel and Westinghouse - by sending emails that appeared to come from executives within the company, the US indictment said. |
| Reconnaissance | Reconnaissance |
| Owen Wright of cybersecurity firm Context IS explains how hackers and spies target employees. | Owen Wright of cybersecurity firm Context IS explains how hackers and spies target employees. |
| "The first thing you do is perform lots of reconnaissance, where they sit, who they work with, look them up on social media," he says. | "The first thing you do is perform lots of reconnaissance, where they sit, who they work with, look them up on social media," he says. |
| "The more you know, the more you can build up an attack." | "The more you know, the more you can build up an attack." |
| Tapping into employees' natural curiosity - about salary details, for example - is a good way to get them to click on email attachments, he says. | Tapping into employees' natural curiosity - about salary details, for example - is a good way to get them to click on email attachments, he says. |
| "It's highly likely that the people who receive that email will open it and if that document was booby trapped it could allow the attacker to take over those people's computers," he says. | "It's highly likely that the people who receive that email will open it and if that document was booby trapped it could allow the attacker to take over those people's computers," he says. |
| "In some cases you can spoof the email address, so even though it is coming from the attacker it looks like it is coming from inside the organisation, in which case it creates a much more realistic scenario." | "In some cases you can spoof the email address, so even though it is coming from the attacker it looks like it is coming from inside the organisation, in which case it creates a much more realistic scenario." |
| Emails purporting to come from the boss have proven very successful at convincing junior managers to release cash to fraudsters. | Emails purporting to come from the boss have proven very successful at convincing junior managers to release cash to fraudsters. |
| Insider threat | Insider threat |
| While security companies do their best to keep pace with criminals' latest techniques, the biggest - and oldest - threat remains the mole: the enemy within. | While security companies do their best to keep pace with criminals' latest techniques, the biggest - and oldest - threat remains the mole: the enemy within. |
| "One of the biggest threats is your people and your employees," says Dan McGahn, chief executive of wind turbine maker American Superconductor. | "One of the biggest threats is your people and your employees," says Dan McGahn, chief executive of wind turbine maker American Superconductor. |
| It's a lesson he learned the hard way. | It's a lesson he learned the hard way. |
| The company had carefully encrypted its intellectual property, but in 2011 the firm was nearly destroyed after the code was leaked to a rival in China. | The company had carefully encrypted its intellectual property, but in 2011 the firm was nearly destroyed after the code was leaked to a rival in China. |
| "If you motivate someone the right way with the right amount of money - I think he was offered women, he was offered a new life in China - if you motivate them properly to steal, any company is susceptible to that." | "If you motivate someone the right way with the right amount of money - I think he was offered women, he was offered a new life in China - if you motivate them properly to steal, any company is susceptible to that." |
| Listen to BBC Radio 4's In Business: How Safe Are Your Secrets? | |
| Follow Technology of Business editor @matthew_wall on Twitter | Follow Technology of Business editor @matthew_wall on Twitter |
| Click here for more Technology of Business features | Click here for more Technology of Business features |