How to spot -- and stop -- a spy
Con artists make it their job to extract sensitive corporate intelligence from unsuspecting employees. Here's how to stop them.
Computerworld - Corporations are woefully unprepared to counter attempts at corporate espionage, say experts who perform vulnerability assessments designed to uncover security weaknesses. U.S. corporations lose as much as $300 billion a year to hacking, cracking, physical security breaches and other criminal activity, according to Ira Winkler, author of Spies Among Us (Wiley, 2005) and president of the Internet Security Advisors Group, which performs espionage simulations and provides other services.
Although espionage is usually associated with high-tech approaches involving wireless security breaches and zombified PCs, low-tech tactics such as walking into a building are common, says Johnny Long, a security researcher at Computer Sciences Corp. and author of No-Tech Hacking (Syngress, 2008).
"To me, computers are irrelevant," Winkler says. "It's about what data do I want, what form does it take, and how can I steal it?"
Any company can be a target, says Peter Wood, chief of operations at First Base Technologies, a U.K.-based consultancy that performs ethical hacking services. Spies are interested in anything from financial data to intellectual property and customer data. They might steal information for blackmail purposes, but "the most common motive for physical intrusion is industrial espionage," he says.
Here are several of the most common ploys and the countermeasures you can put into place to spot -- and possibly even stop -- the work of a spy.
One of the most disturbingly successful ways for outsiders to infiltrate an organization is also the least high-tech: following an authorized employee through the front door. "In 90% of the companies I've worked with, it's so simple to get in, it's pathetic," Winkler says (Read Winkler's chilling accounts of espionage). To blend in, the spy might hold a cup of coffee or a sandwich, dress in a suit minus the jacket or even wear a counterfeit badge.
Antismoking regulations have also made it simple to sneak into buildings through the back door, where smokers tend to huddle, Wood adds. And Long claims to have walked right through delivery or loading dock doors.
Once they're inside, spies have lots of ways to access sensitive information. They can pose as IT support personnel, photocopying papers they find on unattended desks or at printers. Or they can just walk into an empty meeting room, plug in a laptop and pull data off the network. In that scenario, a convincing ploy is for spies to work in pairs, with one posing as a consultant and the other as an employee, says Wood, who has used that tactic. If someone enters the room, Wood says he apologizes for the "double-booking" and moves on. "It's just a matter of having the right attitude and being confident," he says.
How to stop them: According to Winkler, you can't just establish policies; you must also enforce the rules that prohibit security guards, receptionists and other workers from letting people into the building if they can't prove that they're employees. Companies also need to set clear procedures for reporting suspicious people. No one wants a vigilante culture, "but if you see someone acting unusually, you should make note of what that person is doing," Winkler says. (Read our blogs: Security training doesn't have to be hard.)
- Data Protection eGuide In this eGuide, CSO and sister publications IDG News Service, Computerworld, and CIO pull together news, trend, and how-to articles about the increasingly...
- Warning: Cloud Data at Risk Experts agree that relying on SaaS vendors to backup and restore your data is dangerous. Yet that's exactly what huge portions of the...
- The Opportunities and Challenges of the Cloud In this report F5 poses questions to IDC analysts, Sally Hudson and Phil Hochmuth, on behalf of F5's customers to better understand the...
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!