NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY
09/29/05
Today's focus: Industrial espionage, Part 2: More methods
Dear security.world@gmail.com,
In this issue:
* Even more ways to conduct industrial espionage
* Links related to Security
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Cisco Systems
Cisco Threat Defense System Guide: How to Provide Effective Worm
Mitigation
Worms are among the biggest security challenges to business
productivity today. Protect your networks with an integrated
security solution that is both flexible and pervasive, providing
collaboration between networking and security services, and
comprehensive coverage from your network to your endpoints -
Cisco Threat Defense System.
http://www.fattail.com/redir/redirect.asp?CID=115717
_______________________________________________________________
REVISTING SPYWARE
Spyware can kill your business quicker than spam or viruses.
Spyware insidiously logs your keystrokes, rifles through your
files for password and credit card data, peppers your screen
with ads and slows your PCs to a crawl. So how do you stop it?
Network World reviews 16 spyware stopping products. Click here:
http://www.fattail.com/redir/redirect.asp?CID=115658
_______________________________________________________________
Today's focus: Industrial espionage, Part 2: More methods
By M. E. Kabay
In the first article in this series, I reviewed some of the
information in the annual reports of the National
Counterintelligence Center, or NACIC, which later became the
Office of the National Counterintelligence Executive, or ONCIX.
Here I continue with additional methods of industrial espionage
from later research.
The 2000 NACIC report added these methods:
* Requesting information through e-mail or letters, including
apparent responses to advertising or trade show exhibits.
* Exploiting Internet discussion groups, especially
research-oriented list servers.
A survey organized by NACIC among about a dozen Fortune 500
company officers extended the list of industrial espionage
methods with the following approaches:
* Breaking away from tour groups.
* Attempting access after normal working hours.
* Supplying different personnel at the last minute for
agreed-upon projects.
* Stealing laptops.
* Customs holding laptops for a period of time.
* Social gatherings.
* Dumpster diving (searching through trash and discarded
materials).
* Intercepting non-encrypted Internet messages.
I want to make it clear that the NACIC/ONCIX authors and I as a
writer reporting on their findings are _not_ implying that
foreign nationals and foreign-born citizens in this country are
inherently threats to national security. The vast majority of
such people - and I am one myself, having been born in Canada
and having been granted U.S. citizenship in July of this year -
are honest, loyal people who have never done anything against
the interests of our country.
The U.S. Census Bureau reports
<http://www.networkworld.com/nlsec7407> that in 2004, there were
more than 34 million foreign-born residents out of a total
population estimated at over 293 million
<http://www.networkworld.com/nlsec7408>. So even if we guessed
there were a thousand foreign-born spies (a high estimate for
which there is no factual basis whatsoever), that number would
represent a mere 0.003% of the foreign-born population - leaving
99.997% as unworthy of suspicion. So the next time someone tries
to convince you that purely ethnic profiling divorced from any
study of individual behavior is a good idea for law enforcement
and national security, do a similar calculation with them and
calculate the costs of resources wasted on false positives.
The NACIC/ONCIX reports are clear on the threat from purely
domestic, all-American citizens:
"In 1996, the FBI and ASIS [an organization for security
professionals] also reaffirmed the increase in the reporting of
domestic theft or misappropriation of proprietary economic
information. An ASIS special report released in March 1996,
Trends in Intellectual Property Loss, indicated that 74 percent
of intellectual or proprietary property losses stemmed from the
actions of 'trusted relationships' - employees, former
employees, contractors, suppliers, and so forth."
In the next article in this series, I'll review some striking
cases of industrial espionage in the decade before now.
The top 5: Today's most-read stories
1. How to solve Windows system crashes in minutes
<http://www.networkworld.com/nlsecuritynewsal7602>
2. IPTV will trip up Bells, analysts say
<http://www.networkworld.com/nlsec7880>
3. McAfee, Omniquad top anti-spyware test
<http://www.networkworld.com/nlsecuritynewsal6949>
4. Skype: Hazardous to network health?
<http://www.networkworld.com/nlsecuritynewsal7851>
5. The rise of the IT architect
<http://www.networkworld.com/nlsecuritynewsal7052>
_______________________________________________________________
To contact: M. E. Kabay
M. E. Kabay, Ph.D., CISSP, is Associate Professor in the
Division of Business and Management at Norwich University in
Northfield, Vt. Mich can be reached by e-mail
<mailto:mkabay@norwich.edu> and his Web site
<http://www2.norwich.edu/mkabay/index.htm>.
New information assurance journal - Norwich University Journal
of Information Assurance (NUJIA). See
<http://nujia.norwich.edu/>
_______________________________________________________________
This newsletter is sponsored by Cisco Systems
Cisco Threat Defense System Guide: How to Provide Effective Worm
Mitigation
Worms are among the biggest security challenges to business
productivity today. Protect your networks with an integrated
security solution that is both flexible and pervasive, providing
collaboration between networking and security services, and
comprehensive coverage from your network to your endpoints -
Cisco Threat Defense System.
http://www.fattail.com/redir/redirect.asp?CID=115716
_______________________________________________________________
ARCHIVE LINKS
Archive of the Security newsletter:
http://www.networkworld.com/newsletters/sec/index.html
Security Research Center:
http://www.networkworld.com/topics/security.html
Instant sign-up for Security News Alert:
http://www.networkworld.com/isusecna
Instant sign-up for Virus & Bug Patch Alert:
http://www.networkworld.com/isubug
_______________________________________________________________
Webcast - Identify, prevent and adapt. Can your network do that?
Too much security and your business stops. Find out what steps
others are taking to protect information by establishing
standards, setting up policies and processes, and creating
assessment technologies. Learn more.
http://www.fattail.com/redir/redirect.asp?CID=115742
_______________________________________________________________
FEATURED READER RESOURCE
The Trend Micro Threat Map
The Trend Micro Threat Map dynamically displays real-time data
to show worldwide trends in virus and content security threats
as they happen. Collected from actual computer infections, the
Threat Map can be used to help determine appropriate security
policies, based on the prevalence of threats that can adversely
affect your business.
<http://www.networkworld.com/go/trendmicro/trend_frr>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2
International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES
To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>
To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>
Subscription questions? Contact Customer Service by replying to
this message.
This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________
Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>
Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772
For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>
Copyright Network World, Inc., 2005
No comments:
Post a Comment