|
Intelligence
and information gathering on competitors and adversaries is
legendary. Pick your time reference: 16th century, 17th century
... 20th century, 21st century. It's not going away
anytime soon. We have more and more to lose if we are the
target. Not to alarm, but our objective in this discussion is to
alert ... to bring your attention to the reality of the world today.
This applies not only to battle plans between warring
factors, national or diplomatic secrets, political strategies, efforts of character
defamation but also in industry and business. We hear about national security
leaks, but not nearly as many as actually occur. We only hear the ones that
aren't kept
away from news reporters and the media. Industrial
espionage isn't just caused by teenaged computer
hackers, but is more likely a result of intelligence gathering at the
behest and request of the CEOs, COOs, etc. of your competitors.
Beverage companies, manufacturers of building
materials, auto manufacturers, gene therapy companies, pharmaceutical
companies are constantly the target of and often the instigators of such
behavior. Some of the most innovative research occurs in
small to medium-sized businesses which makes them targets as
well. No one is immune.
In our world today, every business and organization
needs to be aware of its basic security requirements. There are many
categories of security ...
 | Information security |
| Computer security |
| Facility security |
| Personnel security |
| Proprietary intelligence assets |
| Trade secrets |
| the list goes on ... |
Even if you address one or two of the issues above to
some degree, your effort is thwarted because your conversations and
planning meetings were vulnerable to accidental eavesdropping or
intentional surveillance.
Our federal government, as an example which is
constantly in the news, sometimes does an extremely good job of
protecting its intelligence, but many times their effort is lackluster or even minimal at best. Think about what has been in the
news lately.
| A soviet spy was caught sitting in his car outside
the US State Department, listening to conversations in a
conference room deep within the building by using electronic
surveillance equipment. |
| Information is revealed to the media, obtained by
partial eavesdropping by passers-by or by office personnel "in
the know". |
| Multi-national conferences, diplomatic discussions
and strategy sessions which have or could have divulged information
or mis-information. Take, for instance, a recent security
precaution used by our government in 2002 when President Bush visited
China. Government officials played country music while they
talked among themselves to "cover up their conversations"
in case the Chinese were using bugs to listen in. |
| The offices of the National Democratic Committee
and Republican National Committee have found themselves the target of
electronic surveillance. |
| Recently, in the fall of 2003, the Mayor of
Philadelphia, John Street discovered his offices were bugged only
weeks from an election. For what reason and by whom is yet to
be determined. |
Eavesdropping is the oldest form of information
gathering. Questions often asked are:
How many electronic "bugs" are planted per
year?
What percentage of them are illegal?
What percentage are industrial or business related?
What percentage are domestic?
What are the most common types?
What is the percent of sweeps that are productive?
What is the most common eavesdropping method?
The truth is, in matters of eavesdropping and
espionage, there are no accurate statistics, no most common methods
and no typical clients.
Don't let people scare you with made-up statistics - they can't
possibly
know. Successful attacks go unnoticed. Most unsuccessful attacks go
unreported. And the rest are just news stories. No one is officially
keeping track.
All attack scenarios have unique qualities, and are usually quite
complicated. Everyone has enemies (competitors, activists, disgruntled
employees and customers, disloyal partners, unions v. management,
management v. unions, etc., etc.).
There is always somebody who wants what you have or wants you out of
their picture.
Here are more truths...
- All properly conducted sweeps are productive.
- It is less expensive to protect and deflect than to defend and fix.
- If you wait until the attack takes place to protect yourself, the
'survival price tag' will be high... and you may not be
successful.
You need to detect pre-attack signs of intelligence gathering
(eavesdropping) BEFORE the attack. At this stage, security is both
cheap
and effective.
The goal is to detect and deny.
|
