Computer Security News by Michael Guadagno & Associates
Corporate Spying Can Lurk in the Most Unusual Places
We tell our business clients all the time that their company may be at risk from even the most mundane of sources. Corporate hackers and spies are quite creative. As one of the leading cyber security companies, our TCSM efforts to thwart them must be equally creative.
Once, while conducting a bug sweep of a large global corporation HQ in NYC, we discovered a rogue signal being transmitted over the carrier current cable, which uses AC electrical wiring to send power through the building. The rogue signal was especially active within the President’s office, with slight activity also discovered in the Vice-President’s office. The espionage risk was unknown to the company executives, who assumed their privacy was secure. But to our bug sweep experts, it was a red flag. The rogue signal rendered the offices vulnerable to audio/data spying.
Communication Vulnerabilities Discovered
Our TCSM equipment traced the signal to an assistant’s office, where we found a copy machine that apparently had been malfunctioning for quite some time. Here’s the cyber risk: Wi-Fi communication sent from a company PC to the fax-copy machine possibly could produce engineering that enabled communication through the carrier current cabling that ran throughout the building. A listening device, or bug, placed behind a receptacle cover anywhere in the system could send sensitive data to someone spying from miles away.
Mr. Guadagno personally conducted the counter-surveillance, inspecting the machine’s interior controls and mechanics for suspicious activity and modifications. He found no tampering. Under strict observation by our bug sweep team, the technician dispatched by the manufacturer replaced circuit controls and hardware. After the technician left, Mr. Guadagno conducted another carrier current survey to test for the rogue signal. The signal had disappeared. We thus considered this back-door cyber risk to be closed.
Either a malfunction occurred in the original controls, which we were not permitted to retain due to advice from the CLO, or someone intentionally placed eavesdrop technology into the control circuit, most likely during overseas manufacturing, with the intention of enabling espionage. Intelligence reports by cyber security companies prove this to be true — spying bugs are being planted in computers manufactured in certain foreign countries.
While it appears that only someone with a bizarre imagination could come up with this scenario, the espionage risk is real. Thinking outside the box is required for counter-surveillance. It is what our American TCSM experts do to protect organizations from spy intrusion.
For more computer security news, see our related blog posts.