Secrets of Computer Espionage: Tactics and Countermeasures / Edition 1

Paperback (Print)
Used and New from Other Sellers
Used and New from Other Sellers
from $1.99
Usually ships in 1-2 business days
(Save 95%)
Other sellers (Paperback)
  • All (31) from $1.99   
  • New (6) from $20.88   
  • Used (25) from $1.99   

Overview

* Covers electronic and wireless eavesdropping, computer surveillance, intelligence gathering, password cracking, keylogging, data duplication, black bag computer spy jobs, reconnaissance, risk assessment, legal issues, and advanced spying techniques used by the government
* Author shares easily-implemented countermeasures against spying to detect and defeat eavesdroppers and other hostile individuals
* Addresses legal issues, including the U.S. Patriot Act, legal spying in the workplace, and computer fraud crimes
* Companion Web site contains links to security tools and useful security information resources

Read More Show Less

Editorial Reviews

From Barnes & Noble
The Barnes & Noble Review
To paraphrase Humphrey Bogart in Casablanca, "Who’s looking at you, kid?" Your boss? Your competitors? The government? Your ex-spouse’s private investigator? Some kid down the street? Your kid? How paranoid should you be? Secrets of Computer Espionage will tell you. Want to know the latest “spy vs. spy” tricks -- and countermeasures? This book will tell you that, too.

Author Joel McNamara is a leading security and privacy consultant who created Private Idaho -- for years, one of the top Windows email privacy tools. He was among the first demonstrate the risks of Word macro viruses. He also maintains The Complete, Unofficial TEMPEST Information Page, which demystifies secret government techniques for reconstructing data from your PC’s electromagnetic emanations.)

In this book, he systematically reviews the art and technologies of high-tech espionage. He also presents effective countermeasures -- many surprisingly easy and inexpensive. Most important, he teaches you to “think like a spy” -- so you can identify vulnerabilities you’d never have considered before.

McNamara starts with risk assessment. What do you have? Who might want it? How badly? How might they get it? What would happen if they got it? How can it be protected? Is protecting it worth the cost?

There’s a full chapter on the current laws on computer espionage. What are you (theoretically) protected against? If you’re the spy, what can’t you do, and what must you do? How has the USA Patriot Act of 2001 changed things?

Next, there’s a full chapter on “black bag jobs” -- e.g., burglaries designed to steal critical information or plant “bugs” or computer software designed to compromise information later. (The technologies have changed since the ’72 Watergate burglary that sank Richard Nixon, but the tradecraft hasn’t.) McNamara also outlines five sets of countermeasures.

Once a spy gains physical access, there are a laundry list of techniques for getting inside. McNamara covers them all. BIOS attack tools. CMOS zapping. Circumventing screen savers. System password recovery disks. Booting alternate operating systems (e.g., running DOS to access an NTFS drive with NTFSDOS). Even pulling the hard drive.

You’ll go behind the scenes with forensics specialists searching for evidence on your PC. You’ll discover their tools and procedures, and the key files and filesystem locations most likely to be searched (for instance, slack space, Windows swap files, browser artifacts, Sent Mail folders, IM and IRC logs). You’ll also learn what to expect from countermeasures such as encryption and “evidence eliminator” software.

You name it, McNamara covers it: password crackers, Trojan horses, data duplication tools, keyloggers, and anti-spyware such as Pest Patrol and Who’s Watching Me. There’s extensive coverage of network eavesdropping, including a full chapter on wireless vulnerabilities.

McNamara goes beyond PCs to discuss spying on fax machines, PDAs, voicemail systems, cell phones -- even shredders. He concludes with a well-informed chapter on secret government spying programs such as ECHELON.

Ignorance is no longer bliss. Know what’s out there. Know what to do about it. Read Secrets of Computer Espionage. Bill Camarda

Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks for Dummies, Second Edition.

From the Publisher
“…provides insightful details backed up by a wealth ofreal-life examples….clearly a valuable addition to yourbookshelf…” (www.net-security.org, May 2004)

“…surprisingly clear given the degree of difficultyof his topic,…we suggest this practical book topmanagers…” (www.getabstract.com, May 2004)

"…an informative book which should help keep thosedefences up and those intruders out…" (PC Utilities,No.39, 2003)

“…will definitely open your eyes…quirky casestudies and good coverage of latest technology…”(Internetworks, November 2003)

“…informative…entertaining…next time yougo to your local bookseller, locate a copy. I bet you’ll behooked…” (Linux Journal, 22 August 2003)

Read More Show Less

Product Details

  • ISBN-13: 9780764537103
  • Publisher: Wiley
  • Publication date: 6/20/2003
  • Edition description: New Edition
  • Edition number: 1
  • Pages: 384
  • Product dimensions: 9.25 (w) x 7.50 (h) x 0.80 (d)

Meet the Author

Joel McNamara is an internationally acclaimed security and privacyconsultant and the creator of Private Idaho, one of the firstpopular open source Internet privacy tools. A former Microsofttechnical writer and training manager, he is credited withdeveloping one of the first Microsoft macro viruses and thenpublicizing the security risks. He is also the author of the "TheComplete, Unofficial TEMPEST Information Page," a Web site thatdemystifies classified government surveillance technology.

Read More Show Less

Table of Contents

Acknowledgments.

Introduction.

Chapter 1: Spies.

Chapter 2: Spying and the Law.

Chapter 3: Black Bag Jobs.

Chapter 4: Breaching the System.

Chapter 5: Searching for Evidence.

Chapter 6: Unprotecting Data.

Chapter 7: Copying Data.

Chapter 8: Snooping with Keyloggers.

Chapter 9: Spying with Trojan Horses.

Chapter 10: Network Eavesdropping.

Chapter 11: 802.11b Wireless Network Eavesdropping.

Chapter 12: Spying on Electronic Devices.

Chapter 13: Advanced Computer Espionage.

Appendix A: What's on the Web Site.

Index.

Read More Show Less

First Chapter

Secrets of Computer Espionage

Tactics and Countermeasures
By Joel McNamara

John Wiley & Sons

ISBN: 0-7645-3710-5


Chapter One

Spies

"I could have been a devastating spy, I think, but I didn't want to be a devastating spy. I wanted to get a little money and to get out of it." -Robert Hanssen, FBI agent and convicted Soviet spy

Getting to Know Spies

Computer spies typically don't wear trench coats. They don't dress in tight black clothes and hang upside down from trapeze wires over your keyboard. They probably aren't named Boris and don't speak with heavy Slavic accents. Most of them aren't even hackers or crackers, and likely wouldn't know the difference between a rootkit and root beer. If computer spies don't match the popular media's perceptions, just who are they?

As with most avocations, computer espionage is divided into the amateurs and the professionals.

Amateurs are casual spies. Although they may have very good reasons for snooping, their livelihood doesn't depend on it. These spies have a bit more experience with computers than the average user. That doesn't mean they're extremely technical; it means only that they have taken the time to learn about various technologies that can be used for computer eavesdropping and then applied that knowledge for espionage purposes. Learning about spying tools and then acquiring them is only a point and click away with an Internet connection. When you think about these types ofspies, don't picture Tom Cruise or Sandra Bullock. Instead think of your boss, coworker, spouse, children, or the neighbor next door.

Professional spies tend to have more technical experience than the amateurs. One aspect or another of the professionals' jobs is to spy on people. This spying can be legal, as in the case of a law enforcement officer collecting intelligence for a child pornography criminal case, or illegal, in the case of a spy hired to obtain trade secrets from a corporation's network. Although these spies use some of the same tools and technologies that the amateurs use, they have a deeper understanding of the technology as well as access to more advanced and sophisticated eavesdropping tools. As with amateurs, you usually can't tell a professional spy by his or her appearance. Consider Aldrich Ames or Robert Hanssen: white, middle-class, average-looking CIA and FBI insiders who successfully spied for the Russians but blended in with society for years. Again, professional computer spies don't match the popular media's romanticized versions of espionage reality - although perhaps one or two might have a partner in crime named Natasha.

There are two reasons why it's important to have insights into the different types of spies:

  •   To understand the technical capabilities and limitations of a potential adversary. This is obvious because you want to make sure that your own security measures can withstand a spy's attempt to breach them.
  •   So you can put yourself in the spy's shoes. Throughout this book, there are sections that present spying tactics, specifically regarding how people spy on computers. In most of these sections, you're asked to put on the spy's trench coat so you can better assess your own security; to fully protect yourself, however, you need to know not only the tools and the techniques, but also the mindset of a spy. Popular culture has the saying, "What would _______ (Jesus, Gandhi; fill in your favorite wise role model) do?" When you review your security, you need to ask, "What would Corporate Spy (or whichever type of spy may be a threat) do?"

The famous Chinese military strategist Sun Tzu said, "If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle."

Throughout this chapter, the concepts of knowing the enemy, knowing yourself, and knowing both the enemy and yourself are applied to computer spying.

What Spies Are After and Who They Are

Let's start with knowing the enemy. Computer espionage is about the purposeful discovery of information or evidence. If you use a dictionary definition (in this case, the American Heritage Dictionary of the English Language, Fourth Edition), information is "knowledge of specific events or situations that has been gathered or received by communication, intelligence, or news." Evidence, on the other hand, is "a thing or things helpful in forming a conclusion or judgment." An industrial spy may be looking for secret information on a Microsoft project manager's laptop that specifically relates to the company's future and hush-hush Longhorn operating system. A wife who suspects her husband of having an online affair may be looking for evidence in e-mail messages in an attempt to confirm her suspicions. Depending on what the information is, it could evolve into evidence. For example, a phone number stored in a PDA address book could belong to a known drug dealer and become supporting evidence for a criminal case.

Remember that spying is a purposeful activity. Although the suspicious wife may have stumbled across evidence that her husband was cheating because he accidentally left an Instant Messenger window open on the family computer, that's not spying. She wasn't actively seeking the information.

The types of information and evidence gathered can be very targeted or generalized, depending on what the spy is trying to accomplish. Perhaps he is looking only for financial information that relates to an upcoming merger and will be content with snooping through spreadsheet files with accounting information. On the other hand, a government intelligence agency may examine the entire contents of a hard drive that belonged to a terrorist, seeking not only evidence, but any information that may relate to future terrorist attacks.

In addition to information and evidence, there are two other important concepts in computer espionage: The activity is typically unauthorized and unknown. In most cases, you aren't going to give explicit or implicit permission to have someone snoop through your computer. Exceptions might be in the workplace in which employee monitoring takes place or when you tell the friendly police officer that you don't have anything to hide, you don't need a lawyer, and certainly he can look at your computer. Also in some types of law enforcement investigations you won't have a say if a court has granted permission to a police agency to spy on your computer because of suspected illegal activities on your part. Remember that unauthorized doesn't necessarily mean illegal. Although breaking into a computer network to steal trade secrets clearly violates a number of laws, placing a keylogger on your son's computer without his permission to see if he talks to his friends about doing drugs would not be illegal, though it may be unethical to some people.

The second element of computer spying is that if you're the target, you don't know it's taking place until perhaps after the fact. Unlike clothing manufacturers, eavesdroppers don't go around leaving tags on computers that read "Snooped on by Spy #39." Sometimes, spies do leave tracks, but they usually aren't that obvious. Whoever is spying doesn't want you to know they are looking for information or evidence. Exceptions would be a publicized employee-monitoring program or the government's ECHELON data surveillance system (discussed later in this chapter), which is known about-much to the chagrin of those running the program.

x-ref ECHELON is an example of the government's frequent "cult of secrecy" attitude. Although the existence of ECHELON has been exposed, the government steadfastly refuses to acknowledge its existence. For more on ECHELON and other data surveillance systems, turn to Chapter 13.

So far, this discussion has all been about what spies are generally after, but we still haven't answered Sun Tzu's question of knowing who the enemy is. This is important because it gives us insights into their motivations and methods. Thinking like the bad guys is a valuable exercise in helping you protect yourself from them.

In general, spies can be lumped into seven different categories:

  •   Business spies
  •   Bosses
  •   Cops
  •   Private eyes and consultants
  •   Spooks
  •   Criminals
  •   Whistleblowers
  •   Friends and family

Let's take a quick look into the world of each type of these spies to better understand who they are and what they are after.

Business Spies-Economic Espionage

Economic espionage is a large, yet often ignored problem. Trade publications and organizations and the news media have been warning businesses about the dangers of economic espionage, formerly called industrial espionage, since the 1980s. The warnings seem to have fallen on deaf ears.

Consider these key points of a study released in 2002 by the American Society for Industrial Security, U.S. Chamber of Commerce, and PricewaterhouseCoopers, a survey of Fortune 1000 corporations and 600 small to mid-sized U.S. companies:

  •   Forty percent of the companies that responded to the survey reported having episodes of known or suspected loss of proprietary data. (Cutting away the jargon, that means someone on the inside or outside spied on them and stole company information.)
  •   Proprietary information and intellectual property losses accounted for between $53 billion and $59 billion.
  •   Economic spies are looking for information; they most commonly target research and development, customer lists and related data, and financial data.
  •   Despite the potential impact of possibly successful attacks, only 55 percent of the responding companies said their management was concerned about information loss and were taking precautions to prevent it. The implication of this is a significant number of managers underestimate or don't understand the risks and costs of data theft.

Companies suffering economic espionage attacks don't just suffer simple financial losses. They also have to contend with eroded competitive advantages, legal fees in the case of litigation, and diminished stockholder and public trust if an attack is publicized (which many are not publicizing for this reason alone).

Business spying isn't confined just to large corporations, either. Smaller companies, from mom- and-pop retailers to light manufacturers that operate at thinner margins without the cash reserves of a larger corporation, may actually suffer more significant damage from economic espionage.

Former employees, domestic and foreign competitors, and on-site contractors are the usual perpetrators of economic spying. (It's worth noting that economic espionage is very different from competitive intelligence. Competitive or business intelligence is practiced by using legal and open source methods. Economic espionage is where illegal means are used to obtain information. Granted, at times there can be gray areas, but most business intelligence professionals adhere to a fairly strict set of ethics.)

x-ref For more information on the differences between legitimate competitive intelligence and illegal espionage, visit the Society of Competitive Intelligence Professionals Web site at scip.org.

Although movies and TV shows portray corporate spies as shadowy mercenaries who cleverly break into super-secure locations, the reality is that insiders who have access to unsecured information are responsible for most economic espionage. Current or former employees with greed or revenge as motivation are much more of a threat than professional spies hired by a competitor.

The problem isn't confined only to lower-level employees. Jose Ignacio Lopez, the head of purchasing for General Motors, abruptly resigned in 1993 and took a job with Volkswagen. GM later accused Lopez of masterminding the theft of more than 20 boxes of research, sales, and marketing documents. Included were blueprints for an assembly plant GM hoped would displace VW's dominance in emerging small-car markets. In 1997, the case ended when VW admitted no wrongdoing, but settled the civil suit by paying GM $100 million and offering to buy $1 billion of GM parts over the next seven years. German prosecutors eventually dropped industrial espionage charges against Lopez, but ordered him to donate a quarter of a million dollars to charity.

Outsider attacks still occur though, and are either committed by an employee or agent of a competitor. Outside attacks typically fall into two categories:

  •   Opportunistic attack. A competitor may casually see if information may be easily accessible, akin to twisting a doorknob to see whether it's locked. Information is stolen if there's not much of a risk of discovery or involves little effort. An example of this attack is a spy using a port scanner or vulnerability-assessment tool to see if there are any holes he can exploit to enter a corporate network. If exploitable vulnerabilities are discovered, a targeted attack may be launched.
  •   Targeted attack. A targeted attack is a serious attempt to steal information. The spy has a specific goal and employs a variety of techniques to get what he wants. When the monetary stakes are high, a large amount of money and resources may be committed to a spying operation.

Because computers are used to store all sorts of corporate information, they present a prime target for business spies. Networks, laptops, desktop PCs, and PDAs are all vulnerable to attack. The technical skills that business spies have range from eavesdroppers with minimal skills, such as copying a confidential file to a floppy disk, to skilled technicians who can easily bypass a firewall to access a corporate database.

x-ref There are strict penalties for economic espionage in the United States. Turn to Chapter 2 for details.

Bosses-Employee Monitoring

Employee monitoring in the United States is growing rapidly. In the American Management Association's (AMA) 2001 survey on Workplace Monitoring & Surveillance, 77.7 percent of major U.S. companies stated that they recorded and reviewed employee on-the-job communications and activities. This amount is double what the AMA reported in its first monitoring report released in 1997.

If you work for someone else, there's a good chance the boss is spying on you. That means your e-mail, Web surfing, instant messaging, and hard drives could all be under scrutiny.

Continues...


Excerpted from Secrets of Computer Espionage by Joel McNamara Excerpted by permission.
All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.

Read More Show Less

Customer Reviews

Average Rating 5
( 2 )
Rating Distribution

5 Star

(2)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 2 Customer Reviews
  • Anonymous

    Posted April 21, 2004

    Highly Recommended

    You and your computer face a dizzying array of security threats, writes tech consultant Joel McNamara. Competitors, cops, crooks and even disgruntled kin would love a peek at your hard drive. But don¿t hyperventilate just yet. If you calmly analyze the desirability and vulnerability of your secrets, you can figure out how to protect yourself. McNamara¿s prose is surprisingly clear given the degree of difficulty of his topic, and he offers a number of useful sidebars, charts and examples from inside the tech business to juice up his instructional tome. We suggest this practical book to managers charged with protecting corporate data, and to people who are unsure just how safe their computers are.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted November 25, 2003

    Wow! Great book!

    Joel McNamara's book is one of the very, very, few books that I classify as a 'Must Read' for anyone involved in business or technology. This book does an amazing job of avoiding the 'paranoia for paranoia's sake' tone seen so often in computer security books while still taking the issues seriously and discussing them intellegently. The conversational tone is fun and often quite funny while not making the user feel talked down to. And Mr. McNamara does an equally great job of explaining very complex topics in way that works for both extremely sophisticated computer technology professionals and non-techies alike. I've brought this book around for side-discussions in the seminars I've given since it came out and my students, ranging from small business owners to 30+ year professional tech veterans in Fortune 50s have learned new and important lessons from it. For a book to address all these audiences is rare. For a book to succeed and be invaluable for all of them is virtually unheard of. This book succeeds amazingly well. I've not only read the book through in one sitting, I keep referring back to it and it's incredibly useful web site on a regular basis. Joel, thank you for writing one of the key books of the year!

    Was this review helpful? Yes  No   Report this review
Sort by: Showing all of 2 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)