THE HOT MICX is published 3 to 4 times a year, contains information of a security nature, dealing mostly with electronic eavesdropping or information loss and is provided at no cost. Reproduction of any or all of this newsletter is authorized. A Special Thanks to Dave Austin, Security Director at the Las Vegas Hilton, for his assistance. I also wanted to mention the restaurant he took Toni and I to on the night we arrived and how great the food was, but my boss she say I can't do dat, no. On the other hand, if you're in Las Vegas and want a great meal, call Dave and I'm sure he'll give you directions; as Justin Wilson would say 'I garrronteee, you can't go wrong". Get your facts first, and then you can distort them as much as you please. TSCM Seminar The next TSCM seminar is tentatively scheduled for 4-5 or 11-12 November 1993 in Las Vegas, NV and will probably be presented at the Sahara Hotel and Casino. The actual date will be determined in September. To be more responsive to your requirements and to assist in your scheduling, I am establishing a special mailing list for those indicating a desire to attend future sessions. Information, such as dates, locations, times, etc., will be sent by First Class mail. So, if you are considering attending in November (or a future session), now might be a good time to drop me a note to insure you will be kept apprised. Other than updating you, you won't be bothered and there is no cost. Speaking of seminars, only two people were in attendance this session. Two canceled due to ongoing corporate investigations and pending court appearances, one had been in the hospital with chest pains and two (who called the week after the seminar) were unable to attend due to late receipt of mail. One failed to show or followup after he asked me to reschedule for mid May so he could bring his wife for her birthday. There was a time when father amounted to something in the United States. He was held with some esteem in the community; he had some authority in his own household; his views were sometimes taken seriously by his children; and even his wife paid heed to him from time to time. Phone Modification? 
Arrows indicate to microphone In questioning why the other set were not modified in a similar manner, it can be supposed a) this was an inadvertent action, b) it was performed by someone not knowledgeable of the requirement for both sets of switches being bent, c) a piece of metal or wire may have been inserted between the second set of contacts and fell out or was removed, d) this may have been an obvious attempt to hide a more clandestine installation somewhere else within the area or e) it was hoped it would be found and cause unnecessary concern. Bugging Attempt?
Justice is justice though it's always delayed and finally done only by mistake. During several recent TSCM sweeps, conversations taking place on cordless telephones were intercepted; they had originated from within the area being examined. Cordless telephones are a convenience feature of our society; that no longer means they have to be a source of intelligence or entertainment for anyone having a radio scanner. Scanners can easily be programmed to sweep the assigned frequencies of cordless phones and a neighbor, friend (?), competitor, etc. can listen to some of your most personal or private conversations without your knowledge. In essence, you have bought a bug and are using it. 
How do you protect yourself---Purchase one of the new secure cordless phones built by AT&T or Motorola. The conversation between the handset (you're walking around with) and the base set (which should be plugged into the wall phone jack) is encrypted utilizing DES (digital encryption standards) similar to that used in government equipment. A Motorola version, The Motorola Cordless Telephone, Model EMP 550, is available through Sears, Circuit City, Silo or other similar retail organizations at a price of approximately $230.00 (I don't have information on the ATT version, but if you need it, call). If you absolutely must use a cordless phone in your business dealings, why not use a secure one. When you meet a man, you judge him by his clothes; when you leave, you judge him by his heart. Receipt of this issue of the Hot Micx means that I have completed my annual updating of the mailing list. If you're new, welcome and I hope you find the contents enlightening, informative, and occasionally uplifting. Please check the name and address and provide any corrections necessary. If you're listed simply as Director Corporate Security or some similar listing, please include your name to insure receipt. Executive ability is deciding quickly and getting somebody else to do the work. Dateline London--The AZ Republic, May 19, 1993--A husband, suspicious his wife was having an affair, bugged her phone. Results: she was having an affair, she had tried to poison him, and she was planning to have her former lover shot in the kneecaps but she couldn't raise the money necessary for the hit. The absent are always in the wrong. A friend with a Major international organization called after receipt of the last newsletter and told me his company had requested and received the Espionage and Counterintelligence Awareness Program briefing by the FBI. He indicated it was informative and should be requested by your organization, especially if you are doing business in foreign countries. If I read him right, he too, felt the information was years late in being developed for dissemination to the private sector. Having also been in the intelligence community, he felt there was little that was really new. But I must stress, it was informative and is definitely useful (If anyone in the Phoenix area requests the briefing, I would appreciate being invited). Every man who is high up loves to think that he has done it all himself; and the wife smiles, and lets it go at that. -James Matthew Barrie A complete newsletter could be devoted to the article recently sent to me by Bob Runyon. It was printed in the April 18 1993 issue of the Miami Herald and deals with industrial espionage, primarily that conducted by and/or with the knowledge of foreign governments. Their targets are mostly American Businesses (electronics, defense, aerospace). Information theft is accomplished primarily with your help and assistance. You hire the employee without a thorough background investigation and grant him or her almost unlimited access to information not required to accomplish their job. You allow access to sensitive information by not providing training or secure storage means to international travelers. (It appears it may be a common occurrence to have briefcases and hotel rooms searched.) You give the information away through your trash or lax physical and electronic security procedures. You have the attitude 'It couldn't happen to us at this location; there's nothing classified or sensitive going on here. They would rather have you do the majority of the R & D work and then reap the benefits of stolen secrets or information. Who are some of the targets? In addition to the obvious targets, include consultants, lawyers and financial organizations involved in foreign expansion plans and joint ventures, US Commerce, Agriculture and Treasury departments, American businesses, especially those involved in government product development and research, defense and aerospace, and those having commercial applications. Did I leave you out? What can you do? Review your procedures for protection of information. Establish a program of indoctrination and training so your foreign travelers can be prepared. Revamp your information protection program. Don't be afraid to go for outside help. A good manager or executive is one who knows their limitations. No one is expected to know everything, just where to go for the help. If you're not sure where to begin, a quick review of the last issue of the Hot Micx will reveal an article on Information Protection. It contains areas of prime concern, areas in which information losses occur. It was provided, not for self gratification, but as an assist in improving your security program. These are just a sampling of the weaknesses or problems noted during almost all TSCM surveys performed by TSCI. A thorough physical security and information loss detection survey would result in even more. By the way, eavesdropping and wiretapping is also being employed. To combat that, you'll need a secure room and a secure phone for conversations and faxes. Who's doing it? Known or suspected are France, Germany, Italy, Japan, Taiwan, Israel, Russia, Poland, Chinese, and practically all other countries in the world. You will be better advised to watch what we do instead of what we say. Dateline Phoenix--The Arizona Republic, June 2, 1993----Remember when your phone system was installed and you asked if it could be manipulated by someone from outside. I'll bet you was assured that could not happen. Your phone system was designed to provide only so many features and nothing more could be done. Well, for those of you who have attended any of the TSCM seminars presented by TSCI, you'll probably remember I stressed the fact NO phone system is safe from tampering. Point: employees of a telecommunications company here in the Phoenix area who installed the telephone system in use for special event ticket sales used their knowledge of the system to 'cut in" on the phone lines for the purpose of purchasing tickets to the Phoenix Suns home playoff games. They were able to manipulate the system from their own homes in purchasing the tickets. Although they may not have been the ones who did the actual installation, it was stated they possessed the knowledge to bypass the system's security measures. Knowledge of the hardware and software of todays communications systems makes them extremely vulnerable to potential compromise. At least as far back as twelve years ago, I was able to cause electronic telephone systems to do things they were not designed to do, albeit, inadvertently. But my point is that if I can do it by accident, not knowing anything about the system, what can the hacker, system specialist or expert do. Protect yourself! Have your system installed in such a manner that the programming features are accessible only through positive actions controllable by you. Don't allow uncontrolled access through the modem hookup. Establish an audit system to determine what has been done or attempted, especially on certain key circuits. Educate company employees regarding what to do in the event unusual or suspicious action occur with their telephone. Explain what some of the unusual actions might be--the microphone light lit when entering the office; inadvertent transfer or improper connections; loss of line for no explicable reason; etc. Don't expect a security consultant to be able to provide you with a guarantee your system is safe. Don't expect the average security consultant to be able to do a security evaluation of it, either. There are hundreds of telephone systems in use and they all have their own little operating quirks and idiosyncrasies. Doing business without advertising is like winking at a girl in the dark. You know what you are doing, but nobody else does. Recently, I performed a limited survey of a large resort meeting room prior to corporate activity. A major audio visual organization had been contracted to supply audio and video support. One of the things they were providing was an FM wireless microphone for use during the question and answer session of the closed meeting. During my initial RF examination I located the basic frequency, approximately 175 MHz, and numerous harmonics. The microphone was left on at all times to reduce the popping noise in the speaker system. When the problem was explained to the A/V personnel, they willing hooked up a cable connected microphone. They were not aware of the potential security hazard presented by the wireless microphone. More: the resort also provided approximately 5 wireless microphones for similar use in smaller meetings. Operating frequencies of the units ranged from approximately 130 MHz to 185 MHz. There were harmonics (signals) containing audio from near the FM radio band to above the cellular band - appx 120 MHz to 1,000 MHz. Lesson: Why install a bug when you are providing the medium for me. Advice is like snow; the softer it falls the longer it dwells upon, and the deeper it sinks into the mind. Another thing noted during a TSCM examination-cleaning persons reading correspondence on desks. This was on a weekend when almost no one was around. It's a pity the room occupants can't see that occurring; perhaps it would cause them to rethink their policy of leaving information out when the room is unoccupied. Growing old is no more than a bad habit which a busy man has no time to form. How often have you wanted to initiate a change in security procedures but was afraid it wouldn't be accepted by the CEO or president. Take a chance, you may be surprised at his reaction. Point: For several years I have been performing examinations of certain key areas within an organization, to include the executive level. Recently, the CEO had to be in the security office to have his picture made. While there, he asked to have the security system explained. I understand that after spending approximately 1/2 half hour with the operator, he thanked him and left. A few days later, he forwarded instructions directing that access to certain key areas be heavily restricted, cameras and locks be placed on certain entrances, the locks changed to his office and boardroom and the number of keys restricted. Executive are sometimes smarter than we give them credit for and are open to suggestions, especially if you can come up with reasons and documentation to back up your requirements or desires. In closing, I would like to repeat a couple of things; If you remotely think you'd like to attend the TSCM seminar this November, provide your name and address. This time, I must have at least four scheduled by 1 October or I will cancel, mainly because you need the people there to exchange ideas with and secondly, I didn't set out to be a non profit organization. As in the past, attendance will be limited to 12 or less. As a general rule, attendance is limited primarily to those receiving The Hot Micx and corporate security, law enforcement and government agencies. On occasion, persons from the private security sector have been invited. The restrictions were established due to the sensitive nature of the information discussed. And remember, if you've attended in the past, you're welcome to attend any future session at no cost, space permitting. Beware the fury of a patient man. |
In the same area, the physical examination disclosed what might have been a "bugging" attempt. Under an item of furniture, an area approximately 1 in. X 3 in. was noted when a beam of light was shined at an angle and appeared to be where double backed tape may have been stuck (Double backed tape is often used for temporary installations of objects or wire to the bottom or side of a surface). Additionally, two pieces of clear tape were located, spaced approximately 12 in. and 24 in. from the end of suspect area. This might indicate a previous placement of a transmitter and antenna.