The CI Shield - WikiLeaks

The CI Shield Your Counterintelligence News Source

V o l u m e

Overview: This newsletter presents real world examples of threats posed against corporate proprietary and U.S. military technologies.

Goal: Educate readers for methods used to exploit, compromise, and / or illegally obtain information or technologies

INSIDE THIS ISSUE

Postcards containing Cold War spy messages unearthed

1

Beijing's spies cost German firms billions

1

UAE Government bugs BlackBerrys with spy program

2

Australia: Terrorism and Cyber Espionage Top Concerns

3

Corporate spying aided by data explosion

3

Russian spies targeting the US anti missile shield in Poland

3

Russia consul general engaged in espionage

4

Criminal charges in Colombia spy scandal

4

German Bank Spy Scandal Widens

4

DVR Camcorder Embedded Within Electric Shaver

4

1 ,

I s s u e

2

1 5

J a n u a r y

2 0 1 0

Postcards containing Cold War spy messages unearthed Telegraph.Co.Uk, 24 Jul 09: The messages are covered in cryptic text based around a series of chess games and were posted in 1950 to Graham Mitchell, the then deputy director general of MI5. They were sent from what is thought to be an undercover agent in Frankfurt. The German city was a hub of espionage activity at the time as it was well positioned for spying on both the East and West. Experts believe the short memos could be code sent between spies during the Cold War. But they are not sure which side the men may have been spying for as Mitchell was suspected of being a secret Soviet agent at the time. Following a series of operation failures he was put under investigation along with the director general Roger Hollis. He was even suspected as being in cahoots with the notorious Cambridge Five and was named by the Spycatcher author Peter White as a spy. No evidence was found against them but Mitchell took early retirement in 1963 as a result of the investigation. The postcards were found by a member of Mitchell's household staff who kept them for more than 50 years. They are now expected to fetch £1,000 when they are sold at auction on Monday. The postcards were delivered to Mitchell's address in Chobham, Surrey, were all sent from a Dr Edmund Adam in Frankfurt. They are written on typewriters and dated throughout 1950. Each of the messages revolves around chess, with a discussion of various moves and games written out in the text. They each contain a series of numbers recognizable as chess moves, used by correspondents to play games at a distance. One postcard, dated June 16, 1950 said: "Without against Dr Balogh I always have now hard fights in my games. "Against Collins I have been fallen into a variation of the Nimzowich-defense who surely should be lost! "I shall try to find a new idea for defending. But only a little hope. But all my games go forward in a quick way. "Have I sent to you any games from me? And what happened in your games? "9. ..5435 10. 1432 12.-16./6. 16./6. = od" Gordon Thomas, author and expert on the history of MI5 and MI6, said chess moves were a common way of communicating during the Cold War. He said: "Mitchell was head of counter-espionage at MI5 and would have been responsible for recruiting double agents with the aim of getting them into the KGB networks "Frankfurt was a hub of activity for secret intelligence at that time, and was well and truly stocked by the agents of both East and West. "This method of exchanging messages by postcards was well-known and very common. "The Russians in particular favored using chess as a method of communicating. It was a great national pastime and information would often be disguised as chess. Beijing's spies cost German firms billions SMH.Com.Au, 25 Jul 09: Germany is under attack from an increasing number of state-backed Chinese spying operations that are costing its economy tens of billions of Euros a year, a leading German counterintelligence agent has said. Walter Opfermann, an expert on espionage protection in the office for counter-intelligence for the state of BadenWuerttemberg, said China was stealing industrial secrets using an array of "polished methods" from conventional spies and phone-tapping to the internet. Mr Opfermann said methods had become "extremely sophisticated" to the extent that China was now capable of "sabotaging whole chunks of infrastructure", such as Germany's power grid. "This poses a danger not just for Germany but for critical infrastructure worldwide," he said. Russia was also "top of the list" of states using internet spying techniques Continued on the next page

Page 1

The CI Shield The views expressed in articles obtained from public sources within this product do not necessarily reflect those of the New Mexico Counterintelligence Working Group

The New Mexico Counterintelligence Working Group (NMCIWG) is comprised of counterintelligence, cyber, intelligence analysts, legal, and security professionals in the New Mexico business community

The NMCIWG membership includes representatives from these agencies: 902nd MI, AFOSI, AFRL, DCIS, DOE, DSS, DTRA, FBI, ICE,

to garner German expertise, which "helps save billions on their own economic research and development". Russia had only "hundreds of thousands of agents", compared with China's 1 million, but it had "years more experience". Mr Opfermann estimated that German companies were losing about €50 billion ($87 billion) and 30,000 jobs to industrial espionage every year. The areas most under attack included car manufacturing, renewable energy, chemistry, communication, optics, X-ray technology, machinery and armaments. Information being gathered was related to not only research and development but also management techniques and marketing strategies. Internet espionage was the area of biggest growth, Mr Opfermann said, citing the "thick fog of Trojan email attacks" taking place regularly against thousands of firms and the methods used to cover up where the emails came from. "Old-fashioned" methods were also rife, such as phone-tapping, stealing laptops during business trips or Chinese companies that regularly sent spies to infiltrate companies. "We've dealt with several cases of Chinese citizens on work experience in German companies who stole highly sensitive information from them," Mr Opfermann said. In one case, a highly qualified Chinese mechanical engineer employed by a company in southern Germany was found to have passed on information for a machine it was developing to the company's Chinese competitor, who built an exact copy. "As is often the case, the man disappeared and went back to China. So often the attacker is way ahead of the game and it's also hard to find out who they've been working for," Mr Opfermann said. In 2007 the consultancy firm Corporate Trust estimated that about 20 per cent of German companies - mainly small and middle-sized ones - had been victims of industrial espionage. UAE Government bugs BlackBerrys with spy program Los Angeles Times, 24 Jul 09: When BlackBerry users in the United Arab Emirates were urged to download what they thought was a routine software upgrade, they had no idea that by doing so they were installing a surveillance program that gives the state-controlled service provider Etisalat unfettered access to their personal mobile devices. After finding out, over half of Etisalat’s customers, many of whom conduct sensitive business on their BlackBerrys, say they intend to cancel their contracts immediately, according to a poll conducted by Arabian Business and published by local tech-news website itp.net, which has been following the story closely. The spyware was traced to SS8, an American company specializing in what it calls "lawful interception." On Tuesday, the Canadian company that makes BlackBerry issued a statement denying any connection to the bugged application. “Independent sources have concluded that the Etisalat update is not designed to improve performance of your BlackBerry, but rather to send received messages back to a central server,” the statement read. The UAE includes the boomtown citystate of Dubai, which has sought to attract major foreign companies with infrastructure and tax incentives, but continues to struggle with concerns over transparency and workers’ rights. The scandal could damage Dubai’s reputation as a secure and business-friendly corporate haven. Investigations by local programmers have revealed that once installed, the application allows Etisalat to activate the spyware from its servers, granting the company access to e-mail, text messages and stored personal and contact information. Ironically, it was Etistalat's own blunder that led to the discovery of the alleged breach of privacy. So many people rushed to install the patch that the servers were overwhelmed, leading to unusual battery drain that aroused the curiosity of BlackBerry-toting techies. “The interesting thing is that no one would have known about it if they’d set up the registration server correctly,” Nigel Gourlay, a Doha, Qatar-based programmer who analyzed the application, told itp.net. “I think that this whole system has been designed for law enforcement agencies to be deployed on a few dozen suspects’ BlackBerry devices,” he added.

MDA, NAG, NCIS, Sandia Labs, and the U.S. Attorney’s Office

Page 2

The CI Shield

The NMCIWG also produces a daily Cyber Threat newsletter for Information Technology and Security Professionals. To subscribe to this newsletter please click HERE.

To subscribe to this espionage newsletter please click HERE. In the email text please include the name of your employer, your name / job title / phone number and if you are interested in having a NMCIWG representative contact you for additional cyber security or counterintelligence assistance.

Australia: Terrorism and Cyber Espionage Top Concerns ABC News, 29 Jul 09: The new head of ASIO, David Irvine, has broken his silence after four months in the job, warning the recent bombings in Jakarta show that Australians are at risk overseas and at home. He says Australia's domestic spy agency remains focused on countering terrorism and that in the wake of the recent bombings Australia and Indonesia continue to cooperate closely. But he also says that cyberespionage is an emerging threat that will require extra effort from his agents. David Irvine has been the keeper of some of Australia's darkest secrets for more than a decade. He was ambassador in Papua New Guinea, then Ambassador to China before he was appointed to head the highly secretive foreign spy service ASIS in 2003. Now that he is the head of the domestic spy agency, ASIO, Mr Irvine is venturing back out into the open. If that's what you can call a speech to the Institute of Professional Intelligence Officers in Canberra. "It is a new experience for me or at least a renewed experience to me to actually talk to a public audience," he said. He says the agency he started running at the end of March is still focused on counter-terrorism, and as the recent attack in Jakarta showed the risks to Australians remains real. "I can put it no more starkly than to say that the potential continues for serious threats to Australia, Australians abroad and at home," he said. While the world of terrorism continues to garner the headlines more attention is being paid to espionage. Espionage slipped off the radar after the September 2001 but ASIO has been using some of its large recent boost to its funding to bolster its counter espionage program. Mr Irvine says enemy spies, turbo-charged with internet tools, pose a potent new threat. "'Beware of cyber Greeks bearing gifts' should now be our maxim as the conduct of the business of government and of industry is increasingly transferred to the digital medium," he said. "Today we see constant attempts by cyber means to steal secrets as well as information vital to the effective operation of critical national infrastructure, not to mention commercial intelligence." Corporate spying aided by data explosion UPI, 29 Jul 09: Corporate espionage is becoming more common and easier to perpetrate thanks to companies storing sensitive data in accessible computers, experts say. Former and current employees, business acquaintances and others who possess or can guess proprietary passwords are becoming corporate spies in an era when companies are allowing employees to access sensitive data using Internet services and personal digital devices, USA Today reported Wednesday. "Having more sensitive information being seen by more people and accessed on more devices drives up risk significantly," Kurt Johnson, vice president at Courion, a supplier of identity management systems, told the newspaper. The economic downturn is also spurring more corporate espionage as competitors fiercely seek any advantage they can find and laid-off employees are tempted to leverage the information they possess. "Mass layoffs have increased internal threat levels dramatically," Grant Evans, CEO of ActivIdentity, which makes smart cards and security tokens, told USA Today. A company's information technology workers can also turn to corporate spying. A survey conducted by identity management systems supplier Cyber-Ark Software, indicated that 74 percent of the pros said they knew how to circumvent security and 35 percent admitted doing so without permission, the newspaper said. Russian spies targeting the US anti missile shield in Poland Warsaw Business Journal, 29 Jul 09: Rzeczpospolita reports on what it calls the largest spy affair in Poland in recent years, which could seriously bring down relations between Russia and Poland. At the end of April earlier this year, before a meeting between Foreign Minister Radosław Sikorski and his Russian counterpart, Sergey Lavrov, Interfax agency informed that Polish authorities had expelled two Russian military officials from the country. Meanwhile Russia had done likewise with two Polish officers. The whole issue was carried out by secret services. The daily reports that it is now clear that the two Russian officers, Aleksey Karasajev and Sergey Peresunko, were Russian spies who tried to find out as much as possible about the plans related to the location of the US anti missile shield, new technologies in the Polish army and everything related to Poland's interactions with NATO.

Page 3

The CI Shield Reminder: If you are asked to provide sensitive / classified information that the requestor is not authorized to receive, IMMEDIATELY notify your organization’s counterintelligence officer or security manager

Reminder: Email poses a serious threat to sensitive information. If you receive an email that seems suspicious do NOT open, delete, print, or forward the email without the assistance of your organization’s counterintelligence officer or security manager

Reminder: If you are traveling out of the U.S., attending a scientific conference, participating in a DoD / scientific test event or hosting a foreign national to your home or facility you need to immediately notify your organization’s counterintelligence officer or security manager to receive a threat briefing

Russia consul general engaged in espionage Zik.Com.AU, 31 Jul 09: Russia consul general in Odesa Aleksandr Grachev was incriminated in creating a Russia-controlled network to further the Russian influence, The Ukrayinska Pravda quotes its sources in Ukraine special services as saying July 31. Grachov had large sums of money funneled to him secretly to pay for his illegal activities. “In fact, Grachev was involved in espionage aimed at pushing Russia’s political agenda for Ukraine. He established contracts with noted Ukrainian politicians, the source says. He asked his noted contacts to prepare written memos about how to implement Russia’s policy regarding Ukraine. These memos were then shown to Vladimir Putin, the source confirms. Grachev was directly behind the under board financial backing for the pro-Russian Rodina party led by Ihor Markov. By manipulating with funding, Markov and Grachev used some of it to buy an apartment in the White Sail condo where Markov’s party office is located. Grachev is likely to stay in Ukraine, as Ukraine FM decided to revoke its demand for his expulsion as a sign of good will. As regards the already expelled Vladimir Lysenko, the source claimed that the diplomat was involved in active subversive and reconnaissance operations in Ukraine. For instance, he established contacts with local officials to obtain information about Ukraine’s position at the talks on the Black Sea Fleet, the source indicated. Lysenko was also looking for ways to obtain leverage over the Crimean Tatars to remove the present pro-Ukrainian leaders and replace them with obedient ones as well as to create structures alternative to Majlis. The diplomat, jointly with the FSB agents attached to the BSF, organized protest rallies, notably, during the visit of NATO vessels to Sevastopol as well as coordinated picketing by rightist pro-Russian organizations. Criminal charges in Colombia spy scandal Associated Press, 1 Aug 09: BOGOTA - At least eight former officials of Colombia's domestic intelligence agency surrendered on Friday to face criminal charges for allegedly spying illegally on opponents of President Alvaro Uribe including judges, journalists and human rights workers. They are among 10 former officials whose arrests were ordered Thursday night and include ex-intelligence and counterintelligence chiefs in the DAS security agency, which reports directly to the president. One of the former officials still at large, former DAS deputy director Jose Miguel Narvaez, is also under investigation for murders committed by far-right death squads. If convicted of criminal conspiracy, the 10 face prison terms of up to six years. In its arrest warrant, the chief prosecutor's office said the accused "under the guise of protecting national security ended up persecuting people who were fulfilling constitutional duties" such as Supreme Court justices and lawmakers. They said the illegal espionage began in 2004 and continued until early this year. German Bank Spy Scandal Widens Wall Street Journal, 3 Aug 09: BERLIN -- A detective at the center of the Deutsche Bank AG spying affair says the international banking giant's effort to monitor its critics was more extensive than previously disclosed in that it involved a plan to target as many as 20 people, including a number of investors. The detective's statements appear to contradict the bank's assertion that the spying affair was limited in scope. The affair came to light in May when Deutsche Bank said it had discovered efforts involving "questionable investigative or surveillance activities" directed by its corporate security department and outside contractors. DVR Camcorder Embedded Within Electric Shaver Malebits.Com, 13 Jul 09: This is a ultra-small digital spy camera that hidden in a shaver, it looks like an ordinary shaver , but it has a very powerful function, the most interest is that it internally hides a smallest camera DVR , it does not need any external plug-in card, built in memory 4GB itself, can work up to 7-8hours. there is time date stamp for the record, you can get the most authentic evidence for a variety of illegal behavior. Ideal for CIA agents ,police, detective, and spy agencies! Features: Real time recording in AVI video format; color video with voice; 640*480 resolution; record time : up to 2h for 1GB of storage space.

Page 4