Shhh… CIA's Declassified Archives – Highlight American Vulnerabilities

The US Central Intelligence Agency released on Thursday a trove of newly declassified “Studies in Intelligence” documents on its homepage.

The move was the result of a long-running lawsuit between the agency and a former employee Jeffrey Scudder – according to the Washington Post (see video clip below) – whose CIA stint includes a 2-year spell looking after the agency’s historical files which ultimately ended his CIA career after he submitted a request under the Freedom of Information Act to release records of old clandestine operations he believed should have been made public.

Amongst the 249 documents released, spanning from the 1970s to 2000s, there’s one labeled “Analyzing Economic Espionage” which attempts to examine foreign intelligence operations against US economic interests beyond the scope and threats of technological advances – including the focus on certain traits of Americans that make them vulnerable to foreign agents, ie. resulting in a threat to the US.

“Foreign intelligence services are more inclined to operate against American targets outside the US” and “some intelligence services that stop short of recruiting US citizens use intelligence operatives to elicit information from them; the targeted American is unwitting of his interlocutor’s intelligence connection”.

CIAclassified

The 7-page document listed “certain personality attributes that increase our vulnerability”:

– Americans like to talk. We tend to be sociable and gregarious, even with casual contacts. We want to be liked, especially by foreigners, because many of us are still trying to overcome an “ugly American” complex. We place a higher premium on candor than on guile, on trust than on discretion.

– Many Americans do not know foreign languages, which in some respects puts them at a disadvantage when living in foreign countries. This does not mean we are “innocents abroad,” but it may make us less likely to pick up clues of suspicious behavior. Americans who do not know the language of a given country may forget that nationals of that country in a position to overhear their conversations often do know English.

– Many Americans are ambitious, oriented toward job advancement and professional recognition. Inevitably, some morally weak individuals are willing to sacrifice personal integrity in pursuit of their career goals.

More US Cyber-Spying?

Defense Secretary Hagel Faces a Tough Time Explaining This to China

US Defense Secretary Chuck Hagel announced at the National Security Agency headquarters last Friday that the Pentagon would triple its cyber security staff – to 6,000 – over the next few years to defend against computer-based attacks.

That’s great. I wonder how Hagel is going to face the music when he visits China later this week where he expects to be grilled on the latest NSA revelations and aggressive US cyber spying. Just last month, it was revealed that the NSA has for years assessed the networks of Chinese telecommunications company Huawei, which the US House of Representatives has long advocated that US companies should avoid on the grounds of national security.

Find out more from my latest column here and there.

When the Boss Hacks

Hot Mails

There is an unspoken underlying tension in the workplace on privacy matters relating to office telephones, computers, emails, documents, CCTV cameras, etc. Employers like to think they reserve the right to probe what they consider their property while employees believe their turf is clear from invasion.

This tension is nowhere better exemplified than by reports last Thursday that operatives with US tech giant Microsoft Inc. hacked into a blogger’s Hotmail account in the course of an investigation to try to identify an employee accused of stealing Microsoft trade secrets.

And it is not uncommon in my business to encounter client complaints about potential espionage and other alleged misconduct by their employees, leading to their consideration to search the (company-owned) computers, emails, phone records, etc.

Find out more from my latest column here and there.

Security Lapse at the EU Summit

Security officials leave an easily tapped device in closed-door conferences of European leaders

In photos made public of several closed-door bilateral meetings between various European leaders last week, there were two common denominators. One was the presence of the French President Francois Hollande. The other was the VoIP phone on the desk. The question is: What is that phone doing there?

In the middle of a major brouhaha over charges that the US National Security Agency had allegedly monitored the phone conversations of foreign diplomats, the officials in those photos were speaking to each other in the presence of this easily-tapped device.

What these these photos highlight is a security lapse, thus generating many questions: What else have European countries missed and not done to better protect their leaders from American or any eavesdropping?

You can find the entire column here and there.

The Demise of the Cloud

NSA Snooping Compromises the Cloud Computing Industry

Facebook CEO Mark Zuckerberg complained last week that trust in social networks and Internet companies has dived ever since cyber snooping and spying activities by the US National Security Agency began to make global headlines earlier this year.

It is no surprise. In fact, as fugitive former NSA operative Edward Snowden pointed out, the encryption system adopted by the International Organization for Standardization and its 163 member countries were actually written by the NSA, convincing proof that online platforms being used by Internet companies and the commercial world, including banks, could in fact be easily compromised by the NSA.

In other words, the NSA designed their own secret back door into the global encryption system for their convenience. So until the encryption system has been overhauled and taken away from NSA’s control, no server and no cloud service provider is secure enough to be entrusted with any confidential data.

So why then are blindly trusting companies still moving ever more data into the cloud and onto servers, where online access to highly confidential information related to clients, customers, employees, deals, business plans and performances, etc., is available to the US snoops?

You can find the entire column here.

The Spying Game

Spies in the newsroom? Or spying on newsrooms? There’s far too much of both

(The Inside Story of the Bloomberg Spying Scandal – and Snooping on the Associated Press – and Some Remedies.)

I often get strange, tough questions from the clients of my business intelligence and commercial investigation firm, but the recent bombardments highlight a new trend: bloated or irrational paranoia, depending on your take.

Should I stop using emails? Would you recommend a personal VPN? Is it safer to discuss in person than over an electronic device?

Just last week, one client pondered whether he should be using the Bloomberg terminal and another questioned if his phone, video and Skype calls were safe. I can’t blame them. Just look at the headline news the past week alone…

Please read the full column here.

Big Brother Meets Big Data

The Security Assault on Social Networks

Forget hacking. It works but it’s illegal.

Big data mining is the future of cyber espionage. It is not illegal as long as the data is open source and in the public domain. And all that data on “open” social networking Web sites are most vulnerable.

Two recent commercially developed software packages could soon be giving your government and employer and possibly anyone else who is interested – ways to spy on you like never before, including monitoring your words, your movements and even your plans now and into the future.

Please read the full column here and there.

DIY Counter Espionage

Spying on Spies

The FBI probe into the scandal involving former CIA director David Petraeus and his mistress may have stolen global headlines the past week.

But there is something else the FBI knows that should warrant more attention. Something closer to those of us less exalted than the boss of the world’s most famous spy agency.

The FBI is known to have video footage, covertly taken in a hotel room somewhere in China, showing how Chinese agents broke in and swept through the belongings and laptop of an American businessman.

There were recent media reports of similar incidents. The FBI is now showing the clip as a warning to corporate security experts of major US companies.

The FBI also warned some months ago about the risks of using hotel wi-fi networks and recommended all government officials, businessmen and academic personnel take extra caution when traveling abroad.

Whilst the corporate world is often most at risks, the average citizens are also highly vulnerable, especially to electronic surveillance on home and foreign soil.

So what can one do to protect the personal data and business secrets on the computers, especially when traveling abroad?

Please read full article here and there.

Spy Game: Kids for Tricks

The First World’s Version of Child Soldiers?

It is estimated that 250,000 children are fighting in wars all over the world, recruited by force or lured by the false promise of an escape from poverty. They are living a life no child should ever lead.

But across the planet, another crop of children, living in affluence in Cupertino, California, or Knightsbridge in London, or Berlin are being recruited as child soldiers. They won’t bear arms. They won’t nudge from their posts – usually in their parents’ back bedrooms.

On Halloween, while their peers are wearing goblin costumes and going from door to door, their families might regard them as hiding in their bedrooms and staying away from trouble.

But so you thought. They may be in much bigger trouble than you could ever imagine – they could be on a Wanted List from intelligence agencies – for hire. But in their teen years, are they capable of making the moral decisions to take up spying, any more than a 12 year old peering over the sights of a Kalashnikov in Sierra Leone?

Read the full article here.

How to Beat the CIA and Protect Your Data

A little secret and long overdue column – as I have promised some weeks ago.

How about leading a cyber lifestyle without the risks of compromising your computer, privacy and precious confidential data… ie. your life?!

There’s an easy solution and you do not have to be a computer expert. But the CIA, MI6, etc, wouldn’t want you to know the trick… because you can beat those spies and hackers by going online and leaving no trace.

Read the full article here.