Bosses buy Bond gadgets to protect company secrets

Spy-tech goes high tech

By Steve Ranger, 17 November 2006 09:00

NEWS

It's not just James Bond that gets to play with all the cool gadgets. More and more business executives are investing in secret agent-style hardware to make sure their top secret company plans stay under wraps.

Bug-detectors disguised as fountain pens, keyboards that can secretly record everything typed on them and clock radios with hidden cameras - devices once only of interest to spies are now being bought by company chiefs that fear they are being spied on.

Julia Adams, director of surveillance gadget store Spymaster, told silicon.com : "The majority of the customers are buying counter-surveillance equipment. The majority are concerned with what is being leaked. They want to make sure they aren't being bugged and that the competition isn't listening."

Security from A to Z

Click on the links below to find out more...

A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day

Some executives carry pocket-sized bug detectors when they are in meetings - on their own premises or elsewhere - which vibrate if they pick up on eavesdropping equipment.

Adams said that people usually pay the shop a visit because they have a feeling that something is not quite right - and as she points out "more often than not that feeling is correct". Once they have equipped themselves with counter-surveillance gadgets, executives often come back and stock up on surveillance devices so that they can then find out which member of staff in their office has been leaking information.

Business chiefs may well be right to watch their backs. We're certainly a nosey lot in the office - according to a survey of 2,000 office workers commissioned by Samsung Electronics, 57 per cent of respondents have found and read confidential information on a printer, and 21 per cent admit to having read confidential information on a colleague's monitor.

And it's not just staff leaking company secrets to rivals that company bosses have to watch out for. With the end of the Cold War corporate espionage is hotting up instead.

According to MI5 (as the UK Security Service is commonly known) foreign intelligence services are now targeting commercial enterprises "far more than in the past", in an attempt to get their hands on communications technologies, IT, lasers, optics and electronics, just to name a few targets.

At least 20 foreign intelligence services are operating to some degree against UK interests, MI5 warns, trying to get secrets from people by exploiting technology such as communications and computer systems. This means as well as buying counter-surveillance gadgets to protect themselves, companies need to make sure their computer systems aren't coming under attack.

MI5 has a list of IT security advice on its website. It warns electronic attacks may come from a range of sources - criminals, foreign intelligence services, lone hackers or terrorists. Companies should conduct a risk assessment to establish whether they are at particular risk of an electronic attack, it warns. Indeed its sister agency MI6 recently advertised for techies to help keep its own networks secure.

Other recommendations include:

  • Buy IT from reputable manufacturers and suppliers.

  • Ensure that software is as up-to-date as possible. Consider checking for patches and updates at least weekly.

  • Ensure that internet-connected computers are equipped with antivirus software.

  • Always ensure that your information is regularly backed-up.

  • Try to ensure that those who maintain, operate and guard your systems are reliable and honest.

  • Seek regular security advice from system and service providers and make sure you act upon it - pre-empt attacks instead of waiting for them.

  • If there are particular categories of material you wish to protect, you could consider encryption.

  • Take basic security precautions in order to prevent software or other information falling into the wrong hands. Implement a programme of security awareness amongst your staff. Train them not to leave sensitive material lying around and to operate a clear-desk policy.

  • Invest in security cabinets and fit locking doors.

  • Ensure the proper destruction of confidential material.

Comments

There are 3 comments. Join the discussion

  1. 1. Welcome to the James Bond-wagon

    MI5 must be the laughing stock of internal security organisations worldwide - "Ensure that internet-connected computers are equipped with antivirus software."?

    This is terrible advice. The Internet is by no means the only source of viruses in an organisation. Employees plug all manner of data storage devices into their PCs from CD-ROMs to memory sticks containing junk they downloaded at home or bought at dodgy computer fairs and these are just as often a source of infection.

    ALL computers should be equipped with AV software and employees should be prohibited from plugging any unauthorised computer into the network.

  2. 2. Richard

    Why this paranoia about "secrets"?

    "Secret formulae" "worth a fortune" exist mostly in fiction.

    Most organisations need to spend more effort on mundane matters which satisfy their customers:

    For example, two retailers will not get more orders from me:

    One wrongly described an item; refused to check it before dispatch; eventually refunded the cost of the item but refused to refund the postage.

    I bought & paid for an item at the "shed" of another retailer. Due to previous problems, I asked for assurance that the transaction was correctly recorded as "paid." Subsequently, they sent an invoice demanding "payment within 30 days" ... or else!

    The store manager, billing department, and "customer service" manager apparently can't understand why it's wrong to send a demand for payment when none is due!

    These mundane matters are usually much more important than the false excitement of potential espionage.

  3. 3. Your American Cousin

    You are missing the point here, Richard. Companies aren't worried so much about protecting secret formulae in their closets as they are, and rightly should be, about protect personal information, your personal information, which you should be helping them to worry about.

Post your comment

In order to post a comment you need to be registered and logged in.

Log in or create your silicon.com account below

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy.

Questions about membership? Find the answers in the Membership FAQ