Feeds

Israel unmasks spyware ring

Corporate espionage

  • alert
  • submit to reddit

Securing Web Applications Made Simple and Scalable

Just connect your PC to the Internet. That's all it takes, for your worst nightmares to come true - and the Israeli Spyware scandal which broke last week illustrates, better than any amount of preaching, that the real security risk has nothing to do with open access WiFi.

The story, too juicy to be ignored by the IT media, tells of villains who uploaded a virus to the computers of their commercial rivals. Who are these villains?

What they are not, is spotty-faced hackers with a copy of NetStumbler, sitting the the car park trying to find a rogue access point on the corporate LAN. Here's the list of suspects: "Top executives of Israel's leading companies including Cellcom, Yes, Pelephone, Meir Motors, Tami-4, Ace Hardware, Volvo Israel and Amdocs" - they have either been arrested or have been placed under suspicion in the last few days for corporate espionage.

This list also includes several private detective companies run and operated by former IDF officers, reports Joel Leyden - summarising: "If your computer starts to work slowly and you hear your hard drive grinding and working like mad but you see nothing happening on your monitor - you may most likely have an Israel, Syrian, Saudi, Japanese, Chinese or US "shark" spying on your hard drive. It could be the FBI, your mother or the store next door."

There is a risk of being hacked by drive-by wireless geeks. There is also a risk of being struck by lightning. If you cross the road looking up at the sky for thunder-clouds, your chances of being run over approach certainty; the moral therefore is: don't waste money on wireless security consultants until you know you're at least as secure as possible against these spyware exploits.

But there is also a half-full glass: When both junior and senior managers in an organization know of the risk, they will be extra careful not to do anything illegal. It is worth noting the types of organizations in which the Trojan horses were found. None of them is an organization that has real secrets; none of them is a high-tech company from which patents, codes, chemical formulas, software or sophisticated algorithms were stolen. They are all commercial companies and 90 percent of their "secrets" become public knowledge within days, weeks or months in any event. If such companies were to invest less energy in "secrets" and "surprises" that their competitors were preparing, perhaps they would have more time to take better note of what their customers and employees want.

© NewsWireless.Net

Related stories

Deleting spyware: a criminal act?
House passes anti-spyware bills
Spyware wars
MS punts all-in-one security and backup service
Yahoo! has minimal spyware, adware revs streams
Spyware scumbags make $2bn a year

The smart choice: opportunity from uncertainty

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.