Industrial Espionage. These methodologies are being used on a
daily basis by competitors maybe even against you. I knew a Private
Investigator who used to break into other firm’s voicemail boxes. He was
suspected of erasing messages and stealing potential clients. I know
you may be thinking that is not right. Maybe so but if a Private
Investigator cannot protect him/herself than what use are they to a
This happens all the time. If you think it is bad here in
the United States try overseas. It is pretty much considered fair game
and rarely enforced. Even the Concord was remembered for being heavily
What you may find surprising is just how easy it is to do.
You could even use off the shelf items, although fully assembled models
are readily available and cheap.
The best way to learn is to do. A
little bit of paranoia and a lot of imagination goes a long way. Just
look around your house and see what can be used. Baby monitors can be
remotely activated and used to listen in on you. Your cell phone can be
hacked through its Bluetooth Feature, so not only can all the data be
copied, but also settings could be changed. Your phone could be called
and answered without you knowing; thereby listening to your
conversation. Your phone can also be used to make a call to someone else
without you touching a button ideal for incrimination purposes. There
was a technique originally developed to remotely view what you watch on
your television, now adapted for computer screens. You can find the
plans to build this on the Internet from many sites. This is used in
Europe, particularly the Balkans all the time against ATMs. There is
still the good old fashion radio scanner to listen to cordless phone
calls. Then you can say, “Well I use a digital, spread spectrum model
using 2.4 or 5.8 frequencies.”
True that is good protection, but
given time the packets of data (digital remember) can be reassembled and
decoded. Thankfully that takes time, but you can buy a digital scanner
to listen to real time conversations. You can also buy software overseas
to work with scanners and laptops for listening to cell phone calls. An
interesting side note: Some of these same companies that provide such
equipment constantly steal from each other.
Outside your house or
in the basement of your apartment building are boxes where your land
line phone service comes through. You just need a telephone/linesman
butt set or build one from a phone to listen in.
So you say, “What
does this have to do with industrial security?” Well usually certain
people are targeted when looking for a means into an organization. Plus,
they can make a convenient scapegoat and distraction to investigators.
it or not it is often I.T. and security personnel who are targeted.
Although they may be more aware of security they also have higher
privileges than most. Many times they use a popular and recognized
remote access program when telecommuting. If you can capture their
username and password that may be all that you need. Sometimes there may
be more advanced authentication procedures.
For instance, the
server you will log into or firewall you wish to bypass may require
extra authentication. Sometimes it may request a MAC address. This is
the unique serial number burned into network cards. This can be copied
and you can change yours to that one with a software application. If you
have the IP Address, then you can switch your IP Address as well.
you access the victim’s computer and place a remote access program of
your own, don’t use one with obvious hacker names like Back Orifice.
Using one that they already have, such as PC Anywhere or Remote Desktop
would be ideal. Don’t worry about tackling a wireless computer network.
Even with security enabled that could just be a speed bump to the
dedicated. If probing a victim’s computer then I recommend making it
appear as spam. If they have a firewall, you can probe it and see what
version they are using. Afterwards look around for data on cracking that
firewall. Any firewall can be cracked and guess what? You can always
break into their home and place whatever it is that needs to be placed.
systems can be defeated rather easily if you know how. Many times these
burglar alarm systems were installed by poorly trained or overworked
employees who take short cuts to get the job done. Sometimes you will
actually see the keypads mounted outside the door to a home or easily
viewable through a window. What happens if they cut the phone line or
cover the siren box? Locks can also be bypassed by means other than just
lock picking. You could install a high security lock, but if all the
hardware around it is weak than what good is it?
Dogs can be
tricky and are usually the toughest obstacle to overcome. Believe it or
not, little dogs that are the worst. Big attack dogs can be overcome and
sedated or contained; even the well trained ones. But little dogs that
run around and make a racket are a menace. Once a dog starts barking,
the rest neighborhood’s dogs will join in. Even using a high frequency
sound device to annoy the dog on a property you wish to enter can alert
If you do break in, check the bedroom and den first.
Bedrooms are where the most important items usually are. You are not
there to steal but to place bugs, software etc. and to copy anything of
interest, such as a security card, hard drive or key. Bring a digital
camera and photograph the scene before moving anything. If there is too
much dust then leave it alone. Dust leaves a telltale sign, which is
very noticeable when moved. Most locks used to secure desks are easy to
pick so that’s not a big deal.
Bring a hard drive cloning devices
and a Linux Boot Disk to copy entire hard drives. This way even if they
are password protected and encrypted you can crack them later at your
leisure. You can carry MP3 players and iPods to act as a second portable
hard drive. That can be particularly handy when in a public
environment. Someone thinks you are fiddling with a MP3 player but you
are actually downloading somebody’s hard drive. Carry all the cables you
may need since some machines may not have a particular port like
firewire. If they do have a faster transfer rate type port, then by all
means use it. You can do something else while it is busy copying data.
Remember to look under the keyboard for passwords and pay attention to
Post-its. Those little pieces of paper are gold mines. Also, and maybe
more importantly, copy data from cell phones and PDAs, if they are
available. This can be done with cables to your own PDA or laptop. There
are portable dedicated units for this purpose as well. The safe if they
have one are usually in the bedroom. Use a metal detector to find it.
Place the metal detector wand on its lowest setting, so only a
significant metal object will trigger it. Sometimes a safe can contain
something you can use as blackmail.
There are devices which mount
to a safe’s dial which automatically attempt countless combinations;
some are stand-alone, while others are connected via laptop. You can
also try the basic combinations for that make and model. Some safe
technicians use the default combination or may try to use some thing you
can remember like a child’s birthday. If all else fails try 36-24-36,
it’s very popular with certain bachelors. Placing bugs around the house
is usually useless. Most people have a tendency to put the television
set or stereo on when they are home. The only exception may be over the
head of the bed and wait for pillow talk. You may as well concentrate on
telephones lines. They may use a cell phone in the house but once again
you may not be able to hear the conversation. Even when using a laser
mike which focuses a beam against a window and picks up vibrations in a
room may not work, especially if they have plush carpeting or heavy
You can record a conversation on video you can always
lip-read if audio is not available. If you have the time and they have a
garage, see if it opens automatically. Go over to the garage door and
make a copy of the remote for yourself. This works even with the rolling
code models. This is just a general outline of what you can do. Make
sure to check the soles of your shoes before and after a break in. I
suggest wearing a popular brand in case the police make a cast of your
footprints. You can also place a pair of hospital booties over your
shoes to cover your tracks.
It is not a bad idea to wear a jogging
suit as opposed to being dressed as a ninja. If you have to run, you
would not seem too suspicious. It is wise to take as few chances as
If you have more time, the best way to infiltrate an
organization is to join it. If not directly then as one of it’s support
people such as food services or building maintenance. Cleaning crews
usually work after hours under little scrutiny. These companies have
such a high turnover that they are always hiring and do no background
checks. If you do show up for an interview or to do some sort of sales
pitch come mentally prepared. Hang around the places where the target
organization’s employees are and pretend to be a headhunter. Hand
someone your demo CD. Of course that CD should have more on it than they
expect. Anti-virus protection can be completely by-passed using this
method. I will even guess that you have done this countless times
without a second thought.
If the job interview is for a
technology-based position, they will tip their hand by asking you what
do you know about such and such. A good skill to pick up will be the
ability to read documents facing away from you on a desk. While you are
at it develop an excellent memory for detail, especially numbers.
a few acting classes could help here, too. What I like about situations
like this is that these are the ideal times to place bugs. If you think
it may be discovered, then just dispose of something in their
wastebasket. Blow your nose while placing a micro-transmitter in it. I
doubt any one will inspect the contents of a used tissue. They will end
up getting rid of it for you. There is a chance that said item could be
discovered by personnel who do paper shredding services. Most companies
do not use this service. This could also be a good idea to do some
dumpster diving later and see what they throw out. You can carry a micro
digital camera and record everything you see. Just pretend to be
listening to an iPod or something. Whatever you do, pretend that you
belong. If someone tries to stop you, start grooving to some imaginary
tunes and head for the elevator. Always have an excuse ready. You can
also use something known as video ham radio. This transmits video images
via radio signals; more commonly used by rescue crews. This is
different from the more conventional covert video systems used out
Video systems tend to use a lot of battery power so bring
spares. Ideally it would be nice to place cameras in the copy machine
but usually a copy machine technician best accomplishes this. Some
operators have gone as far as replace whole machines. The FAX machine is
the best for tapping. No one seems to ever suspect that is tapped but
will scrutinize everything else. You may think that that is an oversized
DSL filter on it but maybe it is not. If there is a damaged door with a
lock still attached try to remove it. A good locksmith can build master
keys by analyzing the pin tumblers. With some practice you can do this
as well. Cut a key for both before and after removing spacers from pins
if they have them. This is what is called a master keying system. What
you would want to make is the grandmaster key. This will allow you total
If you do start opening doors, be aware that there may be
door contacts. These are magnetic switches used in burglar alarm and
access control systems. You can use basic electronic tools to locate the
magnet and use your own magnet to fool the door.
different devices out there which can record and analyze
security/prox/access control cards Weigand output. The Weigand output is
when a card reader emits a radio wave, which energizes the card. The
card then sends out a unique identifier. This is what you want to catch.
With another device you can replicate this identifier, mostly using a
PDA. Laptops are better but conspicuous compared to a PDA. Smart cards
and the magnetic strips from more conventional credit card types can be
duplicated on the spot. Just be aware that with most modern access
control software the face will show up on the computer screen that
accompanies the card being used so enter with a group. If there is a
numeric keypad you can use ultraviolet light to check for smudges and
you can guess from there. If you have access to a thermal imagery
device, you can see the heat signatures. These are so cheap now that
they are popping up in the most unlikely places. Hunters are using them
for the slight advantage it gives them. Usually the stronger trace is
the most recent. That will be the last one pressed. From there you can
guess accordingly. Many systems have a three strikes and you are out
policy, so proceed with caution. Otherwise, if you are in a mantrap the
doors will stay locked and you are trapped and security will be alerted.
is growing in popularity but as you probably guessed by now, can be
defeated. It is rare for somebody to wipe their prints off. A lot of
these devices are fingerprint based so get copies of fingerprints. One
way is to get them from the biometric reader itself. Some crime scene
photographers have special software or film that accentuates photos of
fingerprints. Some scanners that check for retinas and such can
occasionally be tricked by trying out a bunch of well-made fake eyeballs
and a flashlight. You can remotely access the security and camera
system either by the Internet or through a phone line (pre-paid cell
phone included). You can give yourself privileges on a blank access card
and erase video files of your activities.
Sometimes the video
files may be also network storage based. Once again you should access
anything with any trace of your existence. You can also defeat the
cameras individually. Strong light devices can blur an image or anything
that emits strong electrical signals can cause static or snow. If the
camera is too far you can use a HERF (hi-energy radio frequency) gun.
This can send a focused burst which can either be disruptive or
destructive. Think of using your cell phone next to a clock radio for an
analogy. These are not as hard to acquire as you might think.
you are this close you should monitor the security guards’ radio
frequency. You can use a radio that can communicate with theirs try not
to talk to them for any reason. Many sites are now recording radio
transmissions for insurance reasons.
Voice print recognition has
come a long way. Be aware of their call signs and any related lingo. If
you have a crazy notion of knocking out a guard just be aware that their
radios have a tilt feature so if a guard goes down there is an alert.
If you are thinking about doing a late night sneak and peek consider the
perimeter defenses. The use of fiber optics in fencing is common and
almost invisible to the intruder. Break a branch onto it so that part of
the fencing system is deactivated or simply overlooked.
around can also be seismic intrusion detection, which basically is
sensitive to footsteps. This can be tricked with a device called a
thumper. It is basically a box that stamps its foot at whatever pace.
Certain cameras may be programmed to react to the disturbance. If you
are looking for infrared sources use a passive night vision
scope/goggle. You are looking for IR emissions; you are trying not to
create your own which an active model could do. There are little badges
you can wear that can alert you if you are under IR observation. Do not
wear divers watches since the tritium will light you up like a ghost to
any nocturnal observer with night vision goggles. If the facility is
using thermal imagery, than you will need to really do your homework;
chances are they are serious about protecting whatever it is they are
tasked with. One way to defeat that is by wearing different types of
neoprene suits. Everything must be covered not a very comfortable way to
spend an evening. Otherwise you will have to wait for a storm to hit
before you make a move.
Now you may not approve of the disclosure
of such information. The truth is such knowledge is freely available to
anyone. Just buy a video game to get the latest inventions and their
use. Remember this: the most successful operations are the kind that go
undetected. Maybe a little bit of paranoia is a good thing.