Monday, August 12, 2013

Nightmare of terrorists with bombs surgically implanted INSIDE their bodies | Mail Online

Nightmare of terrorists with bombs surgically implanted INSIDE their bodies | Mail Online

 In this story is the mention of an explosive, liquid that was used to saturate some clothing and then let it dry and wear in on. There is a lot of ways to hide explosives that folks in the business have known about for years.

The liquid explosive plot that was hatched in Britain, and may have changed our travel life for ever, was known by the vast majority of the professions in the counter terrorism business for many years. It was just sort of not talked about since the bad guys had to that point not figured out how to exploit the vulnerability.

There are more out there, that keep many of us wondering when it will show. This internal attack method is harder than other possible plans we know about. For instance a simple attack that has been used by drug carriers for years, is to put small amounts of explosive into small bags and swallowed. With the intent of either defecating them on a long flight, or even defecating them in the passenger lounge before the flight. Now you have a mold-able explosive, and if you use multiple passengers, could have quite a bit of explosive.

This among other attacks are ones I worry more about than a small amount located internally inside a person. Quite possible, but better ways to do it.

It should be said we have gone to the whole body scanner, which even the manufactures agreed had only a 50/50 chance of finding the original underwear bomb, let alone these new threats. We need to rethink our knee jerk responses to new threats.

With that said, non metallic weapons could not be found by the metal detectors, so the use of whole body imagery had to be in our arsenal of counter measures, the question would be did it have to be used as the primary detector. Liquid explosives are still a threat, we still do not have a great detector for them, but as many passengers ask me, in the original plot did the not have multiple people, and each one now days could bring X amount of explosives? The shoes are still one of the most difficult things to scan, with out taking them off and placing them on the belt of the xray. So yes knee jerk reactions, but there is a need, the question is how they are implemented. Is it the most effective in a risk approach?

I will end with, when the bad guys figure out some of the other vulnerabilities we have that are still not talked about, do we just stop all airline traffic?

Friday, August 2, 2013

Spy's it all gets very dangerous when old school, and new school, sort of the hacker with a lock pick are in the same package

Spying is often called the second oldest profession, right after prostitution, with less morals than the first.  Back in world war two era, a spy in New York was found out after a paper boy was paid with a quarter he had hollowed out and had hidden a micro dot in.  The micro dot of the day, was a very high definition piece of film that had a number of documents on it.  The story is the paper boy dropped the quarter, and it opened up.  Now days the quarter can hold a flash SD, in this case a flash micro SD, that can now hold 64 Gig's of data.
or even a nickle can hold that much data.
So this major spy was traded back to Russians for Gary Powers the pilot of the only U2 spy plane the Soviets had brought down.   One with a very high tech quarter, the other the Pilot of our highest tech plane at the time.  Think of what they would have thought of these new technologies. 64 Gigs of  data in such a small size.  When I left the US Secret Service the Grid was the laptop of choice for espionage types.  It had a 10 Meg hard drive, a really big one at the time.  

Back in the 80's we had some very tiny microphones that we hid in a lot of neat places, now days the whole recording system can be bought at a local computer store in a ball point pen, or a flash drive.  The systems are so small they can be hidden in virtually anything.   The current drain is so minimal that batteries last for days.  One small USB flash drive has a system for 25 days, of recording, it can be left in a printer, even in a spare computer.   

Lets go back to the 64 gig 
It can hold data, that data can be voice, captured key strokes, like passwords, or encryption keys.  It can be hidden virtually anywhere, and has more capabilities than Spies of the old days could even dream of.   Yet put in their hands, they can get around most cyber security systems, by old school physical access.  Some of the programs on them act like the old burst transmitters, they store and hold data, looking for a time to send it out via your own network when its defenses are at the lowest.   I remember the first password logger I ever installed on an old style cable based network.  It had limited storage, but when installed at night, it caught the first keystrokes of the morning, which was the system administrator logging in.  These new keyboard loggers, fit in the the cable as it goes into the key board.  As a person sits down and logs in their passwords and other key data it is all captured.   One is sold as a converter, that takes a PS-2 keyboard connector and converts it to a USB key board.  3 seconds of work an you are in play. 

Now lets put some of the old and new together, like a cellphone charger, like the one displayed this week at a computer show.  
Now lets examine this device for a second, it has a flash memory with a malware program on it that when a phone is inserted into the charger, it infects the phone with a malware.  Some of the newest malware's are nothing more than a small program that can allow people past your security.  Some experts claim virtually every smart phone, ever computer, has at least one malware inserted in it already. 

Now take an old time spy with these, they can install them virtually anywhere.  At the SouthWest airlines USB charging stations at virtually every boarding area.  If you want what a person has printed you can install a device into his printer, usually with an altered printer cable, by the way spies have been altering printer cables for years, since at least back in the 70's which is when I first came on one.  Now let's look at those devices we never even look at just install them and never touch them again until they break down, routers and other network gear.  

There is some belief, that the Chinese have built malware inserts and other spy software in most if not all the routers they sell.   I can say they have done this to a lot of them.

Now lets talk about finding them... good luck, it can be a very frustrating time.  I suggest you rent or go on Netflix and watch a movie called the Conversation, with Gene Hackman.  A little slow at times but the ending may give you an idea, of what we are up against.