[ISN] Intelligence can be pretty dumb
isn at c4i.org
Thu Jun 15 02:24:48 EDT 2006
By Nick Booth
14 June 2006
SECURITY FIRMS must be ruthlessly cunning and intelligent to stay
ahead of the fiendish legions of hackers, crackers and cunning con
artists they constantly warn us about.
Or so you'd think.
But not if this recent example of 'intelligence' is typical.
All companies keep tabs on the opposition. Usually, they employ
competitive intelligence companies, who use all kinds of dirty tricks
to find out about rival's products, their marketing strategies and the
incentives offered to resellers.
A typically fiendish scam would be to set up a phoney head hunting
agency, then invite everyone that matters, at the target firm, for an
"off the record" interview. Flattered by the attention, most CTOs and
marketing directors are only too pleased to boast of the projects
they're working on, the budgets they're in charge of and how many
people are under them.
This information is all tabulated, and sold for hundreds of thousands
of dollars, to the client. Clients like to outsource this furtive
behaviour so they can distance themselves from it if they get caught.
Very cunning. Some security firms are slightly less sophisticated, it
When security vendor Countersnipe launched its latest product, it
expected a few bogus enquiries from its rivals. But a request from an
outfit calling themselves Ychange seemed genuine enough.
'Jeff' from Ychange saw a demo and was so impressed he promised to
show the product to Superluminal, his financial services client, which
was just gagging to place a multi-million dollar order.
But a quick Whois check revealed that Superluminal's web site was
owned by one of Countersnipe's rivals, Sourcefire. Perhaps Sourcefire
didn't think anyone else would know about this new-fangled Internet
"This has to be the least sophisticated attempt at spying I've ever
seen," laughed Countersnipe's Amar Rathore, "I wouldn't mind, but
they're a security firm, for God's sake. You'd think they'd know some
cleverer tricks than that."
Sourcefire was unavailable for comment. µ
More information about the ISN