[ISN] Intelligence can be pretty dumb

InfoSec News isn at c4i.org
Thu Jun 15 02:24:48 EDT 2006


By Nick Booth
14 June 2006

SECURITY FIRMS must be ruthlessly cunning and intelligent to stay 
ahead of the fiendish legions of hackers, crackers and cunning con 
artists they constantly warn us about.

Or so you'd think.

But not if this recent example of 'intelligence' is typical.

All companies keep tabs on the opposition. Usually, they employ 
competitive intelligence companies, who use all kinds of dirty tricks 
to find out about rival's products, their marketing strategies and the 
incentives offered to resellers.

A typically fiendish scam would be to set up a phoney head hunting 
agency, then invite everyone that matters, at the target firm, for an 
"off the record" interview. Flattered by the attention, most CTOs and 
marketing directors are only too pleased to boast of the projects 
they're working on, the budgets they're in charge of and how many 
people are under them.

This information is all tabulated, and sold for hundreds of thousands 
of dollars, to the client. Clients like to outsource this furtive 
behaviour so they can distance themselves from it if they get caught.

Very cunning. Some security firms are slightly less sophisticated, it 

When security vendor Countersnipe launched its latest product, it 
expected a few bogus enquiries from its rivals. But a request from an 
outfit calling themselves Ychange seemed genuine enough.

'Jeff' from Ychange saw a demo and was so impressed he promised to 
show the product to Superluminal, his financial services client, which 
was just gagging to place a multi-million dollar order.

But a quick Whois check revealed that Superluminal's web site was 
owned by one of Countersnipe's rivals, Sourcefire. Perhaps Sourcefire 
didn't think anyone else would know about this new-fangled Internet 

"This has to be the least sophisticated attempt at spying I've ever 
seen," laughed Countersnipe's Amar Rathore, "I wouldn't mind, but 
they're a security firm, for God's sake. You'd think they'd know some 
cleverer tricks than that."

Sourcefire was unavailable for comment. µ 

More information about the ISN mailing list