Swiss Spy Agency: Counter-Terrorism Secrets Stolen 88
Rambo Tribble writes "The Swiss spy agency, NDB, reports a disaffected employee walked out with drives containing terabytes of data shared by counter-terrorism agencies in Switzerland, the U.S. and Britain. It is not yet known if he was able to pass on any information before he was apprehended. 'A European security source said investigators now believe the suspect became disgruntled because he felt he was being ignored and his advice on operating the data systems was not being taken seriously.'"
Re: (Score:3, Funny)
OH NOES!
Now the TERR'ISTS gonna have all our GROPING secrets for PAT DOWNS! :-)
Advice (Score:5, Insightful)
If his advice included encryption and proper employee screening, maybe he was right.
Re: (Score:3)
Eh.. possibly not that honorable.
"the largest Swiss bank, UBS, expressed concern to authorities about a potentially suspicious attempt to set up a new numbered bank account, which then was traced to the NDB technician."
Re:Advice (Score:5, Insightful)
Showing that the whole "secret Swiss bank account" thing only applies when you're not trying to hide it from the Swiss government. :P
Re:Advice (Score:5, Informative)
However, tax evasion is not considered as a crime in Switzerland. This means that until recently, Swiss banks or the government would not disclose any information to foreign governments when only tax evasion was suspected. In the past few years though, international pressure on the Swiss government obliged it to ease the banking secrecy to the point where there is no secrecy anymore, except for permanent Swiss residents.
So? (Score:5, Insightful)
Somehow, I'm not terribly worried. Terrorism is a lesser threat to any of us than slipping in the shower is.
Re: (Score:2)
Somehow, I'm not terribly worried. Terrorism is a lesser threat to any of us than slipping in the shower is.
Indeed. We should close all the counter-terrorism agencies until the threat is back up to the level where people demand we do something about it...
Re: (Score:2)
Somehow, I'm not terribly worried. Terrorism is a lesser threat to any of us than slipping in the shower is.
Indeed. We should close all the counter-terrorism agencies until the threat is back up to the level where people demand we do something about it...
Or simply stop taking showers.
Re:So? (Score:5, Funny)
Or simply stop taking showers.
Then the terrorists will have won.
Re: (Score:2, Funny)
At least you'll smell like one.
Re:Stop? (Score:1)
This is /. :P
Many of the people here would have to *start* taking showers first before they could possibly *stop*
Re: (Score:2)
Or simply stop taking showers.
This is the most popular answer to the threat on Slashdot.
Re: (Score:3)
You assume that counter terrorism actually does something to stop terrorism. There is no evidence for that assertion.
Re:So? (Score:5, Insightful)
Evidence you can't see might as well not exist. Especially if the person you have to trust is the one asking for extraordinary powers.
It's quite telling that there hasn't been a successful terrorist attack in the US since 9/11. That means that the government is 100% effective at counter terrorism. When was the last time the government was 100% effective at anything? Does that not raise red flags?
Also, look at the alleged terrorists they have apprehended. Every one of them was given significant help by the government. I don't believe a single one of them would have been a credible threat without being egged on by the government. Yes, they might have had the motive, but when the government provides the means and the opportunity they're at least as guilty as the alleged terrorist.
Re: (Score:2)
Also I have this anti-terrorism rock for sale on eBay.
Carry it in your pocket and Abdul totally won't bomb you.
Re: (Score:1)
Sorry? What do we call Major Hassan, then? Oh, right...bog-standard workplace violence. I mean, the fact he was shouting "Allah Ackbar" is irrelevant.
On July 4th, 2002, a man shot up the El Al counter at LAX. There are more. 100% effective my ass.
Re: (Score:1)
And why does Switzerland care so much? Are they a target of terror? No drug lord, dictator, or terrorist would gain from attacking the nation-host of his own numbered (ergo anonymous) bank account. Not to mention that the Swiss make the world's best firearms.
Now, if Switzerland had a history of colonizing Africa or the America's, if they routinely invaded (oil-rich) sovereign nations, if they backed warlords to overthrow democratically elected leaders, if they rounded up civilians and locked them up in c
Re: (Score:2)
You assume that counter terrorism actually does something to stop terrorism. There is no evidence for that assertion.
Here in the UK there have been several court cases involving bomb plots foiled by the security services. I suppose you would say that these are all just made up?
Re: (Score:2)
What are you even talking about? About some kind of imaginary past I presume... but care to give details?
Now the Swiss must scramble to counter... (Score:2)
...this guy's counter counter terrorism ploy?
Nice!
So, Swiss Army Spy? (Score:2)
The title says it all.
hmmm. I can just imagine the advice... (Score:2)
"Really, guys, hide it in plain sight so nobody thinks it's important. Get hot new stuff, tweet it out. Ever hear of a public Wiki?"
the big question is, do they have a capital punishment law for treason over there? or does the Swiss Army just take turns batting you around all day?
Re: (Score:2)
do they have a capital punishment law for treason over there?
No, they have to send them to the USA for that.
Re: (Score:2)
do they have a capital punishment law for treason over there?
No, they have to send them to the USA for that.
Or arrange for the Israelis to have them assassinated.
Re: (Score:2)
Or outsource to China, who is a world leader in executions.
Re: (Score:2)
the big question is, do they have a capital punishment law for treason over there?
I believe they do it by pouring molten chocolate down your throat.
Re: (Score:1)
Should he get a medal or go to jail? (Score:4)
If he did this to prove that the security measures are so lax that lives are in danger - then he very honorably sacrificed his career.
If he made a backup copy, then he should go to jail.
Re:Should he get a medal or go to jail? (Score:5, Informative)
Re: (Score:2)
wrong. his action prove only that trusted senior individual with administrative rights and physical access to the system can fall in disgrace with his peers and have any intangible charge brought as his downfall.
Re: (Score:1)
he was trying to sell data. And stopped by the bank clerk who found it fishy that he wanted a numberd account...
so, jail it is.
Re: (Score:2)
> If he made a backup copy, then he should go to jail.
nice try, RIAA.
Terrorists or "Terrorists"? (Score:3)
Something tells me that most of this stolen info consists of data gathered on "terrorists" like movie pirates, government critics, and information leakers.
Re: (Score:2)
Something tells me that most of this stolen info consists of data gathered on "terrorists" like movie pirates, government critics, and information leakers.
Everyone is a potential terrorist, this will likely be information on everyone collected from every government database they have access to.
It would be interesting to see what kinds of data spooks collect.
Structural problem in the new agency (Score:1)
"The source said that under the NDB's present structure, its human resources staff - responsible for, among other things, ensuring the reliability and trustworthiness of the agency's personnel - is lumped together organizationally with the agency's information technology division. This potentially made it difficult or confusing for the subdivision's personnel to investigate themselves"
you'd think they'd have taken this into consideration in the first place. Rookie mistake?
Re: (Score:1)
... for a country whose laws deliberately shield trillions of dollars from the tax agencies of other nations.
Kill 1 man and you're a murderer. Kill a million and you're a conqueror.
Hide 1 dollar and you're a tax evader. Hide a million and you're a super PAC.
Fixed that for you.
He was right to at least some degree (Score:2)
If he was able to get Terabytes of data out with impunity and walk out with it in a back pack than he was right that things weren't being done right. If they had been working with best practices he never would have been able to pull the data out.
Read the article, sounds like the only reason the data didn't go to the highest bidder is he hadn't sold it yet. They said he was disgruntled, perhaps he was willing to sacrifice his career to make a point about things not being done right?
He'll get (and should get)
Re: (Score:2)
Q: What in 1 shouldn't lead to 2? (Score:1)
1: "The suspect in the spy data theft worked for the NDB, or Federal Intelligence Service, which is part of Switzerland's Defense Ministry, for about eight years."
2: "He was described by a source close to the investigation as a "very talented" technician and senior enough to have "administrator rights," giving him unrestricted access to most or all of the NDB's networks, including those holding vast caches of secret data."
A: "for about eight years" --> "unrestricted access to most or all of [...] vast ca
Secret service was lucky (Score:2)
This event dates from late September. As far as I know he was caught, before he could sell anything.
But, the Swiss Secret Service was lucky: The guy was caught because his bank became suspicious when he wanted to set up bank accounts to receive the future price for the loot.
The guy essentially walked out of the place with disk drives full of data. As he was the IT maintenance guy, he could pull this off without anybody getting suspicious. If your IT guy replaces 'broken' disk drives, everything is ok, oth
Re: (Score:2)
Switzerland is very small at the planning level of its structure. Very few make it up the chain of command with the correct trust and the huge number of days training needed vs having a day job.
They can profile the family structure and training of their top people over many years but "IT maintenance guy" are what treated as just "technician" staff? vs the quality of life that the officer
Re: (Score:1)
So... (Score:3, Funny)
Re: (Score:2)
I'm afraid to admit that it looks very much like it
checks need 2 signatures, why not mv/cp/etc? (Score:3)
Simply list secured directories/files and secured output devices (printers, usb, etc). If you try to move/copy/edit anything from a secured directory or to a secured device, your command gets put in a queue and waits for a second user to ok it.
Is there anything like this available already?
Re: (Score:2)
the point of requiring two signatures/keys/whatever IS to be ridiculously cumbersome
Re: (Score:2)
My college set up something like that for password resets. Two computing center student employees could type in their own passwords and the username of another student to reset that student's password. If I remember right, it didn't work on faculty accounts and in a few other situations.
Secret Data Network? (Score:2)
Did no-one in this self-described Federal Intelligence Service notice him downloading terrabytes of data?
Re: (Score:3)
No one was watching the watchers.
Wikileaks scores a huge leak... (Score:2)
Hell hath no fury like a passive agressive IT guy. (Score:2)
'A European security source said investigators now believe the suspect became disgruntled because he felt he was being ignored and his advice on operating the data systems was not being taken seriously.'"
Okay poindexter, what exactly was the issue? Some non-technical middle manager didn't understand the overarching brilliance of your recommended filesystem? Afraid the key length is too short? Too much Linux? Not enough Linux? Welcome to the real world, where your temper tantrum effects no change for anyone else but you. Hope your issue wasn't genuinely important, you'll have a hard time making your case from prison. /facepalm.
Re: (Score:1)
Swiss counter-terrorism definition (Score:2)
Swiss counter-terrorism includes probably a list of tax agents of foreign countries (such as the USA, most EU countries, and other countries looking for black money of their citizens).
Sensitive IT Guys (Score:1)
Old news (Score:2)
This is old news, geez. Here's a quick summary of the facts:
- The Swiss intelligence agency had pathetic security. This guy was an IT guy with far too much direct access to data. Second, there was no policy in place restricting (and checking) what employees could carry in and out of the building. So he duplicated the contents of numerous entire disks, and walk out the door carrying the copies.
- The guy was an idiot. He copied terabytes of data, figuring to get rich quick. But he had no idea how to sell the