Unauthorized access to sources of confidential information.

Unauthorized access to sources of confidential information.

Yarochkin V.I.

INTRODUCTION

In modern conditions, information plays a decisive role both in the process of economic development and in the course of competition in the national and international markets.

The influence of advanced scientific achievements covers the entire globe, and this reality cannot be ignored.

Competition, which has intensified on the basis of scientific and technological progress, is hitting the laggards even more mercilessly. The arena of intense struggle has become the rivalry for supremacy in the market, in the most important areas of scientific and technological progress.

In these conditions, industrial espionage becomes a reality as a sphere of secret activity for obtaining, collecting, analyzing, storing and using confidential information, covering all spheres of the market economy.

In the world of real business, the word «compete» is more closely related to the concept of «destroy a competitor at any cost».

Competition is a brutal struggle.

It puts competitors in such tough conditions that they are forced to act according to the principle «the winner is not judged, the end is above the means».

The question is posed clearly: either you, or you will be left in the world.

Unfair competition is carried out in the form of industrial espionage, corruption, organized crime, falsification and counterfeiting of competitors' products, manipulation of business reporting (counterfeiting, falsification, distortion, substitution, etc.) and, finally, by direct deception, robbery, causing material damage.

It is obvious that all types of «weapons» and methods of criminal actions of unfair competition are used depending on the objects of malicious actions and the possibility of access to objects and information.

It is practically impossible to obtain any reliable information about objects of confidential interests by legal means, since in the world of capital a certain system of protection of valuable information from unauthorized access by intruders is maintained.

The word «unauthorized» emphasizes that actions are committed illegally, bypassing ethical standards and security systems in order to obtain confidential information for use for selfish purposes.

This manual presents the author's approach to systematizing objects and sources of confidential information and methods of unauthorized access to them by intruders.

The author does not claim novelty, originality and completeness of disclosure of the issue and will be very grateful for criticism and assistance in improving the composition and content of the manual.

1. OBJECTS OF CONFIDENTIAL INTERESTS

It is known that industrial espionage is carried out with the aim of conquering sales markets by throwing new goods and products of improved quality and more economical and advanced technology for their production onto them, as well as by discrediting and eliminating competitors on it by any methods and means.

It is obvious that the objects of confidential interests on the part of industrial espionage services are production structures, firms, corporations, associations, factories, enterprises and organizations that produce (develop) products or goods of the organization.

These may be separate workshops, laboratories, test sites, process lines, machine tools, process equipment, etc., information about which can characterize the state of production (including the management system, finances, etc.) and manufactured products, allows you to assess the quality of manufactured products, the level of production costs, its production capacity and other parameters and characteristics associated not only with production and its organizational features and financial condition.

The result of a specific industrial production activity is a product as a technical object.

A technical object is a very broad concept. It can be a separate device, any element of a device or a complex of interconnected devices.

Each technical object has a specific function that ensures the implementation of the corresponding consumer need.

Technical objects include individual machines, devices, instruments, structures and other devices that perform specific functions for the transformation, storage or transportation of matter, energy or information.

Technical objects include any element (unit, block, unit, assembly unit, part, etc.) included in a machine, apparatus, device, etc., as well as any of the complexes of functionally interconnected machines, apparatus, devices, etc. in the form of a system of machines, a technological line, a workshop, etc.

From the above it follows that the concept of a technical object, in the case of industrial espionage, acting as an object of confidential interests, is very multifaceted and, from the standpoint of systems analysis, hierarchical.

This may be a large technical system, such as a joint-stock company, with a significant number of factories, or a separate household device such as an electric hair dryer.
Each technical object is intended to satisfy a specific consumer function.

The function implemented by a technical object reflects and describes its purpose:

• What action does the technical object perform?
• To what object (subject of labor) is this action directed?
• Under what special conditions and restrictions is this action performed?

This description contains information about the subject of work — the object.
The attacker deals with information that illuminates certain aspects of the object of his confidential interests.

What will the attacker be interested in?

Naturally, information about production and manufactured products, about organizational features and finances, about commodity turnover and the distribution system, about prices, advertising, service, etc. information about the company, enterprise, which will allow him to find a solution for a successful fight against his competitors.

In his illegal actions, the attacker always acts as a subject whose actions are directed at what opposes him or is the object of his interests.

It is known that an object is a philosophical category expressing what opposes the subject in his objective-practical and cognitive (read: intelligence, espionage) activities.

In the practice of military espionage, the concept of «intelligence object» has been around for a long time and does not require any explanation.

Thus, «the object of R. Sorge's work in Japan was Japan, and the object «the German Embassy» is only a cover».

The interpretation of the object of intelligence, for example, in radio intelligence, in radar and other types of intelligence, is unambiguous.

The objects of observation, for example, in radar, are physical bodies, information about which is of practical interest.

It is directly stated that «reconnaissance of radio signals emitted by reconnaissance objects and reconnaissance of images of the objects themselves is carried out by means of electronic reconnaissance», and in «the secret of creating poisonous gases could not help but become the object of industrial espionage.

A French secret agent «managed to take possession of a shell fragment during tests» and soon the Entente countries began producing poisonous gases». This very fragment was the source of information about the composition of the chemical substance.

The relationship between the subject and the object, as an object of knowledge, practical influence, activity, is presented in Fig. 1.

In the practice of industrial espionage, the objects of confidential interests are enterprises, organizations, firms, companies, banks, offices, information about which, as potential competitors, is of significant interest from the standpoint of analyzing production and manufacturing, scientific, trade and financial, intermediary and other activities, as well as their products or services.

Any information that combines these areas is of great interest in terms of studying possible areas of commercial activity (Fig. 2).

And so, the object of malicious actions can be organizations, products, technology (technology is a method of production), production, information about which a competitor (subject) seeks to obtain in order to successfully compete in the sales market.

It is known that information is data about objects, subjects, phenomena, processes (regardless of the form of their presentation), displayed in the human mind, or on some medium, for subsequent perception by a person.

Entrepreneurial activity is closely interconnected with the receipt, accumulation, processing and use of various information flows coming from various sources.

What should be understood by a source in general and by a source of confidential information, in particular?

Let's consider some formulations of sources of information.

The small SE specifies: «historical sources» are monuments of the past that testify to the history of human society.

The most important are written monuments, which also include printed publications.

Written sources are divided into literary monuments (chronicles, chronicles, stories, etc.), legislative monuments, acts and office materials (correspondence, reports, contracts, etc.).

In numerous literature, there are various formulations of the concept of «source». For example, «Zhukov» is the only source that is relevant to many problems of the Great Patriotic War.

Based on the experience of intelligence and counterintelligence, one can come across the following formulations:

• «It is always difficult to operate intelligence data, since there is a real danger of revealing an important source of information.»
• «…through intelligence and counterintelligence, important information was obtained from several different sources…»
• «…sources of intelligence…»
• «…the main source of radio intelligence is radio stations and their transmissions…»
• «…data source — a functional unit that generates data for transmission…»
• «…»friend», or in our terms, a special source…»
• «…we use both official and unofficial sources of information…» etc.In addition, there are material and spiritual sources:
• «…the main source of oil for Germany is Romania…»
• «…a book is a source of knowledge…», «…a book is a precious source of wisdom…»

The materials on the Great Patriotic War also contain the following formulations: “Anyone who wishes can follow the secret transfer routes of troops from the Far East themselves, based on numerous testimonies of captured Soviet soldiers from the Far East who found themselves on the German border, based on German intelligence reports and many other sources.”

Obviously, any of these formulations refers to some object that has certain information that can be obtained (received) once or repeatedly by persons interested in it.

The source is associated with some recipient (subject) that has one or another opportunity to access the information.

The source in this pair acts as a passive party, and the recipient — the subject — is active.

Then, by the source of confidential information we will understand an object that has certain protected information that is of interest to intruders.

In response to the question: «Do documents for those persons who travel abroad still pass through your service?»

V. Bakatin, Chairman of the KGB of the USSR, gave the following answer: «Yes, since there is a law on leaving the country, it mentions people who know state secrets, and control over such «secret carriers» not leaving the country is assigned to the KGB.»

Taking into account the above, with some degree of generalization and with a certain assumption, the following categories of sources can be cited that possess, own, or contain confidential information:

1. People.
2. Documents.
3. Publications.
4. Technical media.
5. Technical means of ensuring industrial labor activity.
6. Products.
7. Industrial and production waste.

Let's consider each of these categories in general terms.

1. OBJECTS OF CONFIDENTIAL INTERESTS

People.

This group includes employees, service personnel, workers, product sellers, clients, partners, suppliers, buyers, etc., etc.

People occupy a special place among sources of confidential information as an active element capable of acting not only as a source, but also as a subject of malicious actions.

People are both the owners and distributors of information within the framework of their functional duties.

In addition to possessing information, people are also capable of analyzing it, generalizing it, drawing appropriate conclusions, and, under certain conditions, hiding, selling and committing other criminal acts, including entering into criminal relationships with criminals.

Documents.

Documents are the most common form of information exchange, accumulation and storage. A document is distinguished by the fact that its functional purpose is quite diverse.

The document system has a ramified structure and is the subject of separate consideration, since a document can be presented not only in different content, but also in different physical forms — material carriers.

According to their focus, there are organizational and administrative, planning, statistical, accounting and scientific and technical documents, which contain, in essence, the entire mass of information about the composition, condition and activities of any organizational structure from the state to the individual level, about any product, commodity, idea, development.

Such a variety of forms and contents of documents by purpose, direction, nature of movement and use is a very tempting source for intruders, which naturally attracts their attention to the possibility of obtaining the information of interest.

Publications.

Publications are information carriers in the form of a wide variety of publications: books, articles, monographs, reviews, messages, advertising brochures, reports, theses, etc., etc.

The attackers know that the best sources of commercial information are not the «victims» but the chatterboxes. That is why the attackers are attracted by various specialist media, congresses, conferences, symposia, scientific seminars, seminars on the exchange of experience and similar public speeches.
Here experienced specialists collect the latest and most valuable information.

In [13] a conversation is held between the correspondent of «AiF» and a high-ranking Pentagon official Stephen Fott: «It has long been known that more than 60% of military information that is secret can be obtained from so-called «open sources» — the press, radio and television broadcasts, books.

Therefore, a modern intelligence officer, no matter under what «roof» he works (diplomat, trade representative, journalist), is mainly engaged in collecting and analyzing precisely this data.

The French researcher of industrial espionage methods, Maurice Denuzier, notes on this matter: «Modern scientific, industrial and economic information is mostly easily accessible.

Ninety-five percent of the information that an intruder is interested in can be obtained from specialized journals, scientific papers, company reports, internal publications of enterprises, brochures and prospectuses distributed at fairs and exhibitions.

The spy's goal is to obtain the remaining five percent of the information he needs, which contains the company secret, the «secret of craftsmanship».

Technical media.

Technical information carriers include paper media (punched cards, punched tapes), film and photographic materials (microfilms, motion pictures, etc.), magnetic media (disks, tapes), video discs, video films, printouts of data and programs on printers, information on computer screens, industrial television installations, individual and collective use boards, and others.

The danger of technical media is determined by the high growth rate of the fleet of technical means and personal computers in operation, their wide application in various spheres of human activity, the high degree of concentration of information on technical media and the scale of people's participation in the use of these media in practical activities.

Technical means of ensuring production activities.

Technical means as sources of confidential information is a broad and capacious group of sources in terms of information.

The group of means for supporting production activities includes a wide variety of means, such as, in particular, telephones and telephone communications, televisions and industrial television installations, radio receivers, radio broadcasting systems, public address systems, amplification systems, cinema systems, clock systems, security and fire systems and others, which, according to their parameters, can be sources of conversion of acoustic information into electrical and electromagnetic fields capable of forming electromagnetic channels for leakage of confidential information.

A special group of tools are automated information processing systems, since they have a large information capacity.

They contain millions and billions of bits of confidential information, access to which can cause irreparable damage.

The danger also lies in the fact that the ASOD contains a very significant range of information.

The databases contain everything about a specific enterprise, from employees to specific products.

Products.

Products are a special source of information, the characteristics of which are actively hunted by competitors.

Special attention should be paid to new products that are being prepared for production.

It is taken into account that there are certain stages of the «life cycle» for products: concept, model, prototype, testing, serial production, operation, modernization and decommissioning.

Each of these stages is accompanied by specific information, which manifests itself in a variety of physical effects, which in the form of unmasking signs can reveal protected information.

Industrial and production waste.

Production waste — what is called waste material, can tell a lot about the materials used, their composition, production features, technology.

Moreover, they are obtained almost safely in landfills, garbage dumps, scrap metal collection sites, in office bins.

As one experienced spy confessed: «I recommend paying attention to the contents of trash cans» is inexpensive, and among crumpled pieces of paper, damaged documents and various copybooks, if you look, you can find a thousand-dollar bill» I have found them more than once in the form of drafts for which I was paid thousands».

More serious sources are material waste and refuse, the chemical analysis of which will tell a lot.

In their availability, sources of confidential information contain complete information about the composition, content and direction of the enterprise (organization), which is of great interest to competitors.

Naturally, they absolutely need such information and they will make every effort and find the necessary methods to obtain the information they are interested in.

In conclusion, we will cite the official admission of the pillars of American intelligence that the US secret services receive about 80% of their information from such sources as reports of diplomatic spies, military attachés, from foreign press and radio reports, from reference literature, official government statements, documents and plans, stories of tourists, and from materials and information obtained from technical information.

2. WAYS OF UNAUTHORIZED ACCESS TO CONFIDENTIAL INFORMATION.

Considering the well-known aphorism «the end justifies the means», let us ask the question: what goals does an intruder pursue by gaining unauthorized access to sources of confidential information?

In the new competitive market conditions, a lot of problems arise related not only to ensuring the safety of business (commercial) information, as a type of intellectual property, but also of individuals and legal entities, their property and personal safety.

It is known that business activity is closely related to the receipt, accumulation, storage, processing and use of various information flows.

Since information represents a certain price, the fact of obtaining information by the attacker brings him a certain income, thereby weakening the competitor's capabilities.

Hence the main goal — obtaining information about the composition, condition and activities of the object of confidential interests (firm, product, project, recipe, technology, etc.) in order to satisfy their information needs.

It is also possible to make certain changes to the information circulating at an object of confidential interests for selfish purposes. Such an action may lead to misinformation on certain areas of activity, accounting data, and the results of solving certain problems.

At the same time, it should be noted that making changes or misinformation is difficult to implement.

In order to pass off false information as true, it is necessary to provide for a set of social events that are consistent with the general course of events in time, place, purpose, and content, which requires deep knowledge of the information situation at the object. Individual false information may not always have a positive effect.

In addition, they can simply reveal the intentions to modify or disinformation.

A more dangerous goal is the destruction of accumulated information arrays in documentary or magnetic form and software products in the ASOD environment.

Destruction is an illegal action aimed at causing material or informational damage to a competitor by an attacker.

Thus, the attacker pursues three goals: to obtain the necessary information in the volume and range required for competitive struggle; to have the ability to make changes to the competitor's information flows in accordance with his interests and, in extreme cases, to harm the competitor by destroying material and information assets.

The full volume of information about the competitor's activities cannot be obtained by only one of the possible methods of accessing information.

The more information capabilities an attacker has, the more success he can achieve in the competitive struggle.

The one who collects the necessary information faster and more fully, processes it and makes the right decision can count on success.

The choice of methods of action, as well as the quantitative and qualitative composition of the forces and means of attack depend on the goals.

The composition of the persons obtaining or ensuring the obtaining of the information necessary for the attacker can be quite diverse. These can be informants, agents, spies, sexots (secret employees), trusted persons, informers, errand boys, stool pigeons and many others.

It is also possible to introduce «one's own» people into a competing company in order to solve intelligence tasks.

There are two ways to introduce: the first — the person acts under his own name and works in accordance with his existing profession; the second — the person gets a job using forged (fake) documents, under the cover of a «legend».

Introducing your own person into a company is difficult, but unlike a person who simply provides information on his own initiative, he is more reliable and easier to manage.

In domestic literature, there are different interpretations of both the concept of the method of unauthorized access and its content.

It is stated: “Here is a systematized list of ways of obtaining information without authorization: using listening devices, remote photography (why only remote?), interception of electromagnetic radiation, theft of storage media and industrial waste, reading data in other users’ arrays, reading residual information in the system’s memory after executing an authorized request, copying storage media, unauthorized use of registered users’ terminals by stealing passwords and other access control details, disguising unauthorized requests as operating system requests (hoax), using software traps, obtaining protected data using a series of authorized requests, exploiting shortcomings in programming languages ​​and operating systems, intentionally including special blocks of the “Trojan horse” type in program libraries, illegally connecting to the equipment or communication lines of a computing system, maliciously disabling protection mechanisms.”

The approach to methods of unauthorized access is different. «One of the problems of protection is the classification of possible channels of information leakage.

By a possible channel of information leakage we will understand a method that allows an intruder to gain access to information processed or stored in a personal computer».

«Leakage channels include: theft of storage media (magnetic disks, tapes, floppy disks, cards); reading information from the screen by an unauthorized person (while the information is being displayed on the screen by the legitimate user or in the absence of the legitimate user); reading information from unattended program printouts; connecting specially designed hardware to personal computer devices that provide access to information; using special technical means to intercept electromagnetic radiation from personal computer technical means; unauthorized access of programs to information; decryption of encrypted information by a program; copying of program information from storage media».

The Law of the Russian Federation «On Operational Investigative Activities in the Russian Federation» states:

To solve the tasks of operational investigative activities, the bodies carrying out operational investigative activities in accordance with the rules of conspiracy apply:

1. Interviewing citizens.
2. Making inquiries.
3. Collecting samples for comparative research.
4. Test purchases.
5. Examination of objects and documents.
6. Surveillance.
7. Identification of a person.
8. Inspection of premises, buildings, structures, terrain and vehicles.
9. Control of postal items.
10. Censorship of correspondence of convicts.
11. Wiping telephone and other conversations.
12. Removal of information from technical communication channels.

It is indicated that industrial spies «eavesdrop, conduct surveillance, inspect mail», economic espionage as a sphere of secret activity on collection, analysis, storage and use of «confidential information», «fishing out information, from primitive eavesdropping to space peeping», «space espionage does not cancel out the methods of fishing out secrets of companies and states that have been tested for thousands of years», » intelligence agencies examine, probe, and probe the globe in every possible way, from simple press radiation to scanning the earth's crust with laser beams from space…».

The American journal «Chemical Engineering» published an interesting list of ways to obtain information about their competitors:

1. Collecting information contained in the media, including official documents, such as court reports.
2. Using information disseminated by employees of competing firms.
3. Stock exchange reports and consultants' reports, financial reports and documents in the possession of brokers; exhibits and prospectuses, brochures of competing firms; reports of traveling salesmen of one's own firm.
4. Studying the products of competing firms; using data obtained during conversations with employees of competing firms (without breaking the law).
5. Disguised surveys and «fishing» for information from employees of competing firms at scientific and technical congresses (conferences, symposia).
6. Direct observation, carried out covertly.
7. Conversations about hiring with employees of competing firms (even though the interviewer has no intention of hiring the person in question for his own
   firm).
8. So-called «false» negotiations with a competing firm regarding the acquisition of a license.
9. Hiring an employee of a competing firm to obtain the required information.
10. Bribing an employee of a competing firm or a person involved in its supply chain.
11. Using an agent to obtain information based on the payroll of a competitor company.
12. Eavesdropping on conversations held in competitor companies.
13. Intercepting telegraph messages.
14. Eavesdropping on telephone conversations.
15. Theft of drawings, samples, documentation, etc.
16. Blackmail and extortion.

And finally, in [17] it is indicated that the KGB carefully monitors each of its protégés, using all conceivable counterintelligence methods — surveillance, wiretapping of telephone and all other conversations, external surveillance was conducted.

A natural question arises as to which of the above concepts can be considered as a method.

A method is generally understood to be an order and methods of action leading to the achievement of some goal.

An encyclopedic understanding of the mode of production is a historically conditioned form of production of material goods.

It is also known that the definition of methods of military action is the order and methods of using forces and means to solve problems in an operation (battle).

Finally, the method of access is a set of methods for working with data in external memory.

In the criminal sphere, methods of concealing income from taxation are abolished.

Taking into account the above, we can define the method of unauthorized access to sources of confidential information as — A SET OF METHODS THAT ALLOW AN INVADER TO OBTAIN PROTECTED INFORMATION OF A CONFIDENTIAL NATURE.

Taking this formulation into account, we will provide a systematized list of methods at a high level of abstraction.

In our opinion, the methods of unauthorized access to confidential information are:

1. Initiative cooperation.
2. Inducement to cooperate.
3. Prying, spying
4. Eavesdropping on negotiations in various ways.
5. Secret familiarization with information and documents.
6. Theft.
7. Copying.
8. Counterfeit (modification).
9. Destruction (damage, destruction).

In our opinion, such a list is independent and non-intersecting at the selected level of abstraction.

Having agreed that the list of sources of confidential information is also independent and does not intersect at this level of abstraction, we can try to analyze their interrelationships and interdependencies. Even a cursory review allows us to conclude that certain methods are applicable to certain sources. As diverse as the sources are, so are the methods of unauthorized access to them.

We admit the possibility of decomposing the methods of unauthorized access and sources by their applicability depending on certain conditions and situations. Nevertheless, having a formal set of sources and methods of unauthorized access to them, it is possible to construct a formal model of the relationship of sources and methods at an acceptable level of abstraction at a qualitative level with a certain degree of conventionality.

Such a model could be called a generalized model of unauthorized access methods. Without going into the essence of each unauthorized access at a general level, it is clear that a significant part of them are applicable to such sources as people, ASOD technical means and documents.

Others, as if less used in terms of the number of sources covered, can in no way be classified as less dangerous. The degree of danger of penetration is determined not by the quantity, but by the damage caused. Thus, we have obtained a certain relationship between sources and possible methods of access to them. Now let us consider the essence and possible implementations of methods of unauthorized access.

2.1 Initiative cooperation.

Initiative cooperation is manifested in certain actions of persons who are dissatisfied with something or in dire need of means of subsistence from among those working at the enterprise or simply greedy and avaricious, ready for any illegal actions for the sake of profit.

There is a sad statistic that says that 25 percent of the company's employees are ready to betray the interests of the company at any time under any circumstances, 50 percent are ready to do this depending on the circumstances, and only 25 percent, being patriots, will never betray the interests of the company.

While people who do not work for the company need to overcome physical and technical obstacles to gain access to secrets, those who work for the company do not need to do this.

They already possess secret information or have the ability to steal it.

The French ambassador to Russia, insulted by Napoleon, said in his heart: — «How can he not understand that I possess all the secrets of his state and, being insulted by him, I can immediately betray him in order to take revenge for everything at once — for everything!»

The history of mankind has accumulated plenty of examples of proactive cooperation for political, moral or financial reasons, and simply for various reasons and motives.

Financial difficulties, political or scientific dissent, dissatisfaction with promotion, grievances from superiors and authorities, dissatisfaction with one's status and many other things push holders of confidential information to proactively cooperate with competitors and foreign intelligence services.

The presence of such a person in the production and management department allows the attacker to obtain important information about the state and activities of the enterprise. This is dangerous.

In «Business Security: You've Been 'Run Away'» (Moscow: Pravda 19.05.94) it is stated: «Is it possible to prevent criminal elements from penetrating a commercial structure, for example, a bank? » «The criminal elements are there from the very beginning. Therefore, it is simply not serious to say that it is possible to somehow prevent them from entering, to detain them.

It is not a bone-breaker with a knife who works, but maybe a simple girl whose friend is some authority figure or just a representative of the criminal world. She works normally, and «hands over» information, and then they come on a tip-off. But it is even more dangerous if such a person works in the company's security service.

B states: «When information about the true role of Philby (an intelligence officer) was made public in 1967, former CIA officer M., who knew him well,

Copeland stated: «This resulted in the entire extremely extensive effort of Western intelligence services from 1944 to 1951 being simply ineffective. It would have been better if we had done nothing at all.»

Depending on the category, i.e. the value of the source for the attacker, the relationship between the cooperating parties is built.

Obviously, communication with a high-ranking official will be carried out very rarely, secretly, in specially selected places, outwardly of a mundane nature, under increased surveillance and protection.

Information from such a person can be transmitted through front men, by anonymous telephone, by telegraph, by letter, by means of various conventions and even by technical means.

Communication with less valuable persons can be of a routine nature. In this case, the parties do not particularly care about their safety and often come to the attention of not only law enforcement agencies, but also their competitors.

2.2 Inducement to cooperate.

Inducement to cooperate is, as a rule, a violent act on the part of the attacker.

Inducement or recruitment can be carried out by bribery, intimidation, blackmail.

There are known cases when the bribe amounts exceed hundreds of thousands of rubles, and are used not only to carry out one-time actions, but also to create long-term positions for participants in criminal activities.

Bribery, when there is money, is the most direct and effective way to achieve goals, whether it is obtaining secret information, the necessary decision, or protecting the interests of those who bring gifts on the altar of state bureaucracy.

Bribery is a complex process that includes pure economic espionage.

First of all, the attacker finds out the ability of a particular official to promote selfish goals.

After that, his financial and family status, habits, inclinations, weaknesses inherent in both himself and his family members are established.

Then the necessary and, if any, compromising material is collected on his trusted persons, since they mainly act as intermediaries.

In other words, you need to know exactly who to give, how much and through whom. This requires long, painstaking work, because sensitive information is not given immediately.

That is why large corporations constantly collect all kinds of information about public and political figures, large shareholders and managers with the most intimate details and compromising materials.

Inducement to cooperate is implemented in the form of real threats, persecution, threats of explosion, arson of an apartment, office, warehouse, garage, car, etc.

Persecution is the provision of psychological influence, expressed in insults and the use of physical injuries, reprisals, destruction of things, property, abuse of minors, the elderly, helpless relatives or loved ones.

I dare to suggest that blackmail appeared at the dawn of mankind. And has been a tireless companion of civilization throughout History.

Blackmail for the purpose of obtaining a livelihood, benefits, political advantages in the struggle for power is practiced with ease and enviable consistency. In our «troubled» times, opportunities for blackmail simply hurt the soul, if no one uses them. Some competitors do not disdain racketeering.

In terms of the intensity of violence, this is one of the most aggressive types of activity, where behind seemingly peaceful visits and negotiations lies a willingness to act deliberately cruelly for the purpose of intimidation.

Practice contains many examples of open threats of violence, destruction of property, organization of provocations, kidnapping of people, damage and blocking of transport and premises, means of communication, actions of theft and destruction of documents and other criminal actions.

Very close to inclination is the luring of knowledgeable specialists of a competitor's company to one's own company, with the purpose of subsequently mastering their knowledge.

The history of competitive struggle is replete with examples of this kind.

2.3 Torture.

Prying (sniffing, interviewing) is the desire to obtain certain information under the guise of innocent questions.

By cleverly maneuvering the words that express questions, they try to fish out if not the whole truth, then at least a hint of it. John De Poram, being vice president of the company «General Motors», said: «it is customary for us to fish out information from competitors.»

Experience shows that this is an effective and fairly covert method of obtaining information, carried out through the entrepreneur's immediate circle (secretaries, assistants, drivers, etc.), as well as close relatives.

You can also extract information through false employment.

Such an attacker can write a statement, draw up documents, and during conversations establish what this or that department does, what professions the company is interested in, what the employee the company needs should know and be able to do. Although in fact he does not intend to get a job, refusing later under a plausible pretext.

Those who cannot be bribed or intimidated blab secrets to their partners. No matter how trivial the trick with a dummy woman is, with some preparation it always works.
In [21] the following example is given: «… And yet, additional measures to preserve the secrecy of the TU-95 aircraft have been developed.

The most effective were the repairs and reconstruction of all the eateries around the OKB, because, after having a couple of shots or a mug of beer, our employees sometimes let it slip. A stricter regime was introduced for travel on the road on the high right bank of the Moscow River, from where the airstrip of the base in Zhukovsky was clearly visible. All work on the aircraft was carried out from dawn until six in the morning, when the commuter trains began to operate and the flow of motor transport increased.

Prying out and eliciting information takes different forms. For example, creating false enterprises that widely offer work to specialists from competing firms. The goal is to find out the secrets of a competitor.

First, the circle of people of interest to the client is identified and clarified. The contents of the newspapers that the person of interest receives are clarified. After which an ad is placed in one of these newspapers: such and such a specialist is needed.

And then the terms of employment — a salary at least 2 — 3 times higher than that received by the person they are interested in. A bonus, benefits, tempting conditions, etc. are also offered. This turns out to be so attractive that it is rare for anyone not to fall into this trap.

The specialist fills out a questionnaire, meets with the future management and, wanting to show himself from the best side, not only what he does, but also what others do. After some time, he receives a polite «refusal», and remains to work at the old place.

2.4 Eavesdropping.

Eavesdropping is a method of conducting intelligence and industrial espionage, used by agents, observers, informants, special eavesdropping posts.

Eavesdropping is generally one of the most common ways of obtaining (getting) information.

In the interests of eavesdropping, intruders resort to a variety of tricks, use special people, employees, modern technology, various methods of using it to penetrate other people's secrets, without regard for either means or time.

Eavesdropping is tempting because it perceives acoustic information and human speech itself, with its features, coloring, intonations, a certain emotional load, often containing no less important moments than the actual direct content.

It should be added that the conversations being eavesdropped are perceived in real time and, to a certain extent, can allow certain decisions to be made in a timely manner.

The following eavesdropping methods are currently most actively used:

• eavesdropping on conversations indoors or in a car using pre-installed radio bugs or tape recorders;
• eavesdropping on telephone conversations, telex and fax lines, radio telephones and radio stations;
• remote retrieval of information from various technical means due to their side electromagnetic radiation and interference (interception). Methods of eavesdropping on telephone conversations are given in the appendix.

There are other methods of eavesdropping, such as laser irradiation of window panes in a room where «interesting» conversations are taking place.

Sometimes I use directed radio radiation, which will make a part of a TV, radio, telephone or other equipment «respond and speak».

But such techniques require specific conditions and are only implemented with fairly complex and expensive special equipment.

Eavesdropping can be carried out by direct perception of acoustic vibrations by the eavesdropper during direct perception of speech information, or by perception of sound vibrations coming through elements of buildings and premises: walls, floors, ceilings, door and window openings, ventilation ducts, heating systems, as well as through a wide variety of technical means.

For this purpose, various microphones of acoustic or contact perception of sound vibrations, radio microphones, also called radio bugs, laser eavesdropping devices, special methods of eavesdropping on telephone conversations and other methods and means are used.

Miniature and subminiature radio transmitters, camouflaged as various parts of clothing or furniture and household appliances, are widely used in foreign literature.

They can be wearable parts of a suit or permanently mounted in furniture, household appliances and elements of a room. An interesting example from domestic practice was given in the newspaper «Day» under the title «Whose ear was found under the desk of the editor-in-chief of «Day»?

On September 10, 1992, a mysterious object was discovered in the office of the editor-in-chief of Den.

Attached to the back of the telephone table, it resembled a pencil case and was discovered by accident when it was necessary to rearrange the telephones.

Frequent threats, promises to set fire to and blow up Den led to suspicions about the presence of an explosive device. When it was opened, it turned out to be a small listening device.

Who needed the content of the conversations in the editor-in-chief's office?
If it was the special services, then it's not so.

The device is made in a handicraft way, reminiscent of a product from the «Young Technician» club. So who? It remains a mystery.

Abroad, not only individual listening devices and radio bugs are manufactured and sold, but also entire listening systems that allow one to penetrate into the premises being bugged using special devices through walls, ceilings, ventilation and other openings, to receive, amplify, clean and record conversations secretly and with sufficient reliability and clarity.

As an example, let us consider the RK-935 professional acoustic listening device. The set contains various microphones with which one can perform various operations, as well as a special amplifier for amplifying weak signals and a cassette tape recorder for recording conversations.

The set includes:

1. RK-915. Contact microphone for listening through a wall, door, ceiling, etc.
2. RK-795. Microphone in a wristwatch with a miniature stereo tape recorder RK-1985.
3. RK-900. Subminiature electret microphone with a 50-meter cable.
4. RK-905. Three microphones in the form of a wall nail of different lengths — 150, 300 and 400 mm. These microphones are inserted into the adjacent room through a 2 mm diameter hole in the wall (Fig. 3).

The kit is mounted in an attaché case, weight — 3 kg. The case also contains an amplifier with headphones. Power — from batteries or the network.

Hunters for other people's secrets often use narrow-beam microphones to eavesdrop on conversations at a distance, in open spaces or in public places: a bar, restaurant, etc. Other means and methods of eavesdropping are also used.

2.5 Surveillance.

Surveillance is a method of conducting reconnaissance on the state and activities of the enemy. It is carried out visually and with the help of optical devices.

«To see— means to distinguish between enemy and friend and the surroundings in all details…» — wrote the famous physicist S.N. Vavilov.

Since time immemorial, man has coordinated his actions with observation: he examines the terrain and the objects and items located on it, notices the changes that occur in the observed space and makes decisions. He observes people, their movements on foot and in transport.

Monitors meetings, premises and other activities. During the day, the monitoring process is facilitated by high levels of illumination and full use of the functional capabilities of vision. At night, these capabilities are so limited that a person, even in open areas, is only able to observe large objects.
In order to detect an object, it is necessary to search for it.

Search is a process of surveying space by means of visual or technical observation with the purpose of detecting some object, which is the object (better — the subject) of the search. Depending on the situation, the search can be carried out on the assumption that the object is in the search area, or there is more specific data about its location.

In search of an object is defined as the result of solving three problems: detection, when the observer selects the object of his interests from the mass of objects on the ground; recognition, when the observer can name the object and can identify it by large details; culmination, identification, when the observer, distinguishing individual small details, can distinguish this object from others in his field of vision.

Observation is a constant or selective purposeful and active study of objects, phenomena or people in natural conditions or with the help of technical means, followed by generalization and analysis of observation data.

Observations differ in type, duration, intensity and goals.

In addition, surveillance can be one-time, selective, periodic, permanent, long-term, etc.

Surveillance can be carried out on stationary (stationary) objects from stationary positions or mobile surveillance and on moving objects: people, technical means (cars, trains, airplanes, ships, etc. vehicles).

Surveillance can be carried out at a line-of-sight distance and at long distances using special optical systems and television systems.
Stationary surveillance is used to monitor a specific area, buildings, businesses, objects, and people that are not moving. This technique is most suitable for monitoring companies, stores, and offices.

With stationary surveillance, it is possible to take photographs with either still or movie cameras, as well as record on videotape. Stationary surveillance can be carried out by one person, a group of people, one after the other, or simultaneously, depending on the characteristics of the object and the goals.

Observers are located in places where their long-term presence is understandable.

These can be car parks, cafes, restaurants, shops, individual apartments, official representative offices, etc.

If an observer may arouse suspicion, he is replaced by nearby, out of sight, fellow observers.

When mobile observation is required, three to five people are usually used.

Surveillance is always conducted in such a way that there is always one observer in the immediate vicinity.

In addition to observation and surveillance, his task includes the obligation to lead everyone else behind him, to keep them in touch using various means: gestures, body positions, hands, actions, simply radio communication.

As a result of observation, one can obtain very valuable information about the object of confidential interests.

Thus, knowing certain signs characteristic of the activity of a particular object, the persons conducting the observation record them, evaluate them from the point of view of usefulness and draw the appropriate conclusions.

Targeted study by observation allows, for example, to detect or establish the preparation of certain organizational or industrial commercial events.

The observation process itself is very complex, since it requires significant expenditure of effort and resources.

Therefore, observation, as a rule, is carried out purposefully, at a certain time, in the right place, by specially trained persons, and is carried out covertly.

Technical means of observation include:

• binoculars, spotting scopes, stereoscopic telescopes and other visual observation systems under normal lighting conditions within a certain visibility range;
• long-range television observation systems; — infrared systems and night vision devices for conditions of limited visibility or for night conditions.

For surveillance, these technical means can be used both in a household version, purchased in regular stores (they are less attractive due to their ordinariness), and in a special criminal version (binoculars with a built-in camera, hidden television cameras, etc.)

Systems of covert visual surveillance from a car are used. For example, the RK-1780 system allows surveillance using optics built into a car antenna. The lens has a diameter of 5 mm.

The lens is connected to the interior via a fiber-optic cable, the lens can rotate in azimuth, has a viewing angle of 70o, and a focal length of 3 m to infinity.

A photo or movie camera can be connected (attached) to the fiber-optic system.

Special systems are also used to monitor rooms without directly entering them.

Thus, the RK-1715 type surveillance system, which has a fiber-optic cable from 0.9 to 1.8 meters long, allows surveillance in particularly difficult conditions through ventilation shafts, false ceilings, cable and heating inputs, etc. walk-through systems.

The system viewing angle is 65o; focusing is from 10 mm to infinity. It works in low light. It can be interfaced with photographic equipment.

With a focal length of 10 mm, you can read and photograph the text of documents, calendar entries, and other materials.

A special place in surveillance is given to television. Television is a method of visual surveillance at a distance.

The main purpose of television systems is to form an image of observed objects in real time, usually at a considerable distance from them.

Television cameras for confidential use can be disguised or camouflaged as various objects.

In particular, there are known television cameras whose lenses are mounted in automobile lighting devices (headlights, sidelights), automobile antennas, and even the waist belts of a human observer. Thus, the RK-5110 television camera is made in a standard leather waist belt. Weight — 180 g.

Power supply — 12 V.

Field of view — 55°. Resolution — 525 lines. The camera is interfaced with the RK-1910 television transmitter. Dimensions are 125x65x22 mm. Weight — 170 g. Power supply — 12 V. Works at gigahertz frequencies.

Has a specially designed antenna. All equipment is made in a body-worn version.

In recent years, low-level lighting television systems (LLTV) have been widely used.

The development of highly sensitive tubes for transmitting cameras using image intensifiers has opened up a new direction in night vision technology.

This has made it possible to use television cameras for observation in the dark.

Such cameras, equipped with highly sensitive vidicons, can detect a person in full growth at a distance of up to 800 m in complete darkness. The cameras operate in an illumination range of 10 5 — 10 -4 lux and even 10 -6.
The development and use of night vision devices has made it possible to achieve significant results in their miniaturization.

The best confirmation of this is the RK-1245 night vision goggles. Weight — 980 g.

Power supply — battery.

The duration of continuous operation from one battery is 20 hours.

With such glasses, an intruder can penetrate into the territory, into the premises in absolute darkness and perform actions without using lighting — without revealing himself.
Technical means allow for surveillance of mobile vehicles.

To monitor the route of vehicles, radio beacons are installed in them, allowing surveillance teams to determine the approach to or the distance from them of the observed vehicle or, using direction-finding devices, to determine the location with a certain degree of accuracy.

Such radio beacons are activated when the vehicle ignition is turned on, thereby reporting the start of movement of the observed vehicle.

Surveillance, as a method of obtaining information, is an effective means of obtaining it and is still widely used, if only because it is equipped with the latest technical means.

2.6 Theft.

Theft is the intentional illegal seizure of someone else's property, funds, documents, materials, information.

In a market economy, this illegal method is widely used by criminals both for personal enrichment (stealing money, valuables, expensive property and equipment) and for obtaining commercial secrets related to the production and sale of consumer goods. Naturally, the acquisition of information by theft is carried out covertly (secretly) from others.

Often, theft is conditioned by certain conditions that are convenient for it. In [12] it is indicated that:

• 10% of people never steal, because it is incompatible with their morality;
• 10% of people steal at every opportunity, under any circumstances;
• 80% of people are usually honest, except when they have an opportunity to steal.

This theory is true in our conditions, because the laws of psychology are universal.
They steal everything that is lying around.

Here is one example of our reality. «A signal batch of CDs of the new album of the singer Valeria arrived from London to «Sheremetyevo — 2» to the address of JSC «International Market».

But at the customs warehouse, the packages with the compact discs were opened and some of them were stolen.

According to experts, the compact discs are entering the Russian «pirate market», «International Book» will suffer material losses. (Vechernyaya Moskva. «Symphony Stolen»).

People are also being stolen.

Kidnapping is the secret, violent, and unwilling removal of an individual from their usual environment to a place where their rights and freedom are illegally and significantly restricted. It is often carried out with the aim of taking possession of property, money, or documents.

The management of the American company Cast Equipment in Cleveland noticed that the firm's orders had dropped sharply. They hired private detectives, because they felt that something was fishy.

The Pinkertons discovered that former employees, when they were fired, had taken (stole) secret commercial and technical documentation with them and started their own businesses.
Thefts pose a particular danger to automated information processing systems.

Thus, in [6] “a programmer at one of the computer centers that serviced banks created a program for calculating interest on deposits in such a way that the calculated amount was rounded down to 10 cents, i.e. practically unnoticeable for the most fastidious depositor.

The difference between the actual and rounded amounts was added to the programmer's current account by the program. By the time of exposure, the amount of the deposit created in this way was approaching $1 million.

Theft of software for the purpose of using it for one's own interests has become widespread.

According to American experts, these thefts have taken on the character of an epidemic: for every legal copy of software that is widely distributed, there are at least four copies (and, according to some sources, 10 or more) obtained illegally.

In March 1987, Reuters reported that $260 million had disappeared without a trace from the accounts of the Volkswagen automobile company.

These examples confirm the scale of the thefts.

Moreover, «electronic robbery» has recently acquired an organized form: «hackers» (electronic robbers) in Germany are already publishing their own magazines and books (for example, DAS HACKER HACKBUCH — 1985), in which they openly exchange experiences of unauthorized penetration into computer networks.

They steal documents, they steal products, they steal diskettes, they steal keys and codes for secret safes and storage facilities, they steal passwords and codes, etc., etc.

Showing a huge interest in space technology and the technology of its manufacture in Russia, the American space agency «… intended to steal some of this…» a few years ago.

This fact confirms that theft is carried out at any level, right up to the state level.

2.7 Copying.

Encyclopedic definition of a copy — (from Latin copia — set) — exact reproduction, repetition of something, repetition of the original.
In the practice of criminal actions, they copy documents containing information of interest to the attacker; copy technical media; copy information processed in the ASOD; copy manufactured products.

Copying documents for various purposes — is the process of making copies from originals.

The following methods of copying are widely used in some documents: light copying, photocopying, thermal copying, electrophotographic (xero) and electronic copying.

A statement by one of the employees of General Motors is quoted: «When I worked at Chevrolet,» he says, «one of our employees came to me with a copy of the complete Ford marketing program for the following year, who assured me that these copies were distributed throughout the corporation.

I was surprised, but later I learned that it is customary for us to obtain information about competitors.

The second example: one of the employees of the confectionery company «Zuhard Tabler» made copies of some recipes and tried to sell them to several foreign embassies.

The director of the company commented on this fact as follows: «You can steal a recipe, but you can't steal the vast experience that is needed to prepare the product.»

In terms of technical media, the following methods of copying diskettes are considered.

«The main feature by which all methods of copying diskettes can be divided into three groups is the method of obtaining information about the parameters of the diskette format.

Copying diskettes with a certain logical structure consists of sequentially reading sectors from the original diskette and then writing them to the copy diskette.

The objects of copying in the ASOD are software tools and confidential information (data).

The company «Encyclopedia Britannica» has filed a criminal case against three operators of its computers, accusing them of copying the names of about 3 million of its most «valuable» customers from magnetic media and selling them to an outsider.

In ASOD, not only programs and data are copied, but also information issued to display devices for individual and collective use, processed and issued in real time.

According to Swiss experts, annual losses associated with theft of information, improper use of computers and malfunctions in their operation amount to about 60 billion dollars in Western European countries.

According to their forecasts, 9.8% of this damage is a consequence not so much of direct robberies as of information espionage.

2.8 Counterfeiting (modification, falsification).

In a competitive environment, counterfeiting, modification and imitation are becoming increasingly widespread.

They forge trust documents that allow them to obtain certain information; they forge letters, invoices, accounting and financial documentation; they forge keys, passes, passwords, codes, products, etc.

It is known that even a minor modification of programs in the ASOD can provide an intruder with the opportunity to obtain confidential information without authorization.

Using forged documents, it is possible to obtain not only sums of money, but also products, elements, and materials that are of commercial interest to the attacker.

An unprecedented case of falsification and fabrication of documents designed to compromise representatives of the highest Soviet command by fascist intelligence, which led to the decapitation of the Red Army in the 1930s.

Counterfeiting products can cause enormous material damage.

Counterfeiting sometimes imitates genuine products so well that it is often difficult even for specialists to determine where the counterfeit is and where the original is.

The fact is that underground companies are setting up production of counterfeits using the same technology, using the same components as a world-famous company.

The underground production is started by spies who steal not only secrets, but also obtain the most important components and units of products using forged documents.

Forgery is used to impersonate another user in order to absolve oneself of responsibility or to use their authority to generate false information (disinformation), to use a false identity document to obtain authorized access to protected information, not only in direct communication, but also in communication in communication systems and ASOD.

In ASOD, the problem of forgery also includes, in particular, such malicious actions as falsification — the subscriber-recipient forges the received message, passing it off as real in his own interests; disguise — the subscriber-sender disguises himself as another subscriber in order for him to receive protected information.

No less dangerous in matters of counterfeiting are computer viruses, capable of maliciously modifying programs that cause certain damage to an enterprise in its commercial activities.

2.9 Destruction of information.

In terms of information, its destruction in ASOD, in which huge volumes of information of various types are accumulated on technical media, many of which are very difficult to produce in the form of non-machine analogues, poses a particular danger.

In addition, ASOD contains information of various purposes and different affiliations in integrated databases.

Employees of the SDS company penetrated the computer center for the production of chemical products and destroyed data on magnetic tapes using compact magnets, causing damage to the company in the amount of 100 thousand dollars.

Information is also destroyed programmatically.

For this, a special group of viruses is used, called a «logical bomb».

These viruses destroy information depending on certain logical and time conditions.

Thus, in the Israeli scientific and pedagogical center in Haifa, when trying to work with two diskettes, the programs recorded on them, the development of which took 7,000 hours and 15 thousand dollars, instantly self-destructed.

Effective means of destroying sources of information and even objects of confidential interests end up in criminal hands. Plastic bombs, portable hand grenades, various direct-action and remote-controlled explosive devices that allow criminal plans to be carried out. People, documents, processing equipment, and products are all destroyed.

The use of destruction tools can be both secret (mining with a triggering time or by a control signal) and open.

There is a known case of using a hand-held army grenade launcher in the daytime in a free open space to destroy a competing company.

On Kutuzovsky Prospekt in Moscow, a shot was fired at the windows of a certain Gritsenko's firm.

Due to inexperience, the attacker missed the windows, but the wall gap between the windows. The explosion did not cause serious damage.

It is not excluded that the postal channel was used to deliver «postal surprises». The secretary of the military attaché of the British Embassy in Washington was maimed by the explosion of a bomb sent in a postal parcel.

Security systems, communications systems, automated processing systems, information protection systems, etc. are subject to destruction.

Crimes related to damage to or modification of production process technology and automated processing are widespread. Destruction can be committed by arson, simulating a fire.

It is possible to disable fire protection and alarm systems.

Sabotage, explosions, destruction, and disabling of connecting cables and air conditioning systems occupy a significant place among crimes against ASOD.

Not only documents, programs, material assets, buildings, premises, but also people are destroyed. The elimination of dangerous entities for one reason or another finds a certain place in the activities of various special services.

In his memoirs about the activities of the KGB of the USSR, V.V. Bakatin writes that «… The PGU no longer sent its employees abroad with the aim of eliminating some “enemy of Soviet power” or Soviet ambassador, or eliminating a prominent dissident.