UK: SECRETARIES WITH SKILLS IN SABOTAGE.
new bill promises email tapping
from The Guardian 17/04/2000
City of London police are warning companies to be on their guard against workers out to destroy their systems. And the most likely suspects? Admin staff. Kate Hilpern reports
Take heed: saboteur secretaries are on the loose. You could be sitting next to one right now. Dressed smartly, hair neatly glossed, fantastic typing speed saboteur secs sport the uniform of any office worker. But as you get on with your daily routine, the quiet revolutionary next door could be rapidly destroying part of your company's computer system all without a trace of evidence. Sound over the top? Police in the City of London don't think so.
Still stinging after the violence of last June's anti-capitalist riots in the City, police are taking seriously the threat of sabotage from anarchists who may try to infiltrate big companies to coincide with this year's protests, planned for May 1.
Last week, they issued a warning to companies in the country's financial heart to be on their guard against temporary workers who may come to work with a hidden agenda. 'We are aware that a number of events are being planned for the May bank holiday weekend,' admits a spokesperson from the Metropolitan Police, adding that they are merely taking precautionary measures to avoid a repeat of last year's protest, in which rioters brought terror to the financial district and caused £2m of damage. Whether or not the police are being over-cautious, their concern highlights the ease with which determined saboteurs could access the vulnerable and vastly expensive systems of a major corporation.
Posing as temps, they would target jobs only in the Square Mile in firms with which they had an axe to grind. Once past security who, like everyone else, believe the temp is there to do some extra filing he or she could place a tiny file on a computer system, finish the temporary job, and vanish. At a specified time, hackers would then be able to dial in from anywhere in the world and use the file to open the system to attacks. Alternatively, the saboteur could leave programmes that would go into action automatically, crashing the system at a specific time and date.
Secretarial posts are a better option than IT roles, the anarchists believe, because they cause less suspicion and have a higher turnover of staff. It may also make it easier to win the trust of sympathetic permanent staff, who may offer to give them a helping hand. Alternatively, determined infiltrators could help rioting associates outside by leaving doors open, allowing them to storm company headquarters.
One of the main problems for law-enforcers is that few individual members of anti-capitalist groups are known to them. It is almost excusable when you consider that even the City of London commissioner claimed last year that 'they reveal a level of sophistication and planning not seen before'. Some of those posing as temps even carry the FT with them at all times to ensure they look the part. The fact that some on-line recruitment companies supply temporary workers without having conducted personal interviews is also making the path for saboteur support staff more tempting than it might otherwise have been.
You simply send a CV into cyberspace and hey presto, you've got the City post you're after. But the recruitment establishment is far from toothless in confronting the threat from people who are not who they claim to be. Recruitment consultants specialising in City appointments and employers themselves are beginning to recognise their vulnerability to a determined criminal, and have introduced tighter selection methods. Step into Jonathan Wren, for instance, and you'll find your references may be checked for up to 10 years.
'If there's a gap in employment, we'll want to know why and we'll check it out,' says Philip Ayling, associate director. Some employers have even resorted to lie-detecting methods though not yet using electrodes strapped to the body. Instead, increasingly numbers of employers use psychologists and psychometric testing to wean out individuals who may be suspect. According to Dr Richard Wiseman, a specialist in lie-detection at Hertfordshire University, observing leg and arm movements is particularly effective.
When movement is exaggerated, there's a good chance the candidate is fibbing. 'Another giveaway is the extent to which hands are used to touch body and face,' he says. 'We tend to touch ourselves more when we are lying. It's almost as if we are trying to appear sincere by pointing to ourselves more and saying, 'Would I lie to you?" Of course, it is not only anti-capitalist and anarchist elements that employers are on their guard against. The risk of industrial sabotage and fraud is increasing, and computer systems need to be made ever more complex to beat talented computer fraudsters.
These people can steal millions of pounds, destroy the evidence by vandalising the computer system, and then hand in their notice and disappear. In addition, what has been dubbed 'work rage' drives many to plant 'computer bombs' that can cripple an employer's entire IT network. A recent study published by the American society of industrial security found that vengeful employees are now the biggest security worry for 90% of US bosses.
And while less research has been carried out in the UK, anecdotal evidence confirms we're catching up fast. Increased short-term contracts, job insecurity and a feeling of being undervalued are largely to blame, believes organisational psychologist, Andrew Ellis. 'At best, this will mean staff are not prepared to give their job their all, or work overtime when needed. At worst, it could mean demolishing computer systems.' After all, says Professor Cary Cooper, organisational psychologist at the University of Manchester Institute of Science and Technology, sabotaging IT systems is the easiest and most anonymous way of getting back at an employer.
'A single person can create enormous amounts of damage by removing material from a computer system or infecting documents with a virus.' A spokesperson from the investigatory division of Capital Group, one of the UK's largest security specialists explains, 'People think of cyber attackers as nerdy teenagers but most is done against business by junior employees and sub-contractors.' That's why, he believes, employer surveillance reminiscent of Big Brother is becoming a normal part of working life.
Not only are passwords, restricted access and back-up systems becoming common, but you are more likely than ever to spot a camera lens on the wall. You may also find that you're subjected to 'cyber snooping'. A recent survey by NOP has indicated that more than 59% of UK employees suspect that their bosses monitors their emails.
According to Anthony Benson, who calls himself an 'intelligence operative', fast increasing numbers of companies are hiring people such as him to pin down today's computer crooks.
You could be forgiven for thinking this private eye's life resembles a James Bond film he admits to using phone-tapping, hidden cameras, computer keyboards that monitor the activity of the person operating them, and thermal imaging equipment.
'Sometimes I have to have a crash course on a particular company and job, then pretend to be a new employee. I befriend the suspect and find out if they're up to anything. If they are, I get proof.' The irony is that anyone can set up shop as a private investigator. Even a someone who has been convicted of, say, anti-capitalist activity can walk out of jail and place an ad offering such services.
But maybe that's just being paranoid ...