• United States



by David Geer

Beware of hot foreign spies who want to steal your data

Feb 12, 20156 mins
Data and Information Security

It’s no exaggeration that sex buys intellectual property, trade secrets, customer data, and any information or network access of value.

“We’re probably looking at a 300-percent increase in cases involving hot foreign spies, sex, and dating in the last year over the previous year,” says T. Casey Fleming, CEO, BLACKOPS Partners Corporation, a management consulting company on security to the Fortune 500.

That 300-percent represents 20-cases in total, accounting for only the smallest fraction of the estimated thousands of cases that go undiscovered each year, says Fleming. “Of the 20 cases we saw in the past year, the three largest represented many billions of dollars in stolen innovation and trade secrets,” says Fleming.

If you agree it’s high time to clip the high cost of foreign spies, follow CSO under cover and learn the tools and methods these culprits use to bait and hook high-value employees and bleed your organization dry of data. With help from information soldiers who protect corporate assets on the front lines of data theft, you’ll learn offensive techniques to thwart their alluring approaches.

The Targets

Foreign spies target companies with treasured trade secrets, some in the UK and more in the US. The activity spans all industries. “Most recently the attacks have been specifically against the technology, finance, healthcare, energy, and defense industries,” says Fleming.

People targeted include sysadmins, executives, and really anyone with a lot of data access. “If you’re important enough for your organization to pay to fly you around the globe for meetings and put you up in hotels, then you definitely have enough data access for hot foreign spies to target you,” says Fleming.

About 50-percent of the hot foreign spy activity BLACKOPS Partners Corporation sees is opportunistic and 50-percent is targeted (stalking) activity, according to Fleming. “Hot foreign spies will frequent a bar or restaurant near a target company, connect with people and once they find someone who is a high value target at the company, they go deeper,” says Fleming. Otherwise they stalk specific executives and sysadmins they find on social media who have lots of inside access in the organization.

[ 7 of the most famous spies ]

These seductive information hounds lay in wait at dating sites and coffee shops as well as hotel bars and restaurants where they use honeypot schemes to involve their victims in dating and sexual relationships before blackmailing and extorting them for access to corporate secrets, according to Fleming. “They use blackmail, threatening to tell their company and spouse about the affair if they don’t cooperate,” says Fleming.

“Sites we’ve uncovered as sources of attacks by hot foreign spies over the past 12 months include, Zoosk, Ashley Madison, LinkedIn, Facebook, Tinder,,” says Fleming. Spies connect with employees who are looking for fun and excitement, dates, affairs, and even escorts.

Actual cases of foreign spies

In one case where BLACKOPS Partners Corporation consulted, a female spy used a honeypot scheme on an executive who worked at a Fortune 100 financial services company who had a profile on LinkedIn. “She targeted the guy on LinkedIn because of his name and title. She stalked him, looked up his home address, connected with him in a bar, took information off his laptop and cell phone, and eventually stole his laptop and cell phone,” says Fleming.

[ How corporate spies access your company’s secrets ]

This sexy seductress stole customer information including many records with personal identifiable information. She was able to use his access to retrieve the passwords for many other domains and servers. “They had free access inside the company for about a year,” says Fleming.

In an earlier case that BLACKOPS Partners Corporation did not handle, a private defense contractor to the US Navy in Hawaii shared top secret military data with his much younger Chinese girlfriend who turned out to be a foreign spy.

The woman ran a honeypot scheme on contractor Benjamin Bishop, which led to the revelation of the Navy information. Once he was caught up in the affair, she told him that he must continue to spy for her or she would tell his wife and the Navy about the whole thing.

Mitigating foreign spies

To mitigate foreign spies, first train and certify all executives, employees, suppliers, and contractors using intelligence-based, multimedia, and role playing trainings, says Fleming. Intelligence-based training comes from using an intelligence engine that produces the kinds of vulnerabilities and threats that are happening right now so you can train people on what they will actually face out there today, not on something that was a threat three years ago.

T. Casey Fleming, CEO, BLACKOPS Partners Corporation

Through role-playing and simulations you can engage people in enactments of the scenarios they will experience. This will help them to absorb the training in a more personal way. “Keep it light. Keep it entertaining. Everybody hates to go to their annual security refresher briefing. It’s dry. Bring in some fresh talent to drive the message home,” says Tony Rucci, Founder, Root Technology.

“Case studies are a great training tool because people love to hear about someone else’s failure,” says Rucci. They can learn from what someone else did wrong. They may realize that perhaps they are already making the same mistakes and correct them rather than wait and have the finger pointed at them.

Develop ways to reward the discovery of weaknesses, says Fleming.

“You need to reward people for finding weaknesses and vulnerabilities,” says Fleming. That way you can fix them before an adversary uses them against you. “Give bonuses to the people who find the most vulnerabilities. Give the one who finds the most vulnerabilities in a year a paid vacation trip,” says Fleming.

[ International Spy Lingo ]

Use two- and three- factor authentication. “The industry standard is 15 characters, uppercase, lowercase, and special characters for passwords. Two-token authentication is critical for thwarting unauthorized access,” says Rucci. IT people and anyone with access across the company should always use two- or three- factor authentication.

Hot foreign spies are real and certainly not rare. If you’re looking for fiction, read James Bond novels. If you’re looking for truth that’s stranger and more perilous, learn to recognize the ploys of these foreign agents and you may just find it.