Defense Department Report Warns Of RFID-Enabled Spy Coins
James Bond would be impressed by these Canadian coins.
Money talks, particularly to spies. A recent report issued by the Defense Security Service, part of the U.S. Department of Defense, warns that RFID-enabled Canadian coins have been found on the persons of three defense contractors with security clearance.
Martha Deutscher, spokesperson for Defense Security Service, expressed surprise that there was so much interest in the report, "because it's just one tiny little paragraph. There's an appendix in the publication of recent cases and it describes seven scenarios, ways that individuals try to collect classified information.
"One of those paragraphs says, 'On at least three separate occasions between October 2005 and January 2006, cleared defense contractors' employees traveling through Canada have discovered radio frequency transmitters embedded in Canadian coins placed on their persons," Deutscher says.
The report then goes on to talk about other intelligence collection trends, not all of which involve James Bond-style technology. Reading from the report, Deutscher says, "There's one, 'a female foreign national seduced an American male translator to give her his password in order to log onto an unclassified network. Upon discovery of the security breach, a computer audit revealed foreign intelligence service viruses throughout the system.'"
There's some question as to whether these "spy coins" represent a real threat. A report today in Canada's Globe and Mail says that defense contractors had been given "certain special-issue Canadian coins" and that these had prompted an investigation, but the investigators "found no evidence of any secret transmitters, or of any other tampering." The article said it had no explanation for why this conclusion was not reflected in the Defense Security Service report.
In a message sent to computer science professor David Farber's Interesting People mailing list today, Canadian technology strategist and market analyst Michael Slavitch said that certain Canadian coins could be modified without too much difficulty because they're cast from two kinds of metal.
"The bi-metallic Canadian $2 coin normally bears an image of a polar bear in the center section that can be popped out with some effort," Slavitch said in his e-mail. "Early coins popped out simply by heating on a cast-iron skillet as they contained dissimilar metals. The core of the coin could be easily replaced with a fabricated metal RFID device, and to someone unfamiliar with the coins it would have the same look and feel, especially if the false coin was fabricated to match a special edition as any flaws in weight and design would be ignored as a part and parcel of the special edition."
If, indeed, such schemes reflect real efforts to track the comings and goings of defense contractors, they reveal not only the ease with which advanced technology can be used for covert surveillance, but also the presumption that defense contractors are tightwads. It would hardly make sense to plant spy coins on big spenders, after all.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.