This Friday, I’ll be presenting a weird presentation at BSides Detroit. It’s titled “Corporate Intelligence: Lisbeth Salandar vs James Bond” and it’s on a subject that has been stuck in my head for a while. It’s a talk about corporate spying, competitive intelligence, industrial espionage — the type of thing where people are stealing information from one group, and selling it to another. As is the case with most of my presentations, it has little to do with what I do for work, and more to do with play.
In short, it’s going to be an anti-anti-corporate espionage training course where instead of learning of ways to protect yourself from being spied upon, you’ll learn all the tactics that spies are using and how to become one yourself. I’ll cover something called the Intelligence Lifecycle (that oddly enough a few other people have picked up on) and the Principal Motivators of Betrayal that shows how you can often convince people to become a spy for you. I’ve also created a little Android application that I wrote when I started playing these spy games.
Usually, when someone says “intel” they mean OSINT because there’s no way someone is going to spend the time trying to establish a human source of intel and no one wants to actually do something illegal like the tactics employed in technical intel gathering. OSINT, although referenced in the talk, is becoming somewhat of a tired subject. Not because I am an expert but because there’s nothing really new or novel about the way we use open sources of information. There is a lot of research about collection and very little about analysis so usually the output of most of the tools out there now is just downloading information online which results in a gigantic, unusable, pile of bloody data. I submitted a talk to Defcon Skytalks that goes into this subject even more (fingers crossed), but this talk, is more me laying the baseline to expand upon the idea of what we think of as “intel” to other sources of intelligence and see what kind of discussion it generates.
The presentation is something I started while in Mexico reading The Grey Line. I moved on to other good books like Ira Winkler’s “Corporate Espionage” and “The Quiet Threat” by Ronald L. Mendell. The full reading list is below if you’re interested.
The Quiet Threat, Ronald L. Mendell
Countering Industrial Espionage, Peter Heiims
Industrial Espionage: Intelligence Techniques and Countermeasures, Norman R Bottom, Jr., Robert R. J. Gallati
**UPDATE: 6/8/2013 a version of my slide deck