Big bill revealed for Saanich spying software

Saanich The installation and use of employee monitoring software at Saanich municipal hall could cost the municipality at least $30,000 in 2015, thanks to licensing and maintenance agreements that were confirmed before B.C.’s privacy commissioner launched an investigation into the District’s practices earlier this year.

Emails released Monday through a freedom of information request show Saanich’s Information Technology department underwent training on Nov. 24, 2014 and installed Spector 360 – which is capable of capturing keystrokes as well as continuous screen images of employee activity – on an unknown number of computers at a cost of $1,992.

Two invoices dated Jan. 14, 2015 reveal Saanich was given the option of paying another $29,250 for further licencing and one year of maintenance, or $43,992 for licencing and three years of maintenance by SpectorSoft Corporation, which sells Spector 360. The software had been monitoring activity on several municipal computers until Jan. 20, when the B.C. Privacy Commissioner Elizabeth Denham launched an investigation into its use.

The FOI response also reveals Laura Ciarniello, Saanich’s director of corporate services, sent an email on Dec. 2 to IT manager Forrest Kvemshagen approving the software installation. Mayor Richard Atwell and council were sworn in on Dec. 1.

“I approve of this program and the machines that it has been installed on,” Ciarniello wrote in the email to Kvemshagen. “I have spoken with the Directors and Paul about this and I left it with (former CAO) Paul (Murray) to discuss with [redacted] and [redacted] or not.”

Murray was on vacation leave on Dec. 2 and left the municipality on Dec. 16 with a $468,000 payout. Ciarniello was on vacation Monday and was unavailable for comment.

Mayor Richard Atwell went public about his concerns over the “spyware” on Jan. 12 and said Spector 360 had been installed on his computer and several other computers without his knowledge or consent.

Atwell told the News on Monday that he will wait for the privacy commissioner’s report before commenting on the FOI revelations.

“I will be more than happy to comment when the OIPC releases its findings,” Atwell said.

Interim CAO Andy Laidlaw said the District provided all necessary information to Denham on its use of Spector 360 and will wait to respond to the recommendations in her report.


Recommend

SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

 

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download

 

Reference: http://www.saanichnews.com/

Sony hack: sacked employees could be to blame, researchers claim

Exchanges in secretive web forums point to former employees with a grudge, researchers claim, and could explain how hackers knew how to navigate Sony’s systems.

Sony billboard

Sony cancelled the release of the Interview in major cinemas, believing it had been hacked by North Korea in retaliation for the film’s depiction of its leader Kim Jong-un being assasinated Photograph: Veronique Dupont/Getty

Security experts investigating the devastating hack against Sony Pictures appear to be moving away from the theory that the attack was carried out by North Korea, focusing instead on disgruntled former employees of the firm.

Researchers at Norse cybersecurity claim that six former employees could have compromised the company’s networks, arguing that accessing and navigating selective information would take a detailed knowledge of Sony’s systems.

Norse is not part of the official FBI investigation, but did brief the government on Monday, the company said. Though noting that the findings are “hardly conclusive”, Norse senior vice president Kurt Stammberger told the Security Ledger that nine researchers had begun to explore the theory that an insider with motive against Sony would be best placed to execute a hack.

The team had started by examining a leaked database of employees made redundant during a a restructuring in May.

Of six people Norse claim had involvement with the hack, one was a former staffer made redundant in May after 10 years at the firm. She had a very technical background and had used social media to berate the company after losing her job, it is claimed.

Working with pro-piracy activists in the US, Asia and Europe, she may have used secretive discussion forums and IRC (chat) to coordinate the attack, researchers claim.

“We see evidence for those two groups of people getting together,” Stammberger said.

Meanwhile, FBI investigators are exploring whether hackers outside North Korea were hired for the attack, a source told Reuters on Monday. North Korea lacks some of the capability required to carry out the attack, the agency believes, so may have contracted out some of the work.

The development indicates that the FBI may be shifting from its previous official position, which stated that “the FBI now has enough information to conclude that the North Korean government is responsible for these actions”, while US president Barack Obama described it as “an act of cybervandalism”. North Korea has denied any involvement.

However, the FBI’s statement has been met with scepticism by the security community who have pointed to inconsistencies and conflicting evidence in the case against North Korea.

Marc Rogers, head of security for Defcon, said that the malware used in the hack would have required extensive knowledge of Sony’s systems. “While it’s plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occam’s razor suggests the simpler explanation of an insider, “ he wrote. “It also fits with the pure revenge tact that this started out as.” Read More