Customer Reviews

Corporate Espionage: What It Is, Why It's Happening in Your Company, What You Must Do About It

5 star:		(7)
4 star:		(2)
3 star:		(1)
2 star:		(1)
1 star:		(1)

 

 

Ira Winkler does a superb job in illustrating methods of collecting 'business intelligence' on companies through the exploitation of basic human weaknesses and technical vulnerabilities. While some of the technical information contained within is now outdated, much of it is still relevant... not to mention the social engineering tactics covered.

The structure of "Corporate Espionage" is ideal, with Winkler discussing espionage concepts, followed by case studies and countermeasures. It almost reads like a manual, and an effective one at that. Winkler worked at NSA for 10 years ---where paranoia is a way of life--- so it is no surprise that he is good at what he does, and that he takes a very methodical approach to handling security issues.

As the current Director of Technology for the National Computer Security Asociation and a former NSA agent (10+ years), Ira Winkler is 'the' individual to address this topic. According to resources such as the FBI, industrial espionage costs US corporations between 24 and 100 billion dollars every year.

This book divided into three sections.

Part one discusses basic espionage concepts and your companay's 'risk equation.' Spies don't care about the form in which the information they seek comes. It can be from a computer, formal or draft documents, scrap paper or internal correspondence. Aside from domestic spies, there are an estimated 100+ nations that are currently engaging in espionage against US companies. Risk level is determined by Threat x Vulnerability x Value / Countermeasures.

Part two contains case studies to show how a breach occurs. One study concerns William Geade and how he stole over a billion dollars worth of information from AMD and Intel. Another study includes the author himself, who hired in (under cover) as a temp at NCC in 1995. Within 2 days Mr. Winkler had compromised 28 of the 29 top development projects exposing many breach points.

Part three is titled 'What You Can Do' and goes over many effective countermeasures that you can employ right now. It is jam packed with many ideas, most of them simple, that will tighten your security. Countermeasures are broken down into four areas: Operations, Personell, Physical and Techincal.

Five Stars

Ira, a former National Security Agency professional, made a name for himself in his second career as a corporate electronic security specialist by using a combination of common sense and basic work-arounds to penetrate and download millions if not billions of dollars worth of corporate research and development-always at the company's request, and generally with astonishing results. From his antics as a "temp" hire gaining access within two days, to his more systematic attacks using all known vulnerabilities including factory-shipped system administrator passwords that were never changed, he has exposed in a very practical way the "naked emperor" status of corporate America.

This is a book that i would recommend to all system admins and anyone who works with networks and computers. This guy is simply amazing, all it is, being shared experiences from his job. But the tips he gives are priceless... a little social engineering here a little hacking there...BUY this book if you are a cpu afficionado and want to learn even more and protect your systems.

Fantastic book! Time and again Mr. Winkler shows the power of social engineering, the use of widely (and readily available)software tools and maybe a little cleverness, used seperately or in combination to foil computer security. But he goes further and in Part III identifies MANY very simple procedures (most at no additional cost) that will foil almost any attack on your computer system.

Winkler covers this extensive topic in great detail. After reading Corporate Espionage I was left with the realization that being careful and aware of the threats and vulnerabilities around us is vital in this competitive world. The countermeasures that Winkler describes can also be used in all parts of our lives, not just the corporate environment. Corporate Espionage is a "must read" for anyone interested in protecting their personal or corporate information.

CORPORATE ESPIONAGE should be read by everyone with critical or sensitive information assets. Ira winkler explains risk management principles in a clear manner that appeals to everyone from the smallest home based business person to the CEO's of large corporations. Business people will find the case studies interesting. Information security professionals need more technical books for specific projects; they need Winkler to help them maintain their perspective.

The best part of Ira Winkler's book is the case studies, in which he relates in fairly explicit detail how he and others have managed to access corporate secrets and to take over corporate computers. The first five chapters try to encompass the entire subject (information, risk, value, threat, vulnerability), but end up reading like a set of rather obvious platitudes. Examples are drawn partly from the ensuing case studies, making the book redundant in places. The countermeasures section is useful, especially telling systems managers to make sure they simply incorporate the latest security patches. Overall: I'd say you could browse the interesting chapters at Borders and forget about spending $26 for this book

It's sad that nobody wrote a review. This book was made in 94 I think, and the problems with computers he states, are still going on. You gotta buy this book if your interested in computer security

Corporate Espionage is a great book. Very interesting.

Winkler can be a bit melodramatic at times, but overall, Corporate Espionage is a great book.