The Russian spy ring seems to be the gift that just keeps on giving in terms of blog fuel.
First… if this story is to be believed, one of the spies set himself up as a consultant, talking to companies about their plans for a post oil economy (a subject of interest to fossil fuel producers such as Russia) and pitching a software package to help companies model the effects of future events on their businesses. Since this software would be installed on customer networks, it could be used as a vector to plant spyware on clients’ computers.
Another report reveals that a Russian man who may be linked to the spy ring and who was recently deported had worked at Microsoft as a software tester both as an intern and as a full time employee. He worked in Redmond for less than a year, and Microsoft claims that no software was compromised. Hmmm. I hope the boys and girls are putting in some serious overtime looking at what this guy had access to.
If true, these stories point to a new face of state sponsored espionage – one focused on the private sector, which is much less prepared to protect the secrets which are important to their business as well as to the critical infrastructure. Another good reason for security folks to join their local InfraGard chapter and learn more about protecting their businesses (and their country) against corporate espionage.