Data/Cyber/Cloud Security, Privacy, Website Security, Data Encryption, Malware/Viruses, Open Source Intelligence, Cyber Defence, Data Breaches, Travel Reviews & Photos
Have you ever been to a conference (think InfoSec or CloudSec) or walked near one and been curious to see what everyone does? At InfoSec you will see people with conference attendee badges on saying: head of information security at: MoD, MPS, FCO, Home Office etc. They wear them inside the building and forget to take them off when they leave.

On the train two days ago (6th Jan 2015) I spotted a man (and presumably his wife) entering the train with a name badge on. Curiosity of course overcame me. What did it say? Commander A******* **************, Defence Adviser, ************** High Commission. Could it get any worse? I searched for Commander A******* on the internet and found him on a UK government diplomatic list and then listed on his own high commission website. Along with an entire staff list (including armed forces), phone numbers and assistants.

Even without seeing the name badge on the train, the above would be excellent for social engineering (spear phishing or phone impersonation). The Dear Leader’s “Bureau 121” has just died and gone to heaven!

Commander A******* surely you are counter-intelligence not pro intelligence? The moral of the story is take off your conference badge and ID pass when leaving the building.