fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Nuclear Engineer’s Espionage Plans Unraveled By Undercover FBI Agent

Nuclear Engineer’s Espionage Plans Unraveled By Undercover FBI Agent

A Navy nuclear engineer and his wife were arrested under espionage-related charges alleging violations of the Atomic Energy Act after selling restricted nuclear-powered warship design data to a person they believed was a foreign power agent.

However, Jonathan and Diana Toebbe (the two defendants) sold the confidential information (including printouts, digital media files containing technical details, operations manuals, and performance reports) to an undercover FBI agent.

Jonathan Toebbe served as a nuclear engineer assigned to the Naval Nuclear Propulsion Program, also known as Naval Reactors, of the Department of the Navy. He also had access to restricted data since he held an active national security clearance through the U.S. Department of Defense.

While working as a Navy nuclear engineer, Toebbe had access to naval nuclear propulsion information, including military sensitive design elements, operating parameters, and performance characteristics for nuclear-powered warships’ reactors.

Also Read: Ways to protect HR data and avoid penalties for data breaches

Encrypted emails and undercover agents

The exchange started with a package sent to a foreign government on April 1, 2020, containing “U.S. Navy documents, a letter containing instructions, and an S.D. card containing specific instructions on how COUNTRY 1 should respond using an encrypted communication platform, and additional documents.”

According to court documents, the FBI’s attaché in the unspecified country informed the FBI, which, in December 2020, initiated contact with Jonathan Toebbe via encrypted ProtonMail email through an undercover agent posing as a representative of COUNTRY 1.

In the following email exchanges (between April and June 2021), the FBI asked the defendant to deliver additional confidential U.S. Navy information to a dead drop location.

Toebbe eventually agreed after asking to be paid in Monero cryptocurrency and deliver it to a “dead drop” location in Jefferson County, West Virginia.

“The samples will be encrypted using GnuPG symmetric encryption with a randomly generated passphrase,” Toebbe told the undercover agent via encrypted email. “I will tell you the location and how to find the card. I will also give you a Monero address. I am very aware of the risks of blockchain analysis of BitCoin and other cryptocurrencies, and believe Monero gives both us excellent deniability.”

Before agreeing to deliver the encrypted documents at a dead drop location, the defendant also expressed concern that he might be communicating with someone different from the foreign power agent he believed he was sending the confidential data to.

Also Read: Data Protection Act of Singapore: Validity in the Post-pandemic World

“I am sorry to be so stubborn and untrusting, but I can not agree to go to a location of your choosing,” he said. “I must consider the possibility that I am communicating with an adversary who has intercepted my first message and is attempting to expose me.”

“Would not such an adversary wish me to go to a place of his choosing, knowing that an amateur will be unlikely to detect his surveillance? If you insist on my physically delivering the package, then it must be a place of my choosing.”

The dead drops

On June 26, with his spouse acting as a lookout, Jonathan Toebbe placed an S.D. card concealed in half a peanut butter sandwich at the pre-arranged dead drop location.

“On Aug. 28, Jonathan Toebbe made another “dead drop” of an S.D. card in eastern Virginia, this time concealing the card in a chewing gum package. After making a payment to Toebbe of $70,000 in cryptocurrency, the FBI received a decryption key for the card,” a Department of Justice press release says.

Jonathan and Diana Toebbe, of Annapolis, Maryland, were arrested by the FBI and the Naval Criminal Investigative Service (NCIS) on Saturday, October 9, after he delivered yet another S.D. card at a pre-arranged “dead drop” at a second location in West Virginia.

“The complaint charges a plot to transmit information relating to the design of our nuclear submarines to a foreign nation,” Attorney General Merrick B. Garland said.

“The work of the FBI, Department of Justice prosecutors, the Naval Criminal Investigative Service and the Department of Energy was critical in thwarting the plot charged in the complaint and taking this first step in bringing the perpetrators to justice.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us