HOW TO
PLUG UP AND INVESTIGATE INFORMATION LEAKSBy CJ Bastrup And The Gator Gazzette
If You Like What You See, Click Here For Information On How To Subscribe To Gator Gazzette, A Newsletter For Private Investigators
HOW TO
PLUG UP AND INVESTIGATE INFORMATION LEAKS
By CJ Bastrup And The Gator Gazzette
If You Like What You
See, Click Here For Information On How To Subscribe To Gator Gazzette, A
Newsletter For Private Investigators
Recently in the news we have seen a rash of new government and corporate
scandals and insider information being leaked to the press. Corporate security
personnel are
having a tough time trying to figure out who leaked the documents to the
press in the first place. This
leaves a great opportunity for the professional investigator for two reasons.
One, security personnel often
have no idea how to detect the culprit and two, there is no way of knowing
who is involved, so management
may be wise to bring in an outside (disinterested) party. This is especially
important if the company
is involved in bidding wars and being consistently beat out by a narrow
margin by their competitors.
The first level of investigation is to find out who had access to the information
inside the
organization. Then a list of names is compiled and those persons are targeted
by the investigator.
A successful ploy often utilized by capable investigators to stop documents
from being passed
around is to put them on restricted distribution lists. These are lists
of names or positions that are
authorized to view and/or access the document on a need to know basis. Individuals
not on the list, do not
get the document.
Two outcomes result from this tactic. First, the document is restricted,
making it harder for the opponent to get the document. Second, should the
document be leaked to the
media or opponents, the investigators will have a ready made list of suspects
with which to start
their inquiries. The next time a leak occurs, the investigation team will
attempt to locate
the source of the leak by using any method at their disposal. These methods
may include questioning of
employees, background screening, etc. What we are attempting is to do is
set up traps for the leak
to reveal itself. Once the restricted distribution list is compiled, it
is further broken
down into sub-lists. In each case a segment of the original list will be
used until all of the
individuals are listed on different lists in a unique combination. Then
each of the individuals on the sub-lists
are "fed" documents that the target would want to leak (misinformation).
The source is then found by cross-referencing the documents that are actually
leaked with the distribution lists. Moderation is required here as the source
may become suspicious when multiple lists are created and when valuable
"information" starts appearing in above average quantities. Also,
nothing guarantees that the source will leak all of the documents sent to
it. Another procedure used is the creation of "trap" documents.
In this method each document is carefully crafted to catch the leak. The
original document is written using a word processing program which utilizes
a thesaurus. The program then uses synonyms to replace some words in the
document. Punctuation (placement of commas, quotation marks, hyphens, etc.)
is also altered as well as the header style and paragraph formatting. Using
a combination of these techniques, a unique document is made for each person
it is to be sent to, while keeping the essence of the message intact. Should
the source discuss the message with another person on the document's distribution
list, suspicion is not aroused as the central idea remains the same.
Then, the document is released to the individuals on all of the lists. If
the document is shown on
television or published in the newspaper, the investigator will be able
to determine who leaked the
document. However, the media have caught on to this and some only quote
part of the document.
However, due to the wording and punctuation, the source can usually be found.
It is advisable for
corporations and government entities to incorporate these procedures on
regular a basis with a new
version of the document created each time it is requested. This technique
is not all-conclusive evidence of
the leak; as the source could always have stolen a colleague's copy and
leaked that version of the
document. Thus the source may be someone who was not on any of the lists,
but the investigation will at
least be able to determine where the material is originating from and who
had access to it. A final approach is to
have documents released in massive quantities to the individuals, but each
with a small discrepancy (typos,
figures off by $28, wrong dates, etc.). The misinformation in the document
is low-level while still being confidential. Normally someone willing to
leak large quantities of low-level information will also be willing to leak
high-level information.The process is repeated until an individual source
can be pinpointed. Don't wait for the clients to come to you. Next time
you see a document on the local news or quoted in the newspaper, look at
this as an entity that needs your help.
If You Like What You
See, Click Here For Information On How To Subscribe To Gator Gazzette, A
Newsletter For Private Investigators
RETURN TO NAIS NEWSLETTER