The true ebil empire!
http://articles.moneycentral.msn.com/Investing/Extra/InsideWalMartsThreatResearchOperation.aspx?page=1
Inside Wal-Mart's 'threat research' operation
The retailer appears to go beyond most companies in its sleuthing. Its surveillance group hunts computer hackers, trolls colleagues' e-mails and tries to plug information leaks.
advertisement
Article Tools
* E-mail to a friend
* Tools Index
* Print-friendly version
* Site Map
* Discuss in a Message Board
* Article Index
By The Wall Street Journal
A Wal-Mart worker fired last month for intercepting a reporter's phone calls says he was part of a larger, sophisticated surveillance operation that included snooping not only on employees but also on critics, stockholders and the consulting firm McKinsey.
As part of the surveillance, the retailer last year got an employee to infiltrate an anti-Wal-Mart group to determine whether it planned protests at the company's annual meeting, according to Bruce Gabbard, the fired security worker, who worked in Wal-Mart Stores' (WMT, news, msgs) Threat Research and Analysis Group.
The company also deployed cutting-edge monitoring systems made by a supplier to the Defense Department that allowed it to capture and record the actions of anyone connected to its global computer network. The systems' high-tech wizardry could detect the degree of flesh tone on a viewed Internet image and alerted monitors that a vendor sharing Wal-Mart networks was viewing pornography.
Wal-Mart has since disconnected some systems amid an internal investigation of the group's activities earlier this year, according to an executive in the security-information industry.
* Talk back: Does Wal-Mart take surveillance too far?
The revelations by Gabbard, many of which were confirmed by other former Wal-Mart employees and security-industry professionals, provide a rare window into the retail giant's internal operations and mindset.
The company fired Gabbard, a 19-year employee, last month for unauthorized recording of calls to and from a New York Times reporter and for intercepting pager messages. Wal-Mart conducted an internal investigation of Gabbard and his group's activities, fired his supervisor and demoted a vice president over the group as well.
Gabbard says he recorded the calls on his own because he felt pressured to stop embarrassing leaks. But he says most of his spying activities were sanctioned by superiors. "I used to joke that Wal-Mart paid me to be paranoid, and they got their money's worth," Gabbard says.
More from MSN Money and The Wall Street Journal
Corporate spying © Beathan/Corbis
* Wal-Mart drops bid to expand banking
* Fired Wal-Mart worker speaks out
* Wal-Mart suit shows glass ceiling still big issue
* Wal-Mart tapings spark probe
* Wal-Mart pays bonuses to store workers
* In praise of Wal-Mart
Surveillance appears legal
Wal-Mart says it permitted recording employee calls "only in compelling circumstances and with written permission from the legal department." But because pager messages were sent over a frequency that was not secure, Gabbard inadvertently intercepted pages from non-Wal-Mart employees as well. A U.S. attorney is investigating whether any laws were violated as a result of the phone and pager intercepts.
Aside from that possible infraction, Wal-Mart's surveillance appears to be legal. U.S. courts have long held that companies can read employee e-mails, and Wal-Mart employees are informed they have "no expectation of privacy" when using company-supplied computers or phones. The surveillance of people in public places is also legal.
Wal-Mart has always placed tight limits on what its employees can do while at work. For instance, it bars store employees from using personal cell phones on the job. Managers receive a list of e-mail addresses and phone numbers their employees have communicated with, and a list of Web sites visited, according to current and former employees. And the company limits Internet access, blocking social-networking and video sites.
Video on MSN Money
Telephone © Corbis
U.S. attorney investigates call taping
Federal authorities last month began looking into the actions of a computer systems technician at Wal-Mart Stores who intercepted pager and text messages and secretly taped telephone conversations, CNBC's Scott Cohn reports.
But Wal-Mart appeared to go beyond most companies in its sleuthing. It didn't just scan e-mails written on the corporate e-mail system. Technology it was helping develop allowed it to view e-mails that employees sent to or received from private accounts such as Hotmail or Gmail whenever the employees were hooked into the Wal-Mart computer network, according to Gabbard and others with knowledge of the system.
The security operation and its surveillance technology "seems Orwellian," says Robert West, the founder and chief executive of Echelon One, a security research and consulting firm composed largely of former corporate chief information officers. Other activities, such as infiltrating critics' groups, went "beyond the scope of the typical information security organization," he says.
A dimly lit 'Bat Cave'
Wal-Mart declined to give details about its surveillance activities. A company spokeswoman, Sarah Clark, characterized its security operations as normal.
"Like most major corporations, it is our corporate responsibility to have systems in place, including software systems, to monitor threats to our network and our intellectual property so we can protect our sensitive business information," Clark said. "It is also standard practice to provide physical and information security for our corporate events and for our board of directors and senior executives."
According to several former Wal-Mart employees, the company's roughly 20-person Threat Research and Analysis Group hunts computer hackers through cyberspace, trolls colleagues' e-mails looking for misbehavior or proprietary-data theft and tries to plug damaging information leaks. Members work on the third floor of the Wal-Mart's Bentonville, Ark., technology offices. They enter a separate glass-enclosed structure by holding the palm of their hand to a biometric reader that grants them access to a dimly lit work area. Colleagues call it "the Bat Cave."
The group "is no longer operating in the same manner that it did prior to the discovery of the unauthorized recording of telephone conversations," said Wal-Mart's Clark. ". . . We have strengthened our practices and protocols."
* Get free, real-time stock quotes on MSN Money
According to Gabbard, Wal-Mart began beefing up its electronic call surveillance after the Sept. 11, 2001, terrorist attacks in response to government requests to employers in general to help find terrorist cells. Gabbard says he was directed by two former FBI agents working for Wal-Mart to set up a system that could track any calls to and from Syria, Yemen and Iran, among other countries. The search was unsuccessful, only flagging an apparent call from Iran that turned out instead to be from an Indian jeweler, according to Gabbard.
Later, he says, he used the same equipment to intercept and record calls from The New York Times.
More from MSN Money and The Wall Street Journal
Corporate spying © Beathan/Corbis
* Wal-Mart drops bid to expand banking
* Fired Wal-Mart worker speaks out
* Wal-Mart suit shows glass ceiling still big issue
* Wal-Mart tapings spark probe
* Wal-Mart pays bonuses to store workers
* In praise of Wal-Mart
A concern about leaks
The electronic surveillance accelerated in October 2005 when confidential company memos began appearing on the Web site of a union-backed anti-Wal-Mart group, Wal-Mart Watch, according to Gabbard. One such memo suggested that because of rising costs and criticisms of its worker health insurance, the retailer should revise its policies by hiring healthier workers and requiring all jobs to perform physical activity, such as retrieving shopping carts.
Concerned about the leaks, Wal-Mart began working with Oakley Networks, a developer of "insider threat management" gear to track employees' and suppliers' computer usage over its network, according to Gabbard and an industry source. One Oakley system is able to record an employee's computer keystrokes and deliver a TiVo-like replay of his or her computer activities, according to Tom Bennett, Oakley's vice president of marketing.
Oakley confirmed the advanced capabilities of the system but says it doesn't identify customers apart from the Defense Department. The system goes beyond keystroke capture products and e-mail filtering packages by "providing a view of content moving over your network," Bennett says.
Suspecting that the leaks of confidential memos might have come from McKinsey employees who had been working on a health-care project at Wal-Mart's headquarters at the time of the leaked memo, Wal-Mart's security experts used an Oakley device to monitor the McKinsey Internet activities, according to Gabbard and others.
Wal-Mart ultimately took no action. "We continue to work closely with McKinsey, and we have no evidence that anyone there ever inappropriately shared confidential information," Wal-Mart's Clark said Monday. McKinsey declined to comment.
Wal-Mart also used an Oakley product to monitor suppliers' use of the Wal-Mart network. Gabbard says that using the program that can monitor flesh tones on a computer screen, his team found a vendor downloading pornography and reported it to Wal-Mart and the vendor's executives. He doesn't know the outcome. Wal-Mart declined to comment on the incident.
Critical shareholders targeted
Gabbard says he also used his computer skills to find information on Wal-Mart critics. In March 2006, he searched a South Carolina Democratic Party Web site for information on Nu Wexler, the spokesman for the anti-Wal-Mart group Wal-Mart Watch. Wal-Mart knew that Wexler planned to be in northwestern Arkansas during an annual company conference. Gabbard said he found personal photos of Wexler stored on a publicly available folder on the party's computer, which allowed Wal-Mart security to identify Wexler.
"Wal-Mart has far bigger concerns than my vacation photos," said Wexler, after being informed of the surveillance. "Someone would have had to dig for quite a while to find that link."
* Get free, real-time stock quotes on MSN Money
In late spring 2006, Wal-Mart learned that several anti-Wal-Mart groups might protest at the annual shareholders meeting in June. Company executives were concerned the civil-rights group Acorn (the Association of Community Organizations for Reform Now) and local Up Against the Wal members would disrupt its meeting. Wal-Mart sent a long-haired employee wearing a wireless microphone to Up Against the Wal's Fayetteville, Ark., gathering, and eavesdropped from nearby, says Gabbard. "We followed around the perimeter with a surveillance van," he says.
"It is not the company's policy to infiltrate organizations or events, and we would not condone any associate engaging in such activity," said Wal-Mart's Clark. Wal-Mart also directed its surveillance operations at critical shareholders.
Stock Charts (Year)
Wal-Mart
Graphical chart for WMT
According to a January 2007 memo reviewed by The Wall Street Journal, security units were asked to "do some preliminary background work on the potential threat assessment" of those submitting proposals to its June shareholder meeting, particularly those whose resolutions the company was trying to block. The list included proposals from a Boerne, Texas, religious group; the New York City controller's office; and Sydney Kay, an 85-year-old retired science teacher who submitted a resolution requiring that board nominees own at least $5 million in Wal-Mart stock, and his 93-year-old sister Hilda Kaplis.
"It is standard business practice to do an overall assessment for potential disruptions at a major event like our shareholders' meeting involving 20,000-plus people," Clark said.
Reached at his Dallas home, Kay scoffed at the notion he posed a threat to Wal-Mart's annual meeting. "I am a nobody," he said.
This article was reported and written by Ann Zimmerman and Gary McWilliams for The Wall Street Journal.
Inside Wal-Mart's 'threat research' operation
The retailer appears to go beyond most companies in its sleuthing. Its surveillance group hunts computer hackers, trolls colleagues' e-mails and tries to plug information leaks.
advertisement
Article Tools
* E-mail to a friend
* Tools Index
* Print-friendly version
* Site Map
* Discuss in a Message Board
* Article Index
By The Wall Street Journal
A Wal-Mart worker fired last month for intercepting a reporter's phone calls says he was part of a larger, sophisticated surveillance operation that included snooping not only on employees but also on critics, stockholders and the consulting firm McKinsey.
As part of the surveillance, the retailer last year got an employee to infiltrate an anti-Wal-Mart group to determine whether it planned protests at the company's annual meeting, according to Bruce Gabbard, the fired security worker, who worked in Wal-Mart Stores' (WMT, news, msgs) Threat Research and Analysis Group.
The company also deployed cutting-edge monitoring systems made by a supplier to the Defense Department that allowed it to capture and record the actions of anyone connected to its global computer network. The systems' high-tech wizardry could detect the degree of flesh tone on a viewed Internet image and alerted monitors that a vendor sharing Wal-Mart networks was viewing pornography.
Wal-Mart has since disconnected some systems amid an internal investigation of the group's activities earlier this year, according to an executive in the security-information industry.
* Talk back: Does Wal-Mart take surveillance too far?
The revelations by Gabbard, many of which were confirmed by other former Wal-Mart employees and security-industry professionals, provide a rare window into the retail giant's internal operations and mindset.
The company fired Gabbard, a 19-year employee, last month for unauthorized recording of calls to and from a New York Times reporter and for intercepting pager messages. Wal-Mart conducted an internal investigation of Gabbard and his group's activities, fired his supervisor and demoted a vice president over the group as well.
Gabbard says he recorded the calls on his own because he felt pressured to stop embarrassing leaks. But he says most of his spying activities were sanctioned by superiors. "I used to joke that Wal-Mart paid me to be paranoid, and they got their money's worth," Gabbard says.
More from MSN Money and The Wall Street Journal
Corporate spying © Beathan/Corbis
* Wal-Mart drops bid to expand banking
* Fired Wal-Mart worker speaks out
* Wal-Mart suit shows glass ceiling still big issue
* Wal-Mart tapings spark probe
* Wal-Mart pays bonuses to store workers
* In praise of Wal-Mart
Surveillance appears legal
Wal-Mart says it permitted recording employee calls "only in compelling circumstances and with written permission from the legal department." But because pager messages were sent over a frequency that was not secure, Gabbard inadvertently intercepted pages from non-Wal-Mart employees as well. A U.S. attorney is investigating whether any laws were violated as a result of the phone and pager intercepts.
Aside from that possible infraction, Wal-Mart's surveillance appears to be legal. U.S. courts have long held that companies can read employee e-mails, and Wal-Mart employees are informed they have "no expectation of privacy" when using company-supplied computers or phones. The surveillance of people in public places is also legal.
Wal-Mart has always placed tight limits on what its employees can do while at work. For instance, it bars store employees from using personal cell phones on the job. Managers receive a list of e-mail addresses and phone numbers their employees have communicated with, and a list of Web sites visited, according to current and former employees. And the company limits Internet access, blocking social-networking and video sites.
Video on MSN Money
Telephone © Corbis
U.S. attorney investigates call taping
Federal authorities last month began looking into the actions of a computer systems technician at Wal-Mart Stores who intercepted pager and text messages and secretly taped telephone conversations, CNBC's Scott Cohn reports.
But Wal-Mart appeared to go beyond most companies in its sleuthing. It didn't just scan e-mails written on the corporate e-mail system. Technology it was helping develop allowed it to view e-mails that employees sent to or received from private accounts such as Hotmail or Gmail whenever the employees were hooked into the Wal-Mart computer network, according to Gabbard and others with knowledge of the system.
The security operation and its surveillance technology "seems Orwellian," says Robert West, the founder and chief executive of Echelon One, a security research and consulting firm composed largely of former corporate chief information officers. Other activities, such as infiltrating critics' groups, went "beyond the scope of the typical information security organization," he says.
A dimly lit 'Bat Cave'
Wal-Mart declined to give details about its surveillance activities. A company spokeswoman, Sarah Clark, characterized its security operations as normal.
"Like most major corporations, it is our corporate responsibility to have systems in place, including software systems, to monitor threats to our network and our intellectual property so we can protect our sensitive business information," Clark said. "It is also standard practice to provide physical and information security for our corporate events and for our board of directors and senior executives."
According to several former Wal-Mart employees, the company's roughly 20-person Threat Research and Analysis Group hunts computer hackers through cyberspace, trolls colleagues' e-mails looking for misbehavior or proprietary-data theft and tries to plug damaging information leaks. Members work on the third floor of the Wal-Mart's Bentonville, Ark., technology offices. They enter a separate glass-enclosed structure by holding the palm of their hand to a biometric reader that grants them access to a dimly lit work area. Colleagues call it "the Bat Cave."
The group "is no longer operating in the same manner that it did prior to the discovery of the unauthorized recording of telephone conversations," said Wal-Mart's Clark. ". . . We have strengthened our practices and protocols."
* Get free, real-time stock quotes on MSN Money
According to Gabbard, Wal-Mart began beefing up its electronic call surveillance after the Sept. 11, 2001, terrorist attacks in response to government requests to employers in general to help find terrorist cells. Gabbard says he was directed by two former FBI agents working for Wal-Mart to set up a system that could track any calls to and from Syria, Yemen and Iran, among other countries. The search was unsuccessful, only flagging an apparent call from Iran that turned out instead to be from an Indian jeweler, according to Gabbard.
Later, he says, he used the same equipment to intercept and record calls from The New York Times.
More from MSN Money and The Wall Street Journal
Corporate spying © Beathan/Corbis
* Wal-Mart drops bid to expand banking
* Fired Wal-Mart worker speaks out
* Wal-Mart suit shows glass ceiling still big issue
* Wal-Mart tapings spark probe
* Wal-Mart pays bonuses to store workers
* In praise of Wal-Mart
A concern about leaks
The electronic surveillance accelerated in October 2005 when confidential company memos began appearing on the Web site of a union-backed anti-Wal-Mart group, Wal-Mart Watch, according to Gabbard. One such memo suggested that because of rising costs and criticisms of its worker health insurance, the retailer should revise its policies by hiring healthier workers and requiring all jobs to perform physical activity, such as retrieving shopping carts.
Concerned about the leaks, Wal-Mart began working with Oakley Networks, a developer of "insider threat management" gear to track employees' and suppliers' computer usage over its network, according to Gabbard and an industry source. One Oakley system is able to record an employee's computer keystrokes and deliver a TiVo-like replay of his or her computer activities, according to Tom Bennett, Oakley's vice president of marketing.
Oakley confirmed the advanced capabilities of the system but says it doesn't identify customers apart from the Defense Department. The system goes beyond keystroke capture products and e-mail filtering packages by "providing a view of content moving over your network," Bennett says.
Suspecting that the leaks of confidential memos might have come from McKinsey employees who had been working on a health-care project at Wal-Mart's headquarters at the time of the leaked memo, Wal-Mart's security experts used an Oakley device to monitor the McKinsey Internet activities, according to Gabbard and others.
Wal-Mart ultimately took no action. "We continue to work closely with McKinsey, and we have no evidence that anyone there ever inappropriately shared confidential information," Wal-Mart's Clark said Monday. McKinsey declined to comment.
Wal-Mart also used an Oakley product to monitor suppliers' use of the Wal-Mart network. Gabbard says that using the program that can monitor flesh tones on a computer screen, his team found a vendor downloading pornography and reported it to Wal-Mart and the vendor's executives. He doesn't know the outcome. Wal-Mart declined to comment on the incident.
Critical shareholders targeted
Gabbard says he also used his computer skills to find information on Wal-Mart critics. In March 2006, he searched a South Carolina Democratic Party Web site for information on Nu Wexler, the spokesman for the anti-Wal-Mart group Wal-Mart Watch. Wal-Mart knew that Wexler planned to be in northwestern Arkansas during an annual company conference. Gabbard said he found personal photos of Wexler stored on a publicly available folder on the party's computer, which allowed Wal-Mart security to identify Wexler.
"Wal-Mart has far bigger concerns than my vacation photos," said Wexler, after being informed of the surveillance. "Someone would have had to dig for quite a while to find that link."
* Get free, real-time stock quotes on MSN Money
In late spring 2006, Wal-Mart learned that several anti-Wal-Mart groups might protest at the annual shareholders meeting in June. Company executives were concerned the civil-rights group Acorn (the Association of Community Organizations for Reform Now) and local Up Against the Wal members would disrupt its meeting. Wal-Mart sent a long-haired employee wearing a wireless microphone to Up Against the Wal's Fayetteville, Ark., gathering, and eavesdropped from nearby, says Gabbard. "We followed around the perimeter with a surveillance van," he says.
"It is not the company's policy to infiltrate organizations or events, and we would not condone any associate engaging in such activity," said Wal-Mart's Clark. Wal-Mart also directed its surveillance operations at critical shareholders.
Stock Charts (Year)
Wal-Mart
Graphical chart for WMT
According to a January 2007 memo reviewed by The Wall Street Journal, security units were asked to "do some preliminary background work on the potential threat assessment" of those submitting proposals to its June shareholder meeting, particularly those whose resolutions the company was trying to block. The list included proposals from a Boerne, Texas, religious group; the New York City controller's office; and Sydney Kay, an 85-year-old retired science teacher who submitted a resolution requiring that board nominees own at least $5 million in Wal-Mart stock, and his 93-year-old sister Hilda Kaplis.
"It is standard business practice to do an overall assessment for potential disruptions at a major event like our shareholders' meeting involving 20,000-plus people," Clark said.
Reached at his Dallas home, Kay scoffed at the notion he posed a threat to Wal-Mart's annual meeting. "I am a nobody," he said.
This article was reported and written by Ann Zimmerman and Gary McWilliams for The Wall Street Journal.
Howdy, Stranger!
Categories
- 40K All Categories
- 27.1K Neighborhoods
- 5.1K Crown Heights/Prospect Lefferts Gardens
- 7.1K Prospect Heights
- 2.3K Fort Greene, Clinton Hill, Bed-Stuy
- 8K Park Slope
- 549 Williamsburg, Greenpoint, Bushwick
- 442 Flatbush/Midwood/Ditmas Park
- 657 BoCoCa (Boerum Hill, Cobble Hill, Carroll Gardens)
- 151 Red Hook
- 104 Gowanus
- 304 Bay Ridge/Bensonhurst
- 130 Coney Island, Brighton Beach, Sheepshead Bay
- 270 Brooklyn Heights, DUMBO and Downtown
- 598 Windsor Terrace / Kensington
- 673 Greenwood Heights and Sunset Park
- 749 Brooklyn and Beyond
- 6.3K Stuff
- 86 Brooklyn Back When
- 1.2K Brooklyn Pets
- 257 Brooklyn Kids
- 241 Brooklyn Eats
- 51 Brooklyn Booze
- 3.6K The Lounge / Random Stuff
- 611 Brooklyn Politics
- 122 Brooklyn Sports and Fitness
- 111 Brooklyn Photos
- 339 Site Issues
- 8 Frequently Asked Questions (FAQ)
- 6.2K Listings
- 1.1K APARTMENTS and REAL ESTATE
- 1.3K Sales Openings Events
- 2.3K The Classifieds
