Think Like a Bad Guy: A Look Back at GPS Tracking Concerns

I’ve been an instructor for the Executive Protection Institute, teaching Information Technology to protection specialists since before there was technology; okay, I’m not that old, but it was before PowerPoint. I think I was using something called Word Perfect, and I printed the foils (clear plastic printouts) and, with an overhead projector, displayed them on a screen… Magic!

The title of the first class was Technology and the Information Superhighway for the EP Specialist. Now, not many even remember the term Information Superhighway. 

Read more: Think Like a Bad Guy: A Look Back at GPS Tracking Concerns

I had approached Dr. Kobetz about teaching a class where the purpose was to show the basics and where the students could learn more about topics they were interested in or needed for their specific role.

The important thing was that we wanted them to be safe with technology and not to make themselves, their teammates, or their families a target by not knowing what was out there.

I approached this with one thing in mind. Given the time, what can I show them and teach them that they will be able to remember, and then use and research themselves? The first couple of classes over the years covered the basics: email, search engines, and web browsers, and as time went on, we added Blackberry devices, firewalls (hardware and software), proxies, VPN, and even an old favorite of mine, mailinator. 

In those days, threats like phishing, viruses, and others were not as common, mainly because most systems that people had were not constantly online, but still, we worked to prepare them for what was there and to think as far into the future as we could.

We added the basics of OSINT, “Open Source Intelligence,” to the course a few years later. It was simply stated to me that the executive protection specialist needed to have access to information. This information could be about potential threats, where the nearest hospital with directions, and sometimes something fun like “What foods won’t make me sick when I travel to…” Back then, there was not as much information, and it was not as easy to find.  Today, we have too much information, and it is harder to find what is real versus some hallucination made by AI.

At EPI, we have instructors who are not only executive protection specialists, but we bring in subject matter experts from around the world so the graduates of EPI will have a basic understanding of the different topics and also where to find more information or training in different disciplines, as one of those self-taught experts who sold his first computer program when he was sixteen, not for millions of dollars, but… I got paid, and in this article, I wanted to give you a little bit of the history of my class.

In October of 2011, I started talking about GPS in terms of not only mapping where you wanted to go but in the ability it had as it relates to tracking.

I only added to this warning through the years, and with each advancement in technology still covered this. A few years ago, I referenced a video that was done by a news agency that showed how much information your phone was sending back about you even if you had it on airplane mode.  Basically, as soon as you went online, it said, “Guess where David has been.”

I do not know if other programs that try to emulate the Executive Protection Institute cover now or have covered, but based on the news article that I found on Slashdot.org I highly doubt they do. The article title of the article by Rachel Hagan for the Independent (https://www.independent.co.uk/world/strava-security-trump-putin-macron-secret-service-b2637282.html) says it all. “Location of world leaders including Putin, Trump and Macron ‘revealed by security teams’ Strava.’”

I cannot express how disappointed I am in members of our industry allowing their fitness app to be used in this way. Another quote says, “Some of the world’s most prominent leaders’ movements were tracked online through a fitness app used by their bodyguards, an investigation has suggested”

This is just not acceptable to me, someone with a foot in executive protection and another in technology, and yet another; as a new horror author, I can’t understand the lack of training for these individuals, and did anyone ever tell them to “Think Like the Bad Guy?”

If you are in executive protection, do not make yourself, your team, or your family a target by your lack of understanding of the technology you are carrying.

For a quick scenario, if you are in executive protection traveling with a client, even if you are not on duty at that moment, is your specific location something that should be guarded? If I were planning an attack, the first thing I would consider would be taking out or hindering the backup or the next shift’s team’s arrival. It could be something as simple as giving one of the bike riders’ SUVs a flat tire where they parked.  How do I as the mastermind in this, know where they left it? Their fitness app told me, and it apparently is not that hard to figure out.

Now, in the article the US Secret Service told the newspaper that it did not believe the protection it provides was in any way compromised. I’m sorry, but if you check out what I put above. If you let a “bad actor” know where your team parks their vehicles before going for a bike ride or run, then guess what? That is a compromise, yes, not one that someone had taken advantage of that we know of or that has been reported, thankfully.

The article then says they are not allowed to use personal devices while on duty… Well, thank goodness for small victories for the people they are protecting. If they had stopped there, I may not have felt the need to comment, but the article then reports that they said “We do not prohibit an employee’s personal use of social media off-duty.”

Thinking about it, I believe I know the answer. We teach these basic concepts at EPI; our people understand they need to “Think like the Bad Guy.” They know that while they are traveling with their client, they are never really off-duty.

I have no way of knowing if the article is reporting the quotes wholly or correctly, so let me leave you with this.

Why take the chance? Why take the chance that the data in an app, the cell phone records, and or your geolocation data on a picture could be used against your client, your team, or your family? Yes, I mention family several times in this because, depending on the threat level of your client, they may be at risk. 

We like to think they are not, that we leave them at home and they will be safe, but the truth is, and if you will allow me to add to it… Use common sense and think Like a Bad Guy.

David Musser, PPS

10 Reasons to attend the IPSB Annual Close Protection Conference

As one of the Founding Board Members of the International Protective Security Board (IPSB), I like to remind folks periodically of the value of attending our annual conference.

Continue reading “10 Reasons to attend the IPSB Annual Close Protection Conference”

Testimonial

When YOU have attended EPI’s (Executive Protection Institute) world renowned seven-day program the networking opportunities are all around you if you take time to take advantage of it.

When YOU have attended EPI’s (Executive Protection Institute) world renowned seven-day program the networking opportunities are all around you if you take time to take advantage of it. Don’t stop training, attending seminars, and EP social events.  Many employment assignments come about because of personal relationships developed over time. During the seven-day program you will be partnered with other students from around the globe. You can learn from the real-life experiences of professionals from entry level attendees to 20+ year professionals. It is amazing how a small 20-minute conversation can lead to a lifelong friendship and make connections to new professional experiences and long-term friendships.

Continue reading “Testimonial”

Introduction to 001: Luxury Executive Protection

Many billionaires possess exceptional business expertise, yet do not possess adequate experience in or knowledge of Executive Protection (EP) and security. As a result, they often rely on subpar businesses that have little or no knowledge of EP services, or who recruit employees who do not have formal EP training from an accredited EP Academy, to provide them with their security detail. This is often the case because these individuals seek to minimize the cost for their protection services instead of relying on the quality of service.

Kent Moyer, PPS; Executive Protection Institute Graduate, NLA Member

As the CEO of The World Protection Group, Inc. (WPG) of Beverly Hills, California, I have noticed a troubling trend over the past twenty years in the Protection Industry with high-net-worth clients. Much too often, these clients lack the understanding between effective and ineffective security. Many billionaires possess exceptional business expertise, yet do not possess adequate experience in or knowledge of luxury Executive Protection (EP) and security.

As a result, they often rely on subpar businesses that have little or no knowledge of EP services, or who recruit employees who do not have formal EP training from an accredited EP Academy, to provide them with their security detail. This is often the case because these individuals seek to minimize the cost for their protection services instead of relying on the quality of service.

Continue reading “Introduction to 001: Luxury Executive Protection”