Modern Burglars Bring Ocean's Eleven Tactics article

[Jacob Morgan]

A link to this was on Drudge this morning:

https://www.cnbc.com/2018/08/09/modern-burglars-bring-oceans-eleven-tactics-to-your-neighborhood.html

It writes about a professional burglar ring that just got busted up in New York, and has a variety of suggestions on security, especially on setting up layers of security, both high and low-tech, including better locks and stronger doors. Good to see someone who promotes a "defense in depth" approach to security.

[jwrm22]

Thank you for posting.

The main problem of today is you might not know you are vulnerable until you find a DefCon talk from four years ago.
What you are using mechanism XYZ? That has been exploited in 2014! You should have upgraded.

I point out vulnerabilities some times.
If i get a reaction at all it's something like: Don't worry. We have insurance...

As I'm looking to secure my house better. Is it really worth spending another €2k on it?
I don't have that kind of money to burn and just do what I can.
Not having anything worth stealing for starters.

[billdeserthills]

Thank you for posting.

The main problem of today is you might not know you are vulnerable until you find a DefCon talk from four years ago.
What you are using mechanism XYZ? That has been exploited in 2014! You should have upgraded.

I point out vulnerabilities some times.
If i get a reaction at all it's something like: Don't worry. We have insurance...

As I'm looking to secure my house better. Is it really worth spending another €2k on it?
I don't have that kind of money to burn and just do what I can.
Not having anything worth stealing for starters.

[demux]

As I'm looking to secure my house better. Is it really worth spending another €2k on it?
I don't have that kind of money to burn and just do what I can.
Not having anything worth stealing for starters.

It's not strictly necessary. There's a term in computer security called defense in depth. It's the idea that you rely on a multitude of heterogeneous technologies and procedures to achieve the overall security of the system. In other words, it's not strictly necessary (and probably not worthwhile) to put an Abloy Protec2 on every door of your house and stop there. Sure, put a decent lock on all your stuff (read: something you would find in a local locksmith store, not a local big box store), but those can easily be had for in the $50-$100 range each. But then put in at least a basic alarm system, some cameras, appropriate lighting and landscaping, etc. Each of these components need not be super expensive, but the sum total of all of them will make your house less attractive to a potential intruder, and unless you're being specifically targeted for some reason, he'll likely move on to another house.

See also the "Halfling-Dragon Principle" which I've posted previously.

[jwrm22]

As I'm looking to secure my house better. Is it really worth spending another €2k on it?
I don't have that kind of money to burn and just do what I can.
Not having anything worth stealing for starters.

It's not strictly necessary. There's a term in computer security called defense in depth. It's the idea that you rely on a multitude of heterogeneous technologies and procedures to achieve the overall security of the system. In other words, it's not strictly necessary (and probably not worthwhile) to put an Abloy Protec2 on every door of your house and stop there. Sure, put a decent lock on all your stuff (read: something you would find in a local locksmith store, not a local big box store), but those can easily be had for in the $50-$100 range each. But then put in at least a basic alarm system, some cameras, appropriate lighting and landscaping, etc. Each of these components need not be super expensive, but the sum total of all of them will make your house less attractive to a potential intruder, and unless you're being specifically targeted for some reason, he'll likely move on to another house.

See also the "Halfling-Dragon Principle" which I've posted previously.

I know the principle but do not want to out run my neighbors, I don't want them burgled either.
I actually made a list of things I want to improve but it's stuck at replacing a door on a house that's not mine.
They won't allow it even if I had the money for it.

The probability is quite low of being burgled but how much is it worth to make it nearly impossible?
I'm looking at plastic sheet behind the glass near the doors, it will shatter but you won't get in easily.
Anti burgle hinges on every door, €10,- a hinge, 3 a door...

It might be I'm just a bit paranoid.

[demux]

I know the principle but do not want to out run my neighbors, I don't want them burgled either.

No, of course not, unfortunately that's a choice that's up to them, not you. The neighborly thing to do would be to make the improvements to your house, then go around to all your neighbors and let them know what you did and why (well, at least in general terms, you probably won't want to give out specifics), how much it cost, etc. And suggest they consider doing similar things. Unfortunately most people have no concept of physical security. "Oh, I went to the hardware store and just put on a new lock from Kwikset that said Maximum Security, so nobody could ever possibly get into my place. Right?" A bit of education goes a long way. Ideally everyone's house would be sufficiently burglar-unfriendly that all the burglars would just give up and go home. Unfortunately, that's not the world we live in.

The probability is quite low of being burgled but how much is it worth to make it nearly impossible?
I'm looking at plastic sheet behind the glass near the doors, it will shatter but you won't get in easily.
Anti burgle hinges on every door, €10,- a hinge, 3 a door...

It might be I'm just a bit paranoid.

Think of it like a cost benefit analysis. How much you should spend will depend on how much you have to lose. Keep in mind that the violation of someone being in your house/stuff without your knowledge or permission counts as a loss. Some people will place more value on that peace of mind than others.

[jwrm22]

Thanks for the advice. That's enough about that

Back on topic.
I'm not surprised these groups exist and I'm expecting this to be more common in the future.
The knowledge is out there and it will just take a few dedicated people to exploit it.
Walls are hard, computers quite soft.

The attack surface is huge. As the article stated gathering information from facebook.
But I would also consider the long con. Someone getting a job at the place or social engineering over months or even years.
If they don't get anywhere they can just move on.

I find this very annoying as there is little I can do to protect the people around me.
I know a few very good social engineers that teach too. They can literately walk in an office building and vanish in the crowd.
Luckily they are the proverbial good guys. The others know no empathy and remorse.

Once in a while I fancy a challenge and try t teach my (technical) colleagues something about security.
Something as simple as "Don't pick up a USB from the street and put it in your laptop".
It's a challenge because it's really tough to convince them of the problem.