Corporate espionage involves the theft of a corporation's business data and intellectual property, including product designs, manufacturing processes, product prototypes, and software codes. Because a company's business data and intellectual property are vital to the success of the company, corporate espionage conducted by a competitor can adversely affect the development of products and the potential profit realized by the company. For example, U.S. companies lose approximately $100 billion annually in sales as a result of corporate espionage.
In one method of corporate espionage, a corporation “plants” an employee within a competitor company to monitor and gather business information from that company. Once associated with the organization, the corporate spy can obtain confidential information about the targeted company by exploiting temporary physical access to computerized devices used by the company, such as personal computers.
Many types of computerized devices, such as personal computers, include security mechanisms that detect changes to the hardware configuration (e.g., hard drive, memory) associated with the computer and provide a warning to an end user of the detected changes. Such a warning can arouse an end user's suspicions regarding a breach in the security of a particular computerized device, such as caused by a corporate spy.
One type of security mechanism is a “case opened” switch, such as found in “tamper-proof” devices and computers used in high-security government offices. The “case opened” switch is typically a capacitor that discharges when a shell or case of the computerized device is removed from the device. After detecting a discharge of the capacitor, the computerized device provides a warning to the end user, thereby indicating removal of the case from the computerized device and potential tampering of the hardware within the computerized device by an unauthorized user.
Another typical security mechanism is a recent-activity notification screen, displayed to an end-user, after logging into the computerized device. For example, in typical computer security, the operating system of a computerized device displays a message to an end user indicating the time and date of the user's previous login. The message provides an opportunity for the user to compare the displayed time and date of the last login with the user's known time and date of his last login. In the case of a discrepancy, the user is thus made aware of the possibility that some third party has learned the user's password and that the third party has logged into the computer using the password.