faqs

What is your office / service hours worldwide ?

Depending on the service contract either by call or 24/7 national or international.

On request we deliver also on-site service anytime, anywhere for our contract customers. The company HQ is based in Germany since 12.2011

"Why did you choose WPStB Harald Lauber ?"

WPStB Harald Lauber provide a full range of accounting and business advisory services to a diverse range of businesses and individuals across germany.

"Our work is reflecting the highest standard you can get, therefore we need partners in accounting and law with same standards we have, WPStB Harald Lauber is a company we trust more than 100%, highly recommended. The business has grown steadily over the last years to become a leading practice in the area supporting small and medium sized businesses in germany.

What is Facility Management ?

Facility management (or facilities management or FM) is an interdisciplinary field devoted to the coordination of space, infrastructure, people and organization, often associated with the administration of office blocks, arenas, schools, convention centers, shopping complexes, hospitals, hotels, etc.

However, FM facilitates on a wider range of activities than just business services and these are referred to as non-core functions. Many of these are outlined below but they do vary from one business sector to another. In a 2009 Global Job Task Analysis the International Facility Management Association (IFMA) identified eleven core competencies of facility management. These are: communication; emergency preparedness and business continuity; environmental stewardship and sustainability; finance and business; human factors; leadership and strategy; operations and maintenance; project management; quality; real estate and property management; and technology. FM is subject to continuous innovation and development, under pressure to reduce costs and to add value to the core business of the client organisation where possible. Facility management is supported with training and professional qualifications often co-ordinated by FM institutes or associations, and a limited number of formal degree programs exist at both undergraduate and graduate levels.

What is Fiber tapping ?

Fiber tapping uses a network tap method that extracts signal from an optical fiber without breaking the connection. Tapping of optical fibre allows diverting some of the signal being transmitted in the core of the fibre into another fibre or a detector. Fibre to the home (FTTH) systems use beam splitters to allow many users to share one backbone fibre connecting to a central office, cutting the cost of each connection to the home. Test equipment can simply put a bend in the fibre and extract sufficient light to identify a fibre or determine if a signal is present.

Similar techniques can surreptitiously tap fibre for surveillance, although this is rarely done where electronic equipment used in telecommunication is required to allow access to any phone line for tapping by legal authorization. Tapping the fibre means that all signals from every communications source being routed through the fibre are presented and must be sorted for relevant data, an immense task when thousands of sources of data or voice may be present.

One way to detect fiber tapping is by noting increased attenuation added at the point of tapping. There are, however, tappers which allow tapping without significant added attenuation. In either case there should be a change of scattering pattern in that point in line which, potentially, can be detectable.
However once the tapper has been detected it may be too late since a part of the information has been already eavesdropped.

What is Orthogonal frequency-division multiplexing (COFDM) ?

Orthogonal frequency-division multiplexing (OFDM) is a method of encoding digital data on multiple carrier frequencies. OFDM has developed into a popular scheme for wideband digital communication, used in applications such as digital television and audio broadcasting, DSL Internet access, wireless networks, powerline networks, and 4G mobile communications. OFDM is a frequency-division multiplexing (FDM) scheme used as a digital multi-carrier modulation method. A large number of closely spaced orthogonal sub-carrier signals are used to carry data on several parallel data streams or channels. Each sub-carrier is modulated with a conventional modulation scheme (such as quadrature amplitude modulation or phase-shift keying) at a low symbol rate, maintaining total data rates similar to conventional single-carrier modulation schemes in the same bandwidth.

The primary advantage of OFDM over single-carrier schemes is its ability to cope with severe channel conditions (for example, attenuation of high frequencies in a long copper wire, narrowband interference and frequency-selective fading due to multipath) without complex equalization filters. Channel equalization is simplified because OFDM may be viewed as using many slowly modulated narrowband signals rather than one rapidly modulated wideband signal. The low symbol rate makes the use of a guard interval between symbols affordable, making it possible to eliminate intersymbol interference (ISI) and utilize echoes and time-spreading (on analogue TV these are visible as ghosting and blurring, respectively) to achieve a diversity gain, i.e. a signal-to-noise ratio improvement. This mechanism also facilitates the design of single frequency networks (SFNs), where several adjacent transmitters send the same signal simultaneously at the same frequency, as the signals from multiple distant transmitters may be combined constructively, rather than interfering as would typically occur in a traditional single-carrier system.

What is an IMSI-Catcher ?

An IMSI catcher (International Mobile Subscriber Identity) is a telephony eavesdropping device used for intercepting mobile phone traffic and tracking movement of mobile phone users. Essentially a "fake" mobile tower acting between the target mobile phone(s) and the service provider's real towers, it is considered a man-in-the-middle (MITM) attack, and is usually undetectable for the users of mobile phones. IMSI catchers are used in some countries by law enforcement and intelligence agencies, but based upon civil liberty and privacy concerns, their use is illegal in others. Some countries do not even have encrypted phone data traffic (or very weak encryption) rendering an IMSI catcher unnecessary.

Such a virtual base transceiver station (VBTS) is a device for identifying the International Mobile Subscriber Identity (IMSI) of a nearby GSM mobile phone and intercepting its calls. It was patented and first commercialized by Rohde & Schwarz in 2003, although it would be hard to maintain such a patent, since in reality it is just a modified cell tower with a malicious operator. On 24 January 2012, the Court of Appeal of England and Wales held that the patent is invalid for obviousness. The GSM specification requires the handset to authenticate to the network, but does not require the network to authenticate to the handset. This well-known security hole is exploited by an IMSI catcher. The IMSI catcher masquerades as a base station and logs the IMSI numbers of all the mobile stations in the area, as they attempt to attach to the IMSI-catcher. It allows forcing the mobile phone connected to it to use no call encryption (A5/0 mode) or to use easily breakable encryption (A5/1 or A5/2 mode), making the call data easy to intercept and convert to audio.

Body-worn IMSI catchers that target nearby mobile phones are being advertised to law enforcement agencies in the US.

Identifying an IMSI

Every mobile phone has the requirement to optimize the reception. If there is more than one base station of the subscribed network operator accessible, it will always choose the one with the strongest signal. An IMSI-catcher masquerades as a base station and causes every mobile phone of the simulated network operator within a defined radius to log in. With the help of a special identity request, it is able to force the transmission of the IMSI.

Tapping a mobile phone

The IMSI catcher subjects the phones in its vicinity to a man-in-the-middle attack, acting to them as a preferred base station in terms of signal strength. With the help of a SIM, it simultaneously logs into the GSM network as a mobile station. Since the encryption mode is chosen by the base station, the IMSI-catcher can induce the mobile station to use no encryption at all. Hence, it can encrypt the plain text traffic from the mobile station and pass it to the base station.
There is only an indirect connection from mobile station via IMSI-catcher to the GSM network. For this reason, incoming phone calls cannot generally be patched through to the mobile station by the GSM network, although more modern versions of these devices have their own mobile patch-thru solutions in order to provide this functionality.

How a satellite link operates ?

By using appropriate antennae microwaves can be very effectively focused, allowing cables to be replaced by microwave radio links.

If the transmitting and the receiving antenna are not in line of sight, but rather, as they are on the earth, on the surface of a sphere, then from a given distance onwards the receiving antenna disappears below the horizon owing to the curvature of the earth. The two antennae are thus no longer in line of sight. This would apply, for example, to an intercontinental microwave radio link between Europe and the USA. The antennae would have to be fitted to masts 1.8 km high in order for a link to be established. For this reason, an intercontinental microwave radio link of this kind is simply not feasible, setting aside the issue of the attenuation of the signal by air and water vapour. However, if a kind of mirror for the microwave radio link can be set up in a fixed position high above the earth in space, large distances can be overcome, despite the curvature of the earth, just as a person can see round corners using a traffic mirror. The principle described above is made workable through the use of geostationary satellites.

What are geostationary satellites

If a satellite is placed into a circular orbit parallel to the equator in which it circles the earth once every 24 hours, it will follow the rotation of the earth exactly.

Looking up from the earths surface, it seems to stand still at a height of roughly 36 000 km - it has a geostationary position. Most communications and television satellites are satellites of this type.

What is the route followed by signals sent via a satellite communication link ?

The transmission of signals via satellite can be described as follows: The signal coming from a cable is transmitted by an earth station equipped with a parabolic antenna to the satellite via an upward microwave radio link, the uplink. The satellite receives the signal, regenerates it and transmits it back to another Earth station via a downwards microwave radio link, the downlink. From there, the signal is transferred back to a cable network.

In the case of mobile communications satellite telephones the signal is transmitted directly from the mobile communications unit to the satellite, from where it can be fed into a cable link, via an Earth station, or directly transmitted to a different mobile unit.

Is there an damage caused by industrial espionage ?

In view of the high number of unrecorded cases, it is difficult to determine precisely the extent of the damage caused by competitive intelligence/industrial espionage.

In addition, some of the figures quoted are inflated because of vested interests. Security firms and counter-intelligence services have an understandable interest in putting the losses at the high end of the realistically possible scale. Despite this, the figures do give some idea of the problem. As early as 1988, the Max Planck Institute estimated that the damage caused by industrial espionage in Germany amounted to at least € 4 billion. The chairman of the association of security consultants in Germany, Klaus-Dieter Matschke, quotes a figure of € 7,5 bn a year, based on expert evidence. The President of the European police trade unions, Hermann Lutz, puts the damage at € 10 bn a year. According to the FBI (Louis J. Freeh, Director FBI, Statement for the Record, Hearing on Economic Espionage, House Judiciary Committee, Subcommittee on Crime, Washington DC, 9.5.1996), US industry suffered losses of US$ 1.7 bn as a result of competitive intelligence and industrial espionage in the years 1992/1993. The former chairman of the Secret Service monitoring committee of the House of Representatives in the USA has spoken of losses of US$ 100 bn sustained through lost contracts and additional research and development costs. It is claimed that between 1990 and 1996 this resulted in the loss of 6 million jobs.(Robert Lyle, Radio Liberty/Radio Free Europe, 10.2.1999.)
Basically the exact scale of the losses is irrelevant. The state has an obligation to combat competitive intelligence and industrial espionage using the police and counter-intelligence services, irrespective of the level of damage to the economy. Similarly, decisions taken by firms on the protection of information and counter-espionage measures cannot be based on total damage figures. Every firm has to calculate for itself the maximum possible damage as a result of the theft of information, assess the likelihood of such events occurring and compare the potential losses with the costs of security. The real problem is not the lack of accurate figures for the overall losses, the position is rather that such cost/benefit calculations are rarely carried out, except in large firms, and consequently security is disregarded.

Who carries out espionage ?

According to a study by the auditors Ernest Young LLP, 39% of industrial espionage is carried out on behalf of competitors, 19% for clients, 9% for suppliers and 7% for secret services.(Computerzeitung, 30.11.1995, 2.)

Espionage is carried out by company employees, private espionage firms, paid hackers and secret service professionals. (Roman Hummelt, Spionage auf dem Datenhighway, Hanser Verlag (1997), 49 et seq.)

Is ECHELON suitable for industrial espionage ?

The strategic monitoring of international telecommunications, can produce useful information for industrial espionage purposes, but only by chance. In fact, sensitive industrial information is primarily to be found in the firms themselves, which means that industrial espionage is carried out primarily by attempting to obtain the information via employees or infiltrators or by breaking into internal computer networks.


Only where sensitive data is sent outside via cable or radio (satellite) can a communications surveillance system be used for industrial espionage. This occurs systematically in the following three cases:
- in connection with firms which operate in three times zones, so that interim results are sent from Europe to America and then on to Asia;
- in the case of videoconferences in multinational companies conducted by VSAT or cable;
- when important contracts have to be negotiated locally (construction of facilities,
telecommunications infrastructure, rebuilding of transport systems, etc.), and the firm’s representatives have to consult their head office.

If firms fail to protect their communications in such cases, interception can provide competitors with valuable data.

Is there any protection against industrial espionage ?

The legal systems of all the industrialised countries define the theft of commercial secrets as a criminal offence. As in all other areas of the criminal law, the degree of protection varies from country to country. As a rule, however, the penalties for industrial espionage are much less severe than those for espionage in connection with military security. In many cases, competitive intelligence operations are banned only against firms from the same country, but not against foreign firms abroad. This is also the case in the USA.


In essence, the relevant laws prohibit only espionage by one industrial undertaking against another. It is doubtful whether they also restrict the activities of state intelligence services, since, on the basis of the laws establishing them, the latter are authorised to steal information. A grey area develops if intelligence services seek to pass on to individual firms information gained by means of espionage. The laws which endow intelligence services with special powers would normally not cover such activities. In particular, in the EU this would represent a breach of the EEC Treaty.

Irrespective of this fact, however, in practice it would be very difficult for a firm to seek legal protection by bringing an action before the courts. Interception operations leave no trace and generate no evidence which might be used in court.

Are there any In-house attackers with workstation access authorisation ?

A spy working within a firm has a clear advantage over a hacker attacking from the outside: he must overcome only the network security precautions, but no firewall.

From an individual workstation, and provided that the person concerned has the requisite knowledge, the architecture of the network can be established and substantial volumes of information can be obtained, using the same techniques employed by an outside hacker and other techniques available only to persons working from within. In addition, the spy can converse with colleagues without raising suspicion and obtain passwords by means of ’social engineering’.

The effectiveness of such a spy can be high, but is not as predictable as in the first case. The risk of detection is lower, particularly in the case of networks whose administrator pays little attention to the dangers of an attack from within. It is much easier to smuggle in a spy trained to hack into computer networks (trainees, guest researchers, etc.)....(Anonymous, Hacker’s guide, Markt & Technik-Verlag 1999)

Is there any risk-awareness in firms ?

As things stand, awareness of the risk of industrial espionage is not very well developed in individual firms. This is partly reflected in the fact that security officers often have middlemanagement rank and are not board members. However, security costs money and board members generally take an interest in security issues only when it is too late.

Large firms do at least have their own security departments and employ security specialists in the IT sphere as well. In contrast, small and medium-sized firms vary rarely employ security experts and are generally happy enough if their data-processing equipment works properly.

However, such firms as well may be targets for industrial espionage, since many of them are highly innovative. Moreover, in view of their integration in the production process mediumsized component suppliers offer a suitable basis for industrial espionage operations against large firms.

What security benefits do I have as company organisation to contract Suzana Ulbrich ?

We are able to identify security issues on site and abroad and help you to find the right solutions before it is too late.

Our Facility Management Team is able to create hidden IT security audits during daytime and night time activities, and create an special security audit advice to you in time.

Our business organisations are security certified, security checked by UK government and german government bodies.

Looking forward to serve you.

What is Open SuSE Linux ?

openSUSE a community distribution mainly sponsored by German company SUSE.

openSUSE is a general purpose operating system built on top of the Linux kernel, developed by the community-supported openSUSE Project and sponsored by SUSE and a number of other companies. After Novell acquired SUSE Linux in January 2004, Novell decided to release the SUSE Linux Professional product as a 100% open source project. In 2011 The Attachmate Group acquired Novell and split Novell and SUSE into two autonomous subsidiary companies. SUSE offers products and services around SUSE Linux Enterprise—their commercial offering that is based on openSUSE Linux. The initial release of the community project was a beta version of SUSE Linux 10.0, and as of November 19, 2013 the current stable release is openSUSE 13.1.

What is Fedora Linux ?

Fedora, a community distribution sponsored by American company Red Hat.

Fedora formerly (Fedora Core) is an operating system based on the Linux kernel, developed by the community-supported Fedora Project and owned by Red Hat. Fedora contains software distributed under a free and open source license and aims to be on the leading edge of such technologies.

What ist Debian Linux ?

Debian, a non-commercial distribution and one of the earliest, maintained by a volunteer developer community with a strong commitment to free software principles and democratic project management

Debian is an operating system which is composed primarily of free and open-source software, most of which is under the GNU General Public License, and developed by a group of individuals known as the Debian project. Debian is one of the most popular Linux distributions for personal computers and network servers, and has been used as a base for several other Linux distributions. Debian was first announced in 1993 by Ian Murdock, and the first stable release was made in 1996. The development is carried out over the Internet by a team of volunteers guided by a project leader and three foundational documents.

IT Security - Your remote services,
is it safe using Teamviewer as remote access ?

TeamViewer is a highly secure remote maintenance solution. Your connections are established via fully encrypted data channels using 2048-bit RSA key exchange and 256-bit AES session encoding. - We are recommending the tool as well the business itself.

Inexpensive TeamViewer license fees will pay off very quickly due to time and cost savings. For private users it is even completely free.