Snowden: IT Workers Are Now the Target of Spies

Uploaded on 2015-03-25 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Spies are increasingly targeting IT staff to gain access to key elements of internet infrastructure and sensitive databases, NSA contractor-turned whistleblower Edward Snowden has warned.
    
"It's not that they are looking for terrorists, it's not that they are looking for bad guys, it's that they are looking for people with access to infrastructure. They are looking for service providers, they are looking for systems administrators, they're looking for engineers," he said, speaking at the CeBIT technology show in Germany via a video link from Russia.
He added: "They are looking for the people who are in this room right now: you will be the target. Not because you are a terrorist, not because you are suspected of any criminal wrongdoing, but because you have access to systems, you have access to infrastructure, you have access to the private records, people's private lives. These are the things that they want. It is important for us to come together and prevent that from happening."
Snowden isn't the only one to warn that IT staff can be the target of spies, although mostly the finger is being pointed at foreign intelligence agencies. For example, the UK's M15 security service warned last year that IT workers have been recruited to help overseas spies gain sensitive personnel information, steal corporate or national secrets and even upload malware to compromise the network. IT staff have also been warned to beware of 'honey pot' sex stings.
Snowden said the best way to protect privacy was through technology, because that remains a constant across geographical or political boundaries. "That means end-to-end encryption; we have to protect communications while they are in transit, we have to improve the security of the endpoints and make this transparent to users," he said.
When we look back at 2013 a decade from now, the one technology story that's likely to have the biggest long-term impact is the Edward Snowden revelations.
While there were major password breaches at Adobe, Evernote, and Twitter as well as the Healthcare.gov debacle, nothing rocked the IT world more than the 200,000 classified documents that Snowden leaked to the press, uncovering the NSA's startling digital surveillance programs that reach more broadly across the internet than even many of the most extreme conspiracy theorists would have feared.
While the U.S. government defends the program as court-supervised and a powerful tool that has thwarted terrorist attacks and protected citizens, there's no doubt that the Snowden revelations have had a chilling effect on the technology world.
Here are the three biggest impacts: 
    1. Organizations are re-thinking how to effectively encrypt their most sensitive data.
    2. International organizations are looking at ways to do less business with U.S. companies, since the NSA has direct backdoors into many of them.
    3. The brakes are being put on cloud computing by some organizations, as they consider whether they want their data so easily accessible to surveillance agencies.

ZD Net 1  http://ow.ly/KCNRI
 ZD Net 2  http://ow.ly/KCNYC

« After the Arab Spring, Surveillance in Egypt Intensifies
Latest Insurance Hack Affects 11 Million Customers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Group-IB

Group-IB

Group-IB is a leading provider of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigating high-tech crimes, and protecting intellectual property.

Cortado Mobile Solutions

Cortado Mobile Solutions

Cortado Mobile Solutions is the manufacturer of the mobile device management solution Cortado MDM.

IoTium

IoTium

Secure Cloud Managed Software Defined IoT Networks. IoTium simplifies establishing and managing secure network infrastructure for Industrial IoT.

Daon

Daon

Daon offers a universal biometric authentication platform for mobile devices.

Genua

Genua

Genua is a specialist in IT security services and solutions ranging from network and infrastructure security to encrypted comms and industrial automation.

Raytheon Technologies

Raytheon Technologies

Raytheon Intelligence & Space delivers solutions that protect every side of cyber for government agencies, businesses and nations.

Perseus Cyber Security

Perseus Cyber Security

Perseus provides all-around digital protection for small and medium-sized businesses through state-of-the-art software solutions, flexible online training and emergency response.

NDK InfoSec

NDK InfoSec

NDK InfoSec is a specialist Information Security and Cyber Security search firm. We're not just a security function in a larger generalist recruitment company.

Nu Quantum

Nu Quantum

Nu Quantum is developing quantum photonics hardware to power the quantum revolution in communications, sensing and computing.

Wontok

Wontok

Wontok deliver innovative value-added data security services that fill the gaps left in traditional security solutions.

VectorUSA

VectorUSA

VectorUSA is a premier technology solution provider. We design, build and maintain cybersecurity, data center, wireless and managed solutions – transforming business needs into technology solutions.

Airgap Networks

Airgap Networks

Airgap is fixing the fundamental flaw of excessive trust. We help enterprises modernize their network for a simple and secure infrastructure.

RADICL

RADICL

RADICL's mission is to give SMBs that serve America's Defense Industrial Base (DIB) access to strong, enterprise-grade cyber security protection.

Prophet Security

Prophet Security

Prophet Security empowers organizations to triage, investigate, and respond to alerts with unparalleled speed and accuracy.

Enterprise Strategy Group

Enterprise Strategy Group

Enterprise Strategy Group, a division of TechTarget, is an IT analyst, research, validation, and strategy firm that provides market intelligence and actionable insight to the global IT community.

ecfirst

ecfirst

ecfirst's mission is to establish AI platforms and service capabilities to assess and manage client compliance with global mandates on a continual basis to secure business data and assets.