Snowden: IT Workers Are Now the Target of Spies

Uploaded on 2015-03-25 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Spies are increasingly targeting IT staff to gain access to key elements of internet infrastructure and sensitive databases, NSA contractor-turned whistleblower Edward Snowden has warned.
    
"It's not that they are looking for terrorists, it's not that they are looking for bad guys, it's that they are looking for people with access to infrastructure. They are looking for service providers, they are looking for systems administrators, they're looking for engineers," he said, speaking at the CeBIT technology show in Germany via a video link from Russia.
He added: "They are looking for the people who are in this room right now: you will be the target. Not because you are a terrorist, not because you are suspected of any criminal wrongdoing, but because you have access to systems, you have access to infrastructure, you have access to the private records, people's private lives. These are the things that they want. It is important for us to come together and prevent that from happening."
Snowden isn't the only one to warn that IT staff can be the target of spies, although mostly the finger is being pointed at foreign intelligence agencies. For example, the UK's M15 security service warned last year that IT workers have been recruited to help overseas spies gain sensitive personnel information, steal corporate or national secrets and even upload malware to compromise the network. IT staff have also been warned to beware of 'honey pot' sex stings.
Snowden said the best way to protect privacy was through technology, because that remains a constant across geographical or political boundaries. "That means end-to-end encryption; we have to protect communications while they are in transit, we have to improve the security of the endpoints and make this transparent to users," he said.
When we look back at 2013 a decade from now, the one technology story that's likely to have the biggest long-term impact is the Edward Snowden revelations.
While there were major password breaches at Adobe, Evernote, and Twitter as well as the Healthcare.gov debacle, nothing rocked the IT world more than the 200,000 classified documents that Snowden leaked to the press, uncovering the NSA's startling digital surveillance programs that reach more broadly across the internet than even many of the most extreme conspiracy theorists would have feared.
While the U.S. government defends the program as court-supervised and a powerful tool that has thwarted terrorist attacks and protected citizens, there's no doubt that the Snowden revelations have had a chilling effect on the technology world.
Here are the three biggest impacts: 
    1. Organizations are re-thinking how to effectively encrypt their most sensitive data.
    2. International organizations are looking at ways to do less business with U.S. companies, since the NSA has direct backdoors into many of them.
    3. The brakes are being put on cloud computing by some organizations, as they consider whether they want their data so easily accessible to surveillance agencies.

ZD Net 1  http://ow.ly/KCNRI
 ZD Net 2  http://ow.ly/KCNYC

« After the Arab Spring, Surveillance in Egypt Intensifies
Latest Insurance Hack Affects 11 Million Customers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cloudera

Cloudera

Cloudera provide the world’s fastest, easiest, and most secure data platform built on Hadoop.

Happiest Minds Technologies

Happiest Minds Technologies

Happiest Minds offers domain centric solutions in IT Services, Product Engineering, Infrastructure Management and Security.

Securely

Securely

Securely Ltd. is an IT consulting and services firm specializing in PKI solutions and products.

TechGuard Security

TechGuard Security

TechGuard Security was founded to address national cyber defense initiatives and US critical infrastructure security.

Checksum Consultancy

Checksum Consultancy

Checksum Consultancy specializes in Information security, Risk management, and IT governance.

ANSI National Accreditation Board (ANAB)

ANSI National Accreditation Board (ANAB)

ANAB is the largest accreditation body in North America. The directory of members provides details of organisations offering certification services for cybersecurity related standards.

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

SWEDAC is the national accreditation body for Sweden. The directory of members provides details of organisations offering certification services for ISO 27001.

LinkUp

LinkUp

LinkUp is a leading data-driven job search company. Every day we index millions of job openings directly from employer websites.

ITRenew

ITRenew

ITRenew is a leading global IT lifecycle management solutions company, specializing in onsite data center decommissioning and data erasure services.

Stanley Reid & Company (SRC)

Stanley Reid & Company (SRC)

Stanley Reid & Co is an Executive and Technical Search Firm serving the commercial market and the US Intelligence & Defense community. Our areas of expertise include Cybersecurity.

Cyolo

Cyolo

Cyolo’s Secure Access Service Edge (SASE) platform securely connects onsite and remote users to authorized assets, in the organizational network, cloud or IoT environments and even offline networks.

Netizen

Netizen

Netizen is an award-winning company that develops and leverages innovative solutions to enable a more secure cyberspace for clients in government and commercial markets.

Allied Telesis

Allied Telesis

Allied Telesis delivers the secure, flexible, and agile solutions needed to meet the expectations of any industry’s critical mission.

Cyber Bytes Foundation

Cyber Bytes Foundation

Cyber Bytes Foundation exists to establish and sustain a unique Cyber Ecosystem to accelerate the development of a strong Cyber workforce and support community outreach programs.

RedHunt Labs

RedHunt Labs

RedHunt Labs is a premier Cybersecurity Solutions provider, offering Attack Surface Management solution 'NVADR' and Penetration Testing services.

Traceable

Traceable

Traceable was founded to protect applications from next-generation attacks.