The Future of Government Surveillance - Looks Like This

Before the Internet, when surveillance consisted largely of government-on-government espionage, agencies like the NSA would target specific communications circuits: that Soviet undersea cable between Petropavlovsk and Vladivostok, a military communications satellite, a microwave network. This was for the most part passive, requiring large antenna farms in nearby countries.

Modern targeted surveillance is likely to involve actively breaking into an adversary's computer network and installing malicious software designed to take over that network and "exfiltrate" data—that's NSA talk for stealing it. To put it more plainly, the easiest way for someone to eavesdrop on your communications isn't to intercept them in transit anymore; it's to hack your computer.

In 2011, an Iranian hacker broke into the Dutch certificate authority DigiNotar. This enabled him to impersonate organizations like Google, the CIA, MI6, Mossad, Microsoft, Yahoo, Skype, Facebook, Twitter, and Microsoft's Windows Update service. That, in turn, allowed him to spy on users of these services. He passed this ability on to others—almost certainly in the Iranian government—who in turn used it for mass surveillance on Iranians and probably foreigners as well. Fox-IT estimated that 300,000 Iranian Gmail accounts were accessed.

In 2009, Canadian security researchers discovered a piece of malware called GhostNet on the Dalai Lama's computers. It was a sophisticated surveillance network, controlled by a computer in China. Flame is a surveillance tool that researchers detected on Iranian networks in 2012; these experts believe the United States and Israel put it there and elsewhere. Red October, which hacked and spied on computers worldwide for five years before it was discovered in 2013, is believed to be a Russian surveillance system. So is Turla, which targeted Western government computers and was ferreted out in 2014. The Mask, also discovered in 2014, is believed to be Spanish. Iranian hackers have specifically targeted U.S. officials. There are many more known surveillance tools like these, and presumably others still undiscovered.

Stuxnet is the first military-grade Cyber weapon known to be deployed by one country against another. It was launched in 2009 by the United States and Israel against the Natanz nuclear facility in Iran, and succeeded in causing significant physical damage. A 2012 attack against Saudi Aramco that damaged some 30,000 of the national oil company's computers is believed to have been retaliation by Iran.

There's an interesting monopolistic effect that occurs with surveillance. Espionage basically follows geopolitical lines; a country gets together with its allies to jointly spy on its adversaries. That's how we did it during the Cold War. It's politics.

Mass surveillance is different. If you're truly worried about attacks coming from anyone anywhere, you need to spy on everyone everywhere. And since no one country can do that alone, it makes sense to share data with other countries.

But whom do you share information with? You could share with your traditional military allies, but they might not be spying on the countries you're most worried about. Or they might not be spying on enough of the planet to make sharing worthwhile. It makes the best sense to join the most extensive spying network around. And that's the United States.

This is what's happening right now. U.S. intelligence agencies partner with many countries as part of an extremely close relationship of wealthy, English-speaking nations called the Five Eyes: the U.S., U.K., Canada, Australia, and New Zealand. Other partnerships include the Nine Eyes, which adds Denmark, France, the Netherlands, and Norway; and the Fourteen Eyes, which adds Germany, Belgium, Italy, Spain, and Sweden. And the United States partners with countries that have traditionally been much more standoffish, like India, and even with brutally repressive regimes like Saudi Arabia's.

All of this gives the NSA access to almost everything. In testimony to the European Parliament in 2014, Snowden said, "The result is a European bazaar, where an EU member state like Denmark may give the NSA access to a tapping center on the (unenforceable) condition that NSA doesn't search it for Danes, and Germany may give the NSA access to another on the condition that it doesn't search for Germans. Yet the two tapping sites may be two points on the same cable, so the NSA simply captures the communications of the German citizens as they transit Denmark, and the Danish citizens as they transit Germany, all the while considering it entirely in accordance with their agreements."

The endgame of this isn't pretty: It's a global surveillance network where all countries collude to surveil everyone on the entire planet. It'll probably not happen for a while—there will be holdout countries like Russia that will insist on doing it themselves, and rigid ideological differences will never let countries like Iran cooperate fully with either Russia or the United States—but most smaller countries will be motivated to join. From a very narrow perspective, it's the rational thing to do.

DefenseOne

 

« Malware Tracks a Smartphone Without Location Data
How you could become a victim of cybercrime in 2015 »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Brinqa

Brinqa

Brinqa is a leading provider of unified risk management and security analytics.to manage IT governance and technology risk.

Egis Technology

Egis Technology

Egis specializes in the IC design, research and development, and the testing and sales of capacitive fingerprint sensor.

Exabeam

Exabeam

Exabeam is a global cybersecurity leader that delivers AI-driven security operations.

Proteus

Proteus

Proteus is an Information Security consulting firm specialized in Risk Analysis and Executive Control.

Honeywell Process Solutions (HPS)

Honeywell Process Solutions (HPS)

Honeywell's Industrial Cyber Security Solutions help plants and critical infrastructure sectors defend the availability, reliability and safety of their industrial control systems.

Trustless Computing Association (TCA)

Trustless Computing Association (TCA)

TCA is is a non-profit organization promoting the creation and wide availability of IT and AI technologies that are radically more secure and accountable than today’s state of the art.

Altaro Software

Altaro Software

Altaro provide backup solutions that are intuitive, easy to use, well-priced and backed by outstanding 24/7 support as part of the package.

Italtel

Italtel

Italtel is a multinational ICT company that combines networks and communications services with the ability to innovate and develop solutions for digital transformation.

Hallam-ICS

Hallam-ICS

Hallam-ICS designs MEP systems for facilities and plants, control and automation solutions, and ensures safety and regulatory compliance.

Partnership for Conflict, Crime and Security Research (PaCCS)

Partnership for Conflict, Crime and Security Research (PaCCS)

PaCCS delivers high quality and cutting edge research to improve our understanding of current and future global security challenges in areas including cybersecurity.

SOSA

SOSA

SOSA facilitates new growth opportunities by connecting the dots between industry verticals and innovation ecosystems around the world.

Informatics International

Informatics International

Informatics is a leading ICT provider in Sri Lanka, providing cutting-edge software & infrastructure solutions and services including cyber security.

Sentrium Security

Sentrium Security

Sentrium is committed to helping organisations protect their technology, information and people. Our range of bespoke services provide solutions to tackle a broad range of cyber security challenges.

Cybervergent

Cybervergent

Cybervergent (formerly Infoprive) are a leading cybersecurity technology company in Africa. We provide cybersecurity guidance and solutions that help protect your business.

CoinCover

CoinCover

Blockchain technology is changing everything. However, it brings its own set of unique risks. Coincover ensures everyone is protected, enabling them to innovate freely, without constraints.

Clutch Security

Clutch Security

Clutch Security are on a mission to secure all Non-Human Identities. Everywhere.