The Future of Government Surveillance - Looks Like This

Before the Internet, when surveillance consisted largely of government-on-government espionage, agencies like the NSA would target specific communications circuits: that Soviet undersea cable between Petropavlovsk and Vladivostok, a military communications satellite, a microwave network. This was for the most part passive, requiring large antenna farms in nearby countries.

Modern targeted surveillance is likely to involve actively breaking into an adversary's computer network and installing malicious software designed to take over that network and "exfiltrate" data—that's NSA talk for stealing it. To put it more plainly, the easiest way for someone to eavesdrop on your communications isn't to intercept them in transit anymore; it's to hack your computer.

In 2011, an Iranian hacker broke into the Dutch certificate authority DigiNotar. This enabled him to impersonate organizations like Google, the CIA, MI6, Mossad, Microsoft, Yahoo, Skype, Facebook, Twitter, and Microsoft's Windows Update service. That, in turn, allowed him to spy on users of these services. He passed this ability on to others—almost certainly in the Iranian government—who in turn used it for mass surveillance on Iranians and probably foreigners as well. Fox-IT estimated that 300,000 Iranian Gmail accounts were accessed.

In 2009, Canadian security researchers discovered a piece of malware called GhostNet on the Dalai Lama's computers. It was a sophisticated surveillance network, controlled by a computer in China. Flame is a surveillance tool that researchers detected on Iranian networks in 2012; these experts believe the United States and Israel put it there and elsewhere. Red October, which hacked and spied on computers worldwide for five years before it was discovered in 2013, is believed to be a Russian surveillance system. So is Turla, which targeted Western government computers and was ferreted out in 2014. The Mask, also discovered in 2014, is believed to be Spanish. Iranian hackers have specifically targeted U.S. officials. There are many more known surveillance tools like these, and presumably others still undiscovered.

Stuxnet is the first military-grade Cyber weapon known to be deployed by one country against another. It was launched in 2009 by the United States and Israel against the Natanz nuclear facility in Iran, and succeeded in causing significant physical damage. A 2012 attack against Saudi Aramco that damaged some 30,000 of the national oil company's computers is believed to have been retaliation by Iran.

There's an interesting monopolistic effect that occurs with surveillance. Espionage basically follows geopolitical lines; a country gets together with its allies to jointly spy on its adversaries. That's how we did it during the Cold War. It's politics.

Mass surveillance is different. If you're truly worried about attacks coming from anyone anywhere, you need to spy on everyone everywhere. And since no one country can do that alone, it makes sense to share data with other countries.

But whom do you share information with? You could share with your traditional military allies, but they might not be spying on the countries you're most worried about. Or they might not be spying on enough of the planet to make sharing worthwhile. It makes the best sense to join the most extensive spying network around. And that's the United States.

This is what's happening right now. U.S. intelligence agencies partner with many countries as part of an extremely close relationship of wealthy, English-speaking nations called the Five Eyes: the U.S., U.K., Canada, Australia, and New Zealand. Other partnerships include the Nine Eyes, which adds Denmark, France, the Netherlands, and Norway; and the Fourteen Eyes, which adds Germany, Belgium, Italy, Spain, and Sweden. And the United States partners with countries that have traditionally been much more standoffish, like India, and even with brutally repressive regimes like Saudi Arabia's.

All of this gives the NSA access to almost everything. In testimony to the European Parliament in 2014, Snowden said, "The result is a European bazaar, where an EU member state like Denmark may give the NSA access to a tapping center on the (unenforceable) condition that NSA doesn't search it for Danes, and Germany may give the NSA access to another on the condition that it doesn't search for Germans. Yet the two tapping sites may be two points on the same cable, so the NSA simply captures the communications of the German citizens as they transit Denmark, and the Danish citizens as they transit Germany, all the while considering it entirely in accordance with their agreements."

The endgame of this isn't pretty: It's a global surveillance network where all countries collude to surveil everyone on the entire planet. It'll probably not happen for a while—there will be holdout countries like Russia that will insist on doing it themselves, and rigid ideological differences will never let countries like Iran cooperate fully with either Russia or the United States—but most smaller countries will be motivated to join. From a very narrow perspective, it's the rational thing to do.

DefenseOne

 

« Malware Tracks a Smartphone Without Location Data
How you could become a victim of cybercrime in 2015 »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Veracode

Veracode

Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications.

ManagedMethods

ManagedMethods

ManageMethods Cloud Access Monitor is the only Cloud Access Security Broker (CASB) that can be deployed in minutes, with no special training, and with no impact on users or networks.

Cambridge Intelligence

Cambridge Intelligence

Cambridge Intelligence are experts in network visualization and finding hidden trends in complex connected data. Applications include cybersecurity.

Recorded Future

Recorded Future

Recorded Future arms security teams with threat intelligence powered by patented machine learning to lower risk.

Sensible Vision

Sensible Vision

SensibleVision helps organizations transparently protect data and prevent costly security breaches by constantly verifying the identities of people who use computers or mobile devices.

Montimage

Montimage

Montimage develops tools for testing and monitoring networks, applications and services; in particular, for the verification of functional, performance (QoS/QoE) and security aspects.

NFIR

NFIR

NFIR is a specialist in the field of cyber security incident response and digital forensics.

Corsha

Corsha

Corsha is on a mission to simplify API security and allow enterprises to embrace modernization, complex deployments, and hybrid environments with confidence.

NuCrypt

NuCrypt

NuCrypt is developing technology that is applicable to ultrahigh security data encryption as well as key distribution.

Defentry

Defentry

Defentry have created an Ecosystem that lets our users easily monitor, train and resolve their digital security issues.

Omega Systems

Omega Systems

Omega Systems is a leading managed service provider (MSP) and managed security service provider (MSSP) to mid-market organizations.

Pangu Laboratory

Pangu Laboratory

Beijing Qi an Pangu Laboratory Technology Co., Ltd. was established on the basis of Pangu laboratory, a well-known cyber security team.

DATS Project

DATS Project

DATS Project enables the utilization of high computing power across a number of cybersecurity services, all on a pay-as-you-go basis, eliminating the need for upfront investment costs.

ClearFocus Technologies

ClearFocus Technologies

ClearFocus Technologies provides advanced cybersecurity services that secure our nation’s most sensitive assets.

Integrated Cyber Solutions (ICS)

Integrated Cyber Solutions (ICS)

Integrated Cyber Solutions is a managed security service provider that humanizes cybersecurity managed services to the Small-to-Medium Business (SMB) and Small-to-Medium Enterprise (SME) sectors.

403Tech Inc.

403Tech Inc.

403Tech is a Calgary based IT Solutions Provider, specializing in small & medium business.