Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Trust and Temptation in the Internet as a Shared Commons

As the “Snowden leaks” continue in their revelations and unraveling of the twisted web of government surveillance, it is becoming clear that the foundation of trust in the Internet as a shared commons has been thoroughly undermined.

As the “Snowden leaks” continue in their revelations and unraveling of the twisted web of government surveillance, it is becoming clear that the foundation of trust in the Internet as a shared commons has been thoroughly undermined.

When the underlying infrastructure, the logistical supply chain and even, as some leaked documents hint at, the encryption relied on commercially by the majority of the world, has been as thoroughly undermined and coopted as has been reported, any notion of trust dissipates.

Recriminations from China against the US Government and its allies came swift, but did not approach anywhere near the hysterical pitch the western media and blogosphere reached during the APT1 mass-panic.

InternetLouder and more persistent criticism however came from many of the exposed targets of the espionage activity – many of whom consider themselves allies and trading partners, and have a disturbed and angry electorate to placate. Plowing with full force into this pileup is also a matter of nationalistic and commercial interests. In Germany for example, there is a noticeable wave of media, industry groups and German businesses pushing the label “Security made in Germany”. The dawning realization that there are barely enough alternative vendors in Germany, or most other countries for that matter, to make that move even if they could and were able to, has not appeared to have sunk in quite yet.

We are told there is a difference between Chinese and Western hacking and surveillance, aside from the differences in approach and utilized attack vectors. The US and other fingered actors possess technological and situational advantages due to their integral role in managing the critical shared infrastructure that underpins the global network.

The Chinese do not just use it for national security purposes, they also abuse the intelligence thus gathered economically. The United States, categorically, do not.

Other than an appeal to believe in the moral superiority of American spies and intelligence agencies, we are offered no further reassurance.

The problem with this argument, even if taken at face value, is similar to that of the Chinese. The abuse and misuse of the gathered data cannot currently be controlled. That is the first lesson of both the Snowden and also preceding Manning affairs.

We only know about these two incidents, because they were intentionally leaked. Can the same be said, if either had instead opted to sell the pilfered intelligence to the highest bidder? Or if they had been purposefully planted by an interested party?

Advertisement. Scroll to continue reading.

In the same vain of thinking, how many times has this been done before? We really can’t tell and will never know. More worryingly, the same seems to be the case for the affected agencies and Military and Intelligence businesses, who also seem unable to even determine the scope and content of the taken material. If you were wondering why so many other countries are cooperating in the attempt to limit the damage, it is because no one knows what skeletons are yet to pop out of the closet.

This leaves one big question hanging in the air. If they cannot tell what was taken even after they are aware of the breach, how on earth could they assure anyone that the harvested intelligence is not being used for economic benefit?

Apparently, all it takes for unfettered access to top secret intelligence data is to obtain a job at any one of the big government contractors, who seem to apply for Top Secret clearance for all and sundry, it seems the cleaning staff included.

Even the security clearance vetting system is under scrutiny, prompting congressional hearings and investigations. The picture that emerges here so far is one of rampant negligence and abuse. This was of course to be expected, considering the increase in demand for security professionals, of which there will not magically be more just because the government and military need them. That recruitment standards and quality suffer, and the vetting process lacks in due diligence, is a natural consequence of the rash and hasty rush to bulk up the nations computer defenses after the self-inflicted panic following the APT1 report, NY Times and related hacks.

Other insights into how the intelligence agencies monitor and maintain data security even within their own ranks are also not encouraging. From Loveint to a wanton willingness to flaunt the law, Europeans are not hearing much to provide reassurance.

It is unavoidable to draw the conclusion that the scope and vector for spying on the spies, so to speak, is broad enough to warrant concern. To believe that someone would be able to get access to all of that data and not try for a competitive advantage, especially when the process is so prone to abuse, is a ridiculously naïve position. Even excluding American private interests, the system is just as open for abuse by foreign entities.

Even if this were possible, the fact that this data has been gathered and is apparently accessible to such a wide range of people also poses other problems. The first is that even though there may not be any cause or impetus to use the stored intelligence for economic reasons today, there is no guarantee that this will still be the case tomorrow. Political and economic interests change over time. That data will still be there.

Yet another complication to afflict the provided narrative, is the issue that many of the private contractors, and indeed even government agents via the revolving door, will for the most part move on into other companies, agencies or roles. The information they have seen and learned will not be forgotten. Even assuming someone has the principles and discipline to not consciously use the information from that time, it will still be there in the back of the mind. Of course, this is always a risk of intelligence gathering and analysis, but due to the scale and numbers of actors involved, many who also have other business interests aside, this risk will grow respectively.

This episode is also far from over – the leaks are still ongoing, and similar incidents are also not unlikely either. Like any iterative process, the leaking of such material will mature and evolve. The threat of prosecution may dissuade some, but others will look at the mistakes that Julian Assange, Bradley Manning, and Snowden have made, and they will learn from these and avoid the same pitfalls.

At the very least, this incident will encourage and foster a security industry outside of the United States, a greater push towards shared governance of the Internet, and it will impact the future success and growth of US cloud, security and tech providers successes worldwide in the future. Considering the importance of the US tech sector, this will impact America visibly, and understandably, Google, Microsoft and other US businesses are already applying pressure to the US Government and are ramping up efforts to distance themselves from the fallout. Whether this will be successful remains to be seen.

I also predict that it will not be long before the first incident of this data being abused economically by a western party emerges. It will put the final-nail-into- the-coffin of trust into anyone unilaterally governing the Internet.

We will either have a world then, where the responsibility for the Internet is shared, and trust can be reestablished, or we will have a world where the Internet undergoes a process of balkanization. The second option would wind back the clock of globalization and international mutual trust by decades. Which one we will find ourselves in, will depend greatly on the latest developments, including what will still be leaked, and more importantly, what actions the United States will take to reign in its intelligence machine and to reassure its allies.

Written By

Oliver has worked as a penetration tester, consultant, researcher, and industry analyst. He has been interviewed, cited, and quoted by media, think tanks, and academia for his research. Oliver has worked for companies such as Qualys, Verizon, Tenable, and Gartner. At Gartner he covered Security Operations topics like SIEM, and co-named SOAR. He is the Chief Futurist for Tenzir, working on the next generation of data engineering tools for security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybercrime

Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of...

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Security Infrastructure

Security vendor consolidation is picking up steam with good reason. Everyone wants to improve security efficiency and effectiveness while paying for less.