January 20, 2015—Between the compromise of U.S. military social media accounts and the information disclosure of certain private companies like Sony, information security has become an increasingly dominant headline. Some security enthusiasts have called for NSA reform and strong end-to-end cryptographic solutions, while others have demanded for increased government intervention in cybersecurity.
Some of those who support the latter position are fueled by fears of digital mass destruction at the hands of some group like Cyber Caliphate, a largely mysterious hacker group that took control of some US Central Command social media accounts. Or, it is feared that some elite North Korean hackers might disclose the confidential information of millions of Americans or private businesses. Although the compromise of some military social media accounts and the disclosure of a company’s private information should naturally warrant some concern, it is important to also keep in mind a few important crucial points.
First,with intelligence agencies like the GCHQ engaging in—according to their own documents—cyber “false flag operations” to “discredit targets” and deceive the media, it is important to consider all of the possibilities with regard to the source attacker. When TOP SECRET documents plan to “leak confidential information” and “ruin business relationships,” would it come as a surprise if they engaged in these tactics if it were in the agency’s best interest?
Second, some security researchers, like Marc Rogers and John McAffee, have challenged the FBI’s assessment of North Korea being behind the Sony hack. Others offer an alternative perspective that the attack on Sony Pictures was blowback for the NSA hacking into networks in other countries years earlier, including North Korea.
Third, not much is known about the hacker group Cyber Caliphate, other than that they have boasted about creating a digital army protected by encryption. The group, which self-proclaims to be supportive of ISIS, claimed to be in all the computers “in each military base.” While such a threat is unquestionably alarming, and might even lead some to suggest that the NSA should therefore be in each person’s computer as well, this claim is not true. Most security researchers agree that the attack which compromised the social media accounts of the military was likely a phishing attack or some other sort of social engineer. In other words, the attack was an isolated incident that likely targeted or tricked the operator of the social media accounts, rather than compromising entire sensitive networks with some sophisticated 0day vulnerability.
Still, the fact that the US military was susceptible to this common attack will remain troubling to security researchers. It begs important questions, such as what should the public sector do to better secure their computer systems and networks? What is the proper role of government in information security?
With regard to the first question, many security enthusiasts would answer that all public and private entities should strive to encrypt all information where necessary. The answer to the second question isn’t as cut and dry, especially if one is of the view that it is necessary to sacrifice liberty in the name of security. Nonetheless, it remains obvious that being sympathetic to the idea that we should continue to arm intelligence agencies with the resources to directly undermine encryption is a dangerous notion. Supporting the undermining of encryption in the name of improving information security is no different than suggesting that we ought to invade more countries to maintain peace, or that we should feed an addict their fix to kill their addiction.
The main difference between many private hacking groups and all state-sponsored hacking groups is that the former tend to be defenders of internet freedom, while the latter undermine it to further special interests. Hacking groups like Cyber Caliphate, Lizard Squad, and the NSA’s Tailored Access Operations all paint encryption in a negative light. It is each group’s goal to intercept signals intelligence, use encryption to their own advantage, and break encryption for all others. In contrast, groups like Anonymous and null-name individual hackers have been strong defenders of encryption and anonymity networks.
With fears of hackers causing economic turmoil, with the FBI declaring war against encryption, and with the UK proposing a ban on end-to-end cryptography, it is essential that people all over the world demand a non-interventionist cybersecurity policy with respect for strong encryption and internet freedom.
GCHQ documents https://firstlook.org/theintercept/2014/02/24/jtrig-manipulation/
Cyber security researchers challenge FBI’s conclusions http://www.thedailybeast.com/articles/2014/12/24/no-north-korea-didn-t-hack-sony.html
Cyber Caliphate’s digital army http://www.dailymail.co.uk/news/article-2751896/Islamic-State-jihadists-planning-encryption-protected-cyber-caliphate-carry-hacking-attacks-West.html
FBI declares war against encryption http://www.fbi.gov/news/speeches/going-dark-are-technology-privacy-and-public-safety-on-a-collision-course
UK proposing a ban on end-to-end cryptography https://www.schneier.com/blog/archives/2015/01/david_camerons_.html