|Media: RFI, 26-03-17||•||Calendar||•||Topics||•||•||←||•||→|
Last week, the secrets-revealing website WikiLeaks released another batch of its “Vault 7” stack of documents, nicknamed "Dark Matter". The latest files expose tools designed to infect Apple Mac firmware that is impossible to clean even if the whole operating system is re-installed. RFI asked several specialists and insiders about these cyber weapons that threaten us all.
Door Jan van der Made
"What was surprising to most people was a tool that let them turn on a smart TV” says Cindy Cohn, executive director of the San Francisco-based Electronic Frontier Foundation [EEF].
“[The TV can] start recording what is going on in the room in a way that is hidden from the user because it is switched off.”
Cohn points out that many commonly used Internet-connected devices are at risk: “Baby monitors, home security systems can be remotely turned on and start recording, spying on you without your knowledge,” she says.
The western public is becoming increasingly aware of the hidden activities of its governments. Revelations by NSA contractor Edward Snowden in 2014 about worldwide snooping on its citizens by governments of the US, the UK, Canada, Australia and New Zealand, were popularized by documentaries and films such as “Citizen Four” and “Snowden”. But the latest revelations take proof of government snooping one step further.
But the latest revelations take proof of government snooping one step further."They are very different form the leaks that came from Edward Snowden,” says James Bamford, author of The Puzzle Palace, the first book to reveal the operations of the National Security Agency [NSA] to the big public in the early 1980s.
“What Snowden released were a lot of documents that showed how the NSA was eavesdropping on American citizens as well as on foreign officials such as [German leader] Angela Merkel in Germany and [former president] Dilma Roussev of Brazil. His leaks dealt mainly with eavesdropping on large communication channels and on foreign leaders. The WikiLeaks that were released [in March] were basically weapons that are used to hack into communication.
“In other words they weren't the actual eavesdropping communications, they were the weapons used to get that information. So they were digital weapons and the problem is that they could be used by anybody that gets hold of them to break into systems like an Apple iPhone."
To many observers of high-tech developments, the latest revelations did not come as a surprise. “All of our devices are bugged,” says Peter Ackersley, chief computer scientist with the EEF. And any time your device contains bugs, there is a potential that these bugs could be used to break into the device, hack into the laptop and monitor you in some way. And for computer security it is a sort of a struggle against these bugs.”
“What you might hope is that the intelligence agencies would help us doing defensive cyber security work. But what we are seeing here is that the CIA has been really focused on [maintaining] an arsenal of these bugs, not getting them fixed, using them to break into the devices and as a result leaving us all less secure,” he says.
In the end, he argues, democracy worldwide is at risk. "[The intelligence agencies] are acting in secret, with little or no accountability whatsoever, we are starting to see some of the terrifying consequences,” he says, pointing at the suspected role of Russian intelligence agencies in influencing the US elections.
But it also places serious question marks over the role of the US agencies. “Democratic civil society will have to find a way protecting themselves against having our elections messed with, political parties hacked, and our democracy threatened."
The American Black Chamber
Government snooping is as old as governments, and when the first trans-Atlantic communications cables connected Europe and the US, intelligence agencies in Washington and London were quick to listen in. Former intelligence officer Herbert Yardley, father of the modern whistleblowers, revealed already in 1931, in his book The American Black Chamber, how the NSA’s predecessor agency wiretapped domestic and international telexes and telephone conversations.
But more recently, the nature of gathering information has substantially changed. "Back in 60s, 70s and early 80s, information was analyzed,” says Bamford. “In other words it was far more difficult to intercept and to convert into usable intelligence. Because it was analog. Once everything switched to digital, it became much easier to transfer communications, to fiber up the cable, etc. and it also became far easier to intercept it all."
Mass-surveillance programs with science-fiction-like names as "Shamrock," "Echelon," and more recently "Prism," were designed to gather as much data as possible by means of electronic listening. By law, the US government needs approval by the Foreign Intelligence Surveillance Court [established in 1978 when Congress enacted the Foreign Intelligence Surveillance Act (FISA)], but, say critics, this "Fisa court" merely provides a rubber stamp procedure. In 2017, only 26 requests out of 1614, were flat out denied, while over 98% were partly or completely accepted.
The 2010 Washington Post investigation “Top Secret America” identified 45 government organizations [including CIA, FBI and NSA] and 1,931 private companies engaged in top-secret work, gathering intelligence at all levels of society. The massive increase of data collections leads to an almost unsurmountable pile of information.
"The US intercepts far exceeds the number of interceptions coming from China and Russia together,” says Eric Denécé, the director of the French Center for Intelligence and Research, Cf2R. “It is a sign of an irremediable drift towards a form of imperialism, of totaliarism. Of course everybody understands that we have to do some electronic intelligence to try and anticipate threats against a national community, but in such a proportion it is something absolutely crazy and stupid,” he says.
“It is not the lack of ability to intercept communication,” agrees Bamford, “it is the lack of ability to sift through it all. So if you build this enormous electronic haystack of data. And the bigger you build the haystack the harder it is to find that electronic needle, that little piece of code that you are looking for. Collecting all this information to a large degree is a waste of time.”
Back to the latest WikiLeaks revelations that show that there are even more tools to hack and snoop than anyone thought was ever possible. "Let's take it out of the digital realm,” says Cohn. “If there's a policeman walking by and they notice that there's a lock on your front door that is broken, they should tell you, so you can fix it. They shouldn't make a note of it and then not tell you and then lose control of that note so that criminals can get access to the fact that your door is broken.”
So what to do?
“The public has no real alternative than use vulnerable communications. The alternative is encryption, and I think more and more people are beginning to turn to encryption,” says Bamford.
But much of the surveillance focuses on social media, such as Twitter, Facebook, Linkedin and other platforms. “People freely give a lot of information about themselves on the social networks and through their communications,” says Denécé. “But at the same time, they complain that the agencies are listening to them. So we would have to develop a sort of training for citizens to help them to know what to do exactly with their phone and computers in the new context of the information age,” he says.
© Jan van der Made 2017