Government hacking reaches new levels

NZ Herald | 1 July 2015

What else have those spy agencies busied themselves with, apart from undermining the the US technology industry with surveillance efforts?

How about reverse-engineering, or cracking as it’s also called, security software in order to hack and surveil targets?

Not only that, but tracking users of antivirus and security products by bulk collection of the traffic that the software sends back to vendors’ servers, with data on new vulnerabilities and people’s systems themselves.

That’s right, the spy agencies sought to subvert the programs that individuals, governments, organisations and businesses use to protect themselves from malware and digital threats.

Read also: Cracking Snowden’s files

Interestingly enough, the spy agencies avoided US and UK security vendors Symantec, McAfee and Sophos, and only went after firms from other countries.

Russia’s Kaspersky Labs was the number one target for NSA and GCHQ; I asked Kaspersky how they felt, being targeted by the spy agencies which have nearly limitless resources to draw on, and received:

“As noted during the recent Duqu 2.0 nation-state sponsored attack, we find it extremely worrying that government organisations are targeting security companies instead of focusing their resources against legitimate adversaries and are actively working to subvert security software that is designed to keep us all safe,” Kaspersky Labs’ responded.

The affair is likely to backfire on the spy agencies. Kaspersky and other antivirus companies will double down on security and redesign their software to stop the NSA and GCHQ from abusing it. They simply have to do it to stay in business.

Enterprises and government organisations using security products should take a long look at them too, and ask their vendors how safe from NSA and GCHQ exploitation they are. Which is, quite frankly, a ridiculous situation.

The whole thing seems driven by an obsession to collect as much information as possible, no matter if it’s relevant, using enormously powerful systems that vacuum up data from any possible source.

As an aside, it’s interesting to note that security products are very desirable targets for attackers. They are in privileged positions on users’ systems, and normally have full access to all parts of these and the information stored on them. What’s more, the government spies noted that security products aren’t as well protected against exploitation as everyday software like Adobe Reader for instance, which made their job much easier.

The whole thing seems driven by an obsession to collect as much information as possible, no matter if it’s relevant, using enormously powerful systems that vacuum up data from any possible source.

So much so that over in Blighty, the GCHQ signals intelligence agency had to admit that it overdid the spying on its own staff because errm, a technical error.

There was apparently a lack of understanding as to how much information GCHQ’s internal snooping tools could collect so without anyone noticing what happened, they collected far more data on staff than was authorised. How reassuring that the watchmen who watch the watchmen appear to not know what they’re doing.

The surveillance mania seems to be out of control, as evidenced by another Snowden leak that showed the US has been spying on French presidents for a decade or so.

Needless to say, the French are outraged and there are calls to give Snowden asylum in the country as a two-finger salute to the Americans. This is of course quite ironic as the French passed new surveillance laws in the wake of the Charlie Hebdo massacre that give their spy agencies sweeping powers to monitor just about everything.

Is it getting to the point that we should just switch off the internet to at least make the mass surveillance a little harder to conduct? I put this question a few weeks ago to Eva Galperin from the digital rights lobby group the Electronic Frontier Foundation. EFF is often first cab off the rank to protest against government overreach and has done, in my view, an impressive job of cataloguing abuses and challenging them in court – and also, taken concrete steps to do something about the mess.

Galperin said that contrary to how it may seem thanks to the many leaks of top secret documents revealing one spying plot after the other, it’s actually getting harder for the NSA, GCHQ and other agencies to intercept your data.

This is thanks to Snowden again, who confirmed what everyone suspected about state surveillance, but didn’t have the evidence of. The scale of the snooping has stunned technology companies and developers, but not into inaction: there’s a concerted effort to encrypt everything on the web, to ensure that your communications are safe from interception.

That little padlock in your web browser that shows your connection is protected with HTTPS is now showing up on more and more sites, Galperin said. It means that the days of simple and easy mass vacuuming up of any data is gone, and the spy agencies’ work is much harder.

Screenshot from
Screenshot from

EFF will launch a free Certificate Authority this year to provide the tools to authenticate and encrypt web traffic and I hope, succeed in making them easy to use.

That’s a great effort, one which should be encouraged. Ironically enough, encrypted web traffic is now considered best practice by the White House, with the US government chief information officer mandating HTTPS security for all agency websites.

Leave a Reply