In this chapter I'm looking at how hackers, usually at the top of their game, join forces for a concerted attack on big corporations and/or foreign targets, websites, or rival world powers.
We cannot ignore the fact that security services in the West are spying on their own citizens, whether we are good or bad, and that they use hacking techniques to do this. I am not going to debate whether this is a necessary evil we have to suck up to remain safe, or a waste of taxpayers' money because terrorism has increased tenfold since they began doing it. Up to you to pick out the bones from that one. But it is true that hacking is now a weapon, some would say more powerful than guns or bombs.
Years ago, the US, UK, Australia, Canada, and New Zealand agreed to form a spying cartel called the Five Eyes. They would spy on different countries outside their clique, cooperatively share surveillance evidence and not snoop on each other. Ed Snowden found they did agree to spy on each other's citizens though and share that info. This was a neat way of bypassing the domestic freedom laws of each country. By allowing another nation to spy on suspects, while doing the same for their allies, the host country could get intel without the need for tiresome subpoenas or court orders. Soon Denmark, France, Netherlands and Norway joined in, making it the Nine Eyes, and later, the Fourteen Eyes when Belgium, Germany, Italy, Spain and Sweden, got involved.
Inevitably this cartel became a free-for-all with everybody spying on each other, and even failing to warn each other of national security threats.
Many legitimate companies, apps and websites promoting consumer encrypted privacy/security were targeted by security services because they were too secure and could screen a citizen's identity. In the case of Yahoo, (in the good old days before Verizon swooped), when it would not release their users' details to the NSA they were forced to. Encryption had also hit the internet in other mediums like email and phone messaging apps to keep their users safe –even from international spying . The spooks didn't like it.
Ed Snowden used a secure email service created by Ladar Levison called Lavabit because it didn't keep logs. The FBI found out Snowden used the service and served a subpoena (with a gag order) to grab the service's SSL keys, which would unlock his encrypted Email records and Lavabit's entire customer base. Levison turned over the SSL keys and shut down the service straight after. The US government were livid, threatening Levison with arrest, saying closing the company was a violation of the court order.
However, once the world found out about this the feds backed off, while Levison was hailed as a protector of American freedoms.
The National Security Agency also secretly wiretapped the connections between data centers owned by Google and Yahoo. This allowed them access to users' data as it flowed across the companies' networks. Google were particularly pissed at this and immediately encrypted the connections, soon followed by Microsoft and Yahoo.
The cloud is also being infiltrated by the security services and many tech firms have been 'knobbled'. Private encryption apps have been shut down before release too, not because of conspiracies, but because they are more complex to operate for the consumer and these design flaws need to be addressed if we are to become truly safe surfers.
All this stuff shows us how the security services ignore their own freedom laws and are trying to eradicate encryption by wanting the keys to everything. Encryption is the protector of privacy, yet it thwarts the state's ability to snoop or search for 'wrongdoers'. I discussed this quandary in PUP#9 HACKERS Part one – who are those guys? The solution ain't gonna be decided anytime soon. :)
LINK 1 FBI forces Snowden's email provider to hand his data over
Many security experts recommend consumers do not use services created in the US or UK (or any of the 14 eyes) as a result, and encourage websites and organisations to post a Warrant Canary – an online document stating an organization has not received any secret subpoenas during a specific period of time. It looks like this:
YOU ARE READING
Staying Safe online and on Wattpad
Non-FictionHow to REALLY stay safe online This book reveals the dirt, grime and creepy crawlies hiding behind the internet's shiny cabinet. Beware, this book may spoil your day. ==============================================================================...
