Richard Stiennon
2013 The Year Trust Died Online
We had something beautiful. An Internet born of Wild West enthusiasm, fueled by free and unfettered commerce, and just beginning to shape a new world without constraints where sovereign borders meant less and less while human interactions and instantaneous organization meant more and more.
All that died with the revelation from Edward Snowden that in fact the NSA and other intelligence agencies had tapped into the Internet stream to take advantage of an intelligence windfall. The NSA, with a little help from its friends has siphoned off email, texts, phone calls, and geo-location data to spy on practically the whole world. In an unrestrained rush to capture everything it has destroyed everything that made the Internet good.
Where to begin? Apparently the NSA steals data from Microsoft, Google, Yahoo, Apple, and Skype. It taps the undersea fiber optic cables from which it can derive geolocation data for all cell phone calls. It targets the cell phones and email accounts of world leaders. It infiltrates standards bodies such as NIST and the IETF to subvert crypto standards. It bribes vendors of encryption products to use these corrupt standards.
The fall out has been remarkable. Yes, it is political posturing to some extent but Brazil’s rejection of Boeing in favor of Saab for a $4 billion order of military jets sends a message as dramatic as a tossed shoe. Tensions have heightened between Australia and its closest neighbor, Indonesia, over spying allegations. Putin in Russia has claimed the moral high ground by granting asylum to Edward Snowden. The UN has passed a resolution on digital privacy. Germany’s Chancellor has expressed her outrage over her cell phone being tapped.
China has used the NSA spying to promote a program of de-Cisco-ification which is already impacting Cisco’s revenue. IBM and HP are experiencing similar fall off in market share in Asia.
Trust has died. US cloud providers are having to scramble to re-establish trust. Google, Microsoft, and Yahoo have embarked on massive encryption programs to curtail what the NSA can see. US security vendors are facing increased pressure to attest that they do not harbor NSA backdoors in their products.
Encryption standards are no longer trustworthy, especially when the NSA has been involved in their creation.
2013 marks a turning point. A threat far greater than cyber crime, cyber espionage from China, or hacktivists, has arisen: the surveillance state.
Richard Stiennon
Chief Research Analyst
IT-Harvest