2017. március 17., péntek

On the margins of CIA vs WikiLeaks

Several questions were posed to me on the margins of the latest data leakage of WikiLeaks, all asking what this is about, what the reasons may be behind. Also, several opinions have been published as all has become cyber security experts immediately. Hungary is the state of 10 million cyber security experts.

I must admit, I have an unorthodox (different from the mainstream) opinion of the question.
I do not believe in those Russian hackers that can break into all systems, I do not believe in Chinese manufacturers that produce all items with backdoors, and I do not believe in the superpower of the CIA.

I know that Russia has 230 000 hackers to conduct state run cyber operations. I know that filtering rules of the “Great Chinese Firewall” are programmed and supervised by approximately 30 000 soldiers. I know how many experts the CIA, GCHQ, and Federal Security Service (FSB) of Russia uses to manage the art of mass surveillance for about a decade by now, and I know what they have reached in cyber security. GCHQ still owns me a mobile device thanks to a badly done mobile hack attempt.

No one questions that states have reasonable resources to buy information about what devices should be used for their own benefit and about how to use those, and about how to enter certain devices. They purchase master keys, bribe manufacturers, enforce hackers to break into target systems.

Nevertheless, no state owns such capabilities, only financial assets to buy such services. The only problem is that these states do not realise how vulnerable they become to those people, hackers, hacker groups from whom they buy such services.

So, my opinion on the current leaks is that it is not about breaking into CIA systems, it is not about an international conspiracy, it is not about a hacker activity of opposing interest. It is about the expiry of current surveillance systems. There are numerous new methods to come, so the old need to go.

Snowden is not a super hero either, he took the bill of the previous expiry. Now (quite rightfully) he is in panic as he is becoming less interesting after the current leak. By now even the technology coming after him has already expired. On the other side, Assange fails to understand that he has lost as his platform is taken use of by various secret services.

We live in the era of total surveillance and targeted attacks. The number of infected devices is not controllable anymore. From technological perspective, each infected device provides enormous number of data to attackers. The system is designed so that the advantage of intelligence can be managed by newer and newer attack techniques. Digitalised intelligence agents work and provide large an incredible amount of data to their masters.

To put it simply, it is common sense that “pulling out” infections and backdoors of currently used devices would generate unprecedentedly large cost to the organisations that use those. Leaking information on outdated attack techniques is incomparably cheaper. This way it is the market that destroys the traces of expired and now unnecessary hackings, for free.

Additionally, no one is interested in brand new techniques and attack methods as they concentrate on countering the leaked attack techniques.

In short, it is way much cheaper to make traces of previously used attack techniques disappear by a newer leakage and devices that pulling those out from infected systems one by one. These times we should be sure that all systems are already reinfected with the new “digital intelligence agents” running for another 2-3 years. Only because it is cheaper this way.

The watched takes care of the garbage of the watcher.

Business as usual.