Global cyber-terrorism is on the rise. How are governments currently combating the problem, and what effect is this having on digital privacy?
All over the world, a rise in both traditional terrorism and cyber-attacks are being used to erode away the public’s privacy. Since 9/11, world governments have used a common theme about national security to slowly chip away at digital privacy. The result has been the enforcement of mandatory data retention laws in many places around the world. In the US, the Patriot Act, and Stored Communications Act (SCA), both serve to allow US authorities to snoop on citizens.
In Canada, following the tragic shootings at Parliament Hill in Ottawa, the government used the terror incident to begin passing legislation that puts Canadian people’s privacy in jeopardy. The attack in January of this year when six people were shot dead and another 8 injured in Quebec, only served to reinforce the government’s prerogative.
The same has occurred in the UK, France, Germany and other EU nations, where terrorist attacks have directly led to invasive surveillance practices. Sadly, that erosion of privacy is happening more and more all over the world with places like Australia, Argentina, Brazil, the Czech Republic, Poland, and Romania, also passing legislation to snoop on citizens.
In addition, many practices that people believed to have stopped since the Edward Snowden revelations, have, in fact, still been happening the whole time because of loopholes. The Five Eyes agreement between English speaking nations (and the larger 14 eyes agreement), means that governments snoop on behalf of foreign Intelligence agencies. The result is that despite local laws prohibiting it, surveillance on citizens is still performed and the information is simply passed onto the country that wants it.
Loopholes
Furthermore, legislation that prohibits the “bulk collection” of citizens’ data is bypassed by making surveillance targeted rather than bulk. To do so, the US government only needs to specify specific search terms such as “bomb” to do it’s snooping. This loophole allows US intelligence agencies like the NSA to continue snooping on vast amounts of the population.
Warrants and gag orders served to corporations that are based in the US, make it impossible for them to keep promises about privacy to their consumers. If served a gag order, the firm must betray its subscribers: or face the possibility of being shut down or being sent to prison. All the while, the consumer suffers – completely unaware – that the US court order has destroyed all semblance of privacy that they were meant to have.
Warrants and gag orders
When the NSA issued Yahoo with a Warrant, the firm complied by helping the agency put a backdoor (rootkit) in the email provider’s system. That backdoor was then used to hack 150 million Yahoo email accounts. Unbeknownst to the general public, the backdoor was also vulnerable to attack by cybercriminals and state sponsored hackers. Last year, unsurprisingly, that resulted in the login credentials of 200 million Yahoo accounts being sold on the dark web.
This is the sad truth about cyberterrorism and cyberwarfare. The government uses terrorism to force legislation on its electorate, but that surveillance has been proven time and time again to do nothing to stop terror attacks. Since the Patriot Act was passed, not once has the US government managed to stop a terrorist attack using surveillance. The same is true elsewhere.
The Snowden revelations prove that the US has been hard at it: snooping on its own citizens, its allies, and its enemies, for twenty years. Yet, now we are led to believe, that more severe surveillance legislation – and harmful backdoors – are necessary for combatting both terror attacks cyber warfare threats. The Yahoo case proves, however, that surveillance practices do much more harm than good.
Vulnerable public
For now, the authorities still need reasonable cause, and a warrant, to come crashing in through the front door of our homes. However, the truth about our connected world is that when the government comes in through the digital backdoor they get to know much more about us than they ever could have by having a quick search though our house.
Privacy that was fought for since the time of the Magna Carta has been turned on its head in just a few years. That privacy was fought for at length and took centuries to achieve. That privacy is what allowed society to develop into the civilized nations we (allegedly) live in: where the innocent remained so until they were proven guilty. Sadly, this is no longer true and our fundamental human rights are being stripped away by the elite’s hidden hand.
Cyberattacks and cyber warfare are only the most recent parts of the narrative. Hacks like the Office of Personnel Management – when 21 million federal employees had their data stolen – only serve to reinforce the government’s policies. Now, it is election hacking that is the headline, and it isn’t just in the US that it is being used to instil fear. France, Germany, and the Netherlands, all have elections this year and the cyber threat narrative is being used to neatly drive home the need for stronger cybersecurity.
Encryption is the real solution
In the UK, the Queen of England recently opened a new National Cyber Security Centre (NCSC). That centre will allow UK intelligence at GCHQ to work alongside the private sector to drive home the need for better cybersecurity. That partnership, will no doubt be used to reinforce the recently passed Snoopers Charter: which imposes mandatory data retention on British citizens, as well as backdoors on corporations based in the country.
The same thing is happening elsewhere. In India, the government recently admitted to as many as 700 government hacks. Poland, Ukraine, and Romania have all experienced the same problems. The only real solution is strong encryption: because this is the only real thing that can protect data no matter where it is. Sadly, encryption is also the only thing that makes it impossible for the government to snoop. As such, what governments say and do are best explained as schizophrenic.
Personal cybersecurity
For people around the world that understand the government policies that are driving the world’s cybersecurity problems, the best thing to do is protect themselves using the very same encryption they loathe. Full disk encryption keeps the data on computers and smart-devices safe should they be stolen: either physically or during a cyber-attack. Virus protection, malware protection, and firewalls also help to protect people in their homes. For this reason people should seek to keep their devices updated and themselves educated.
With cyber criminals and governments alike trying to snoop on us, the best form of protection is undoubtedly a VPN service. A Virtual Private Network, encrypts all the data going from a subscriber’s device to a VPN’s servers. The result is that all of a user’s web traffic is private and secure.
In countries with mandatory data retention (which is becoming more widespread all the time) a VPN stops Internet Service Providers from being able to retain metadata and web browsing histories on behalf of the government. In addition, a VPN protects users from corporate snooping and data theft at the hands of advertisers. In fact, a VPN is an all-round solution that also protects user’s devices from hackers on public WiFi networks and overcomes government censorship.
While it’s easy for us to feel it necessary to give up our digital freedoms while facing the news of various terrorist attacks around the world, it’s important to realise what power we’re giving up when relinquishing the control over our own data. Erosion of civil liberties, and losing many of our rights to privacy is dangerous, from both the government, and from those able and willing to hack government systems.