Shashank Joshi
In 2014 Dan Geer, a computer security analyst, gave a speech at the RSA Conference, an annual gathering of cyber-security specialists, titled: ‘We Are All Intelligence Officers Now’. It described the ways in which computers were insinuating themselves into every aspect of life, the resulting haemorrhage of data, and the change in what it meant to be a collector of intelligence. In his talk, Geer asked: ‘Is it possible that in a fully digital world it will come to pass that everyone can see what once only a director of national intelligence could see?’
Fast forward and it is possible to see Geer’s vision being realised. For a flavour of this, consider an episode that unfolded in 2021. Analysts noticed that CCTV cameras in Taiwan and South Korea were digitally talking to crucial parts of the Indian power grid – for no apparent reason. On closer investigation, the strange conversation was the deliberately indirect route by which Chinese spies were interacting with malware they had previously buried deep inside the Indian power grid. The analysts were in a position to observe this because they had been scanning the entire internet to find command and control (C2) nodes – such as the offending cameras – that hackers tend to use as pathways to their victims.
The attack was not foiled by an Indian intelligence agency or a close ally. It was discovered by Recorded Future, a company in Somerville, Massachusetts, which claims to have knowledge of more global C2 nodes than anyone in the world, and which it uses to constantly disrupt Chinese and Russian intelligence operations. The firm, like others, also scrapes vast amounts of data from the dark web – a part of the internet that can only be accessed using special software – collects millions of images daily, extracts visible text to find patterns, and hoovers up corporate records.
The Chinese intrusion serves as a microcosm for intelligence in the modern age. The cameras in Taiwan and South Korea are among more than one billion around the world, forming a metastasising network of technical surveillance – visual and electronic, ground-level and overhead, real-time and retrospective – that has made life far harder for intelligence officers and the agents they need to develop, recruit and meet. That those cameras could be used to sabotage India’s electricity supply shows how digital technology has enabled covert action on a grand scale; what previously required front companies, physical infrastructure and agents carrying tools of sabotage can now be done virtually. That this could be watched in near real-time by a private company illustrates the revelatory quantity and quality of data that oozes out of the digital world. Intelligence is being democratised – blurring the boundary between what is secret and what is public.
No comments:
Post a Comment