What if the NSA gets hacked?


The extremes of the web are present in two related articles this week.

First let’s hear from Tim Berners-Lee, commenting 25 years after his first proposal for the web (as we know it today) was written:

“Unless we have an open, neutral internet we can rely on without worrying about what’s happening at the back door, we can’t have open government, good democracy, good healthcare, connected communities and diversity of culture. It’s not naive to think we can have that, but it is naive to think we can just sit back and get it.”

and further:

“Our rights are being infringed more and more on every side, and the danger is that we get used to it. So I want to use the 25th anniversary for us all to do that, to take the web back into our own hands and define the web we want for the next 25 years.”

He’s referring of course to the NSA revelations that keep coming and coming. The latest today, notes the NSA’s actions related to deliberately infecting millions of computers with malware for the purposes of surveillance and disruption.

Noted in the article are these quotes from Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, who notes that the NSA’s techniques could be undermining the security of the internet:

“When they deploy malware on systems,” Hypponen says, “they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.”

This, surely, is one of the most dangerous aspects to the NSA’s actions.

Let’s assume for a second that you fully trusted the NSA and it’s partner agencies in the UK (and no doubt Australia). And let’s assume you thought what the NSA was doing was actually OK and protecting citizens. Even if you believed all that (and nobody does of course), but even then…, how much confidence would you have that the NSA itself won’t be hacked? Or hasn’t already been?

Add comment

By Craig Bailey