Spies Among Us
By Samuel Greengard
The news about the National Security Agency’s (NSA’s) massive spying operation just keeps getting worse. Last week, a number of sources—including the New York Times, The Guardian and ProPublica—reported that the NSA has systematically worked to break encryption keys and pressured encryption vendors to build back doors into their software.
Forget the political and social implications. This news is extremely disturbing for businesses. If the NSA has found a way to monitor encrypted data communications, the next logical question is: what's stopping hackers—including those looking to steal intellectual property and proprietary data—from listening in and intercepting communications? Is there any way to know whether hostile governments or rogue corporate spies are pilfering secrets that could undermine companies or compromise national security?
What's more, since the NSA can break through Website encryption and multiple layers of security at financial services firms, it can peer into bank accounts and other personal data at will. This would indicate that sophisticated cybercriminals have or will have the same spying capability.
The problem with an end-justifies-the-means mentality—and a snoop without limits approach—is that it undermines trust and confidence in the very tools and institutions that are designed to provide security and protection. In light of recent events, it's not surprising that some governments are going retro with technology. BBC recently reported that the Russian government is now scooping up typewriters in order to thwart leaks. Since every typewriter has a unique ink pattern it's possible to track a message back to an individual machine.
I'm not sure where all of this ends. But this much is entirely clear: without greater transparency and without full confidence in encryption and other security tools, you can bet that many companies—particularly those with sensitive data—will revert to less efficient and more cumbersome ways to protect data. They also risk losing their competitive advantage at the hands of spies and cyber-crooks.