01 Mar Managed Services: Is Your Business Guarded Against Cyber Surveillance?
IT Security and Infrastructure
If you can read this, you live on the grid. You are using a computer which means you are operating from a specific IP address. This address is locatable and observable in real-time, as is the data and content viewed by you from that location.
When you leave the computer and walk away, the cell phone in your pocket is transmitting location data through your GPS. If you take the chip reader credit card out of your wallet to make a purchase, it is also submitting data to the grid.
The sobering fact is these electronic items are submitting data all of the time whether you look at them or not, touch them or not, or even have them powered on—or not! You need not be connected to WiFi for data to be submitted, nor do you need to interact with an electronic device for it to submit data on your movements.
In the words of Edward Snowden, regarding the US Intelligence Community’s ongoing citizen surveillance programs, just prior to his divulgence of substantiating classified NSA documents in 2013:
“The NSA has built an [IT] infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting. If [The NSA] wanted to see your emails or your wife’s phone, all [they] have to do is use intercepts. [They] can get your emails, passwords, phone records, [and] credit cards.”
The news has shown instances of large corporate identity theft via online hackers, but the stories which don’t get as much air time are the ones about small business and individuals who have their identities stolen every day. Even less spoken of are the IT infrastructure and software capabilities available and regulated regarding government and law enforcement agencies who stand to gain by exploiting digital information, both public and private.
When we enter personal information into an online website, we trust in two things. The first is that we can trust the service or vendor to adhere to their agreement in the service or product they claim to provide. Take Amazon, for example. When you buy an item on Amazon, you can trust the funds will be used for the acquisition of the product purchased. The second thing we trust, as consumers or users, is the website will keep our information private, such as social security numbers, bank account information, and private correspondences confidential and free from a potential cyber attack. Unlike private information, information containing your online activity and public profiles is shared with many parties within the terms of
The second thing we trust, as consumers or users, is the website will keep our information private, such as social security numbers, bank account information, and private correspondences confidential and free from a potential cyber attack. Unlike private information, information containing your online activity and public profiles is shared with many parties within the terms of agreement to which users must agree. Unfortunately, even though you as a user uphold your end of the bargain, service providers and government organizations do not.
Loss of IT Security for Users
The anonymity of the Internet is long since gone in the western world. The Digital Collection System Network is a surveillance system used by the FBI, in which, the agency can wiretap any telecommunications device in the USA, called a point-and-click system. This program allows complete access and manipulation to cellphones, landlines, and SMS communications.
In 1994, under the Executive Administration of Bill Clinton, the Communications Assistance for Law Enforcement Act, or CALEA, was passed. This law required telecommunications carriers and manufacturers to assist law enforcement agencies in their goal to conduct electronic surveillance, by designing their products and services with built-in “back doors”.
These deliberate design regulations make it possible for intelligence agencies and law enforcement agencies to wiretap anyone in the country who use the phone or the Internet, regardless of a judicial warrant. More worrying still, is this law ensures communication devices and IT infrastructure have been made specifically for surveillance agencies to have access.
The days of physical wiretaps are gone. From the passing of CALEA in 1994 to the present day, every citizen carries a microphone that transmits through an amplifier to the NSA, FBI, CIA, and every subset and branch of the intelligence community. Presently, this capability has been extended to cover broadband Internet traffic and VoIP traffic, as well. Currently, every communications device on the market is subject to covert surveillance, through government software.
Security Loss for IT Infrastructure and Telecommunication Providers
NSA’s program, named Trailblazer, operated to form a platform for compiling data from communications networks, such as the Internet and cellular communication companies. This program was built on a fiber-optic infrastructure operating independently and parallel to the Internet.
The director of the NSA was called before a congress committee hearing after whistleblowers at the NSA disclosed classified information to the press regarding the breach of public anonymity and general privacy invasion which The Program perpetrated. Information is not forthcoming regarding the inception of The
Program’s origins but we know the end goal of project Trailblazer was to establish the streamlined ability to track entities through electronic methods like cell phones and electronic mail services. After the program was shut down due to public outcry, the whistleblowers were brought up on charges of espionage and several indictments were made by the Supreme Court.
Much of the recent information about state and government breaches on private citizens IT Security and Privacy rights has been made known through non-for-profit groups.
Such as requests from the Electronic Frontier Foundation made possible by the Freedom of Information Act. On paper, these surveillance programs are not inherently detrimental to a businesses rights or privacies.
If you believe your cyber security or small business IT support is at risk of breach from cyber-crime, reach out to local or remote managed IT services team for help on how to make your IT network secure. No matter the adversary, the worldwide web is an information source for the people of the world and IT support services are the militiamen of the frontlines.