| URL | https://Persagen.com/docs/computer_and_network_surveillance.html | |
| Sources | Persagen.com | Wikipedia | other sources (cited in situ) | |
| Source URL | https://en.wikipedia.org/wiki/Computer_and_network_surveillance | |
| Date published | 2021-11-09 | |
| Curation date | 2021-11-09 | |
| Curator | Dr. Victoria A. Stuart, Ph.D. | |
| Modified | ||
| Editorial practice | Refer here | Date format: yyyy-mm-dd | |
| Summary | Computer and network surveillance is the monitoring of computer activity and data stored locally on a computer or data being transferred over computer networks such as the internet. This monitoring is often carried out covertly and may be completed by governments, corporations, criminal organizations, or individuals. | |
| Related | NSO Group Technologies | |
| Keywords | Show | |
| Named entities | Show | |
| Ontologies | Show | |
[ ... snip ... ]
Computer and network surveillance is the monitoring of computer activity and data stored locally on a computer or data being transferred over computer networks such as the internet. This monitoring is often carried out covertly and may be completed by governments, corporations, criminal organizations, or individuals. It may or may not be legal and may or may not require authorization from a court or other independent government agencies. Computer and network surveillance programs are widespread today and almost all internet traffic can be monitored.
Surveillance allows governments and other agencies to maintain social control, recognize and monitor threats or any suspicious activity, and prevent and investigate criminal activities. With the advent of programs such as the United States Total Information Awareness program, technologies such as high-speed surveillance computers and biometrics software, and laws such as the United States Communications Assistance For Law Enforcement Act, governments now possess an unprecedented ability to monitor the activities of citizens.
Many civil rights and privacy groups, such as Reporters Without Borders, the Electronic Frontier Foundation, and the American Civil Liberties Union, have expressed concern that increasing surveillance of citizens will result in a mass surveillance society, with limited political and/or personal freedoms. Such fear has led to numerous lawsuits such as Hepting v. AT&T. The hacktivist group Anonymous has hacked into government websites in protest of what it considers "draconian surveillance."
[ ... snip ... ]
[AtlanticCouncil.org, 2021-11-08] Surveillance Technology at the Fair: Proliferation of Cyber Capabilities in International Arms Markets. | Paper; link; local copy
State cyber capabilities are increasingly abiding by the "pay-to-play" model - both US/NATO allies and adversaries can purchase interception and intrusion technologies from private firms for intelligence and surveillance purposes. NSO Group has repeatedly made headlines in 2021 for targeting government entities in cyberspace, but there are many more companies selling similar products that are just as detrimental. These vendors are increasingly looking to foreign governments to hawk their wares, and policymakers have yet to sufficiently recognize or respond to this emerging problem. Any cyber capabilities sold to foreign governments carry a risk: these capabilities could be used against individuals and organizations in allied countries, or even in one's home country.
Because much of this industry operates in the shadows, research into the industry in aggregate is rare. This paper analyzes active providers of interception/intrusion capabilities within the international surveillance market, cataloguing firms that have attended both ISSWorld (i.e., the Wiretapper's Ball) and international arms fairs over the last twenty years. This dataset mostly focuses on Western firms and includes little on Chinese firms, due to historical under-attendance of Chinese firms at ISSWorld. However, the overarching nature of this work will help policymakers better understand the market at large, as well as the primary arms fairs at which these players operate. This paper identifies companies explicitly marketing interception/intrusion technology at arms fairs, and answers a series of questions, including: what companies are marketing interception/intrusion capabilities outside their headquartered region; which arms fairs and countries host a majority of these firms; and what companies market interception/intrusion capabilities to US and NATO adversaries?
The resulting dataset shows that there are multiple firms headquartered in Europe and the Middle East that the authors assess, with high confidence, are marketing cyber interception/intrusion capabilities to US/NATO adversaries. They assume that companies offering interception/intrusion capabilities pose the greatest risk, both by bolstering oppressive regimes and by the proliferation of strategic capabilities. Many such firms congregate at Milipol France, Security & Policing UK, and other arms fairs in the UK, Germany, Singapore, Israel, and Qatar.
The authors found that 75 percent of companies likely selling interception/intrusion technologies have marketed these capabilities to governments outside their home continent. Five irresponsible proliferators - BTT, Cellebrite, Micro Systemation AB, Verint, and Vastech - have marketed their capabilities to US/NATO adversaries in the last ten years.
This paper categorizes these companies as potentially irresponsible proliferators because of their willingness to market outside their continents to nonallied governments of the United States and NATO - specifically, Russia and China. By marketing to these parties, these firms signal that they are willing to accept or ignore the risk that their products will bolster the capabilities of client governments that might wish to threaten US/NATO national security or harm marginalized populations. This is especially the case when the client government is a direct US or NATO adversary.
This globalizing shift is important for two reasons. First, it indicates a widening pattern of proliferation of cyber capabilities across the globe. Second, many firms in the surveillance and offensive cyber capabilities markets have long argued for the legitimacy of their business model by pointing to the perceived legitimacy of their customers; yet, their marketing strategies contradict this argument. As the recent indictment of several former US intelligence personnel working for the United Arab Emirates (UAE) confirms, capabilities originally focusing on one target set may be expanded for other intelligence uses. When these firms begin to sell their wares to both NATO members and adversaries, it should provoke national security concerns for all customers.
This paper profiles these important trends for their practical security impacts, and to enable further research into this topic. The authors suggest that the United States and NATO.
create know-your-customer policies with companies operating in this space;
work with arms fairs to limit irresponsible proliferators' attendance at these events;
tighten export-control loopholes; and,
name and shame both irresponsible vendors and customers.
The authors encourage policymakers to focus their efforts to rein in companies that sell these capabilities directly to adversaries, or those willing to ignore the risk that their capabilities may be misused. The dataset presented below is open for use by others who might similarly seek to bring some measure of light to an industry that remains so insistently in the dark.
[ ... snip ... ]
[MIT TechnologyReview.com, 2021-11-08] "A grim outlook": How cyber surveillance is booming on a global scale. New data paints a detailed picture of the ways Western companies are selling cyber weapons and surveillance technology to NATO's enemies. | alternate link | "When these firms begin to sell their wares to both NATO members and adversaries, it should provoke national security concerns by all customers."
Discusses: Surveillance Technology at the Fair: Proliferation of Cyber Capabilities in International Arms Markets.
The increasing overlap between the world's arms trade and the secretive surveillance industry risks damaging US national security and will create the potential for even more abuse unless more accountability is introduced, according to a new study.
The research, from the American think tank the Atlantic Council, offers one of the most thorough accountings ever assembled of a booming, cross-continental surveillance industry that makes billions of dollars and yet mostly manages to stay out of the limelight. After years of rising demand for hacker-for-hire products and an increase in reported abuses by companies like NSO Group, countries around the world are now trying to deal with this largely hidden industry.
The report is based on 20 years of data collected from the cyber surveillance trade show ISS World and arms fairs like France's Milipol [website], where hacking is the fastest-growing business segment alongside more traditional wares like guns and tanks. Its authors examined 224 surveillance companies present at these shows, looked at their marketing material, examined where in the world they advertised their products, and detailed the known sales of surveillance and hacking tools.
They also argue that numerous companies that market internationally, especially to adversaries of NATO, are "irresponsible proliferators" and deserve more attention from policymakers.
These companies include Israel's Cellebrite, which develops phone hacking and forensics tools, and which sells around the world to countries including the US, Russia, and China. The company has already faced significant blowback because of, for example, its role during China's crackdown in Hong Kong and the discovery that its technology was being used by a Bangladeshi "death squad."
"When these firms begin to sell their wares to both NATO members and adversaries," the report says, "it should provoke national security concerns by all customers."
The trade is increasingly global, according to the report, with 75% of companies selling cyber surveillance and intrusion products outside their own home continent. Lead author Winnona DeSombre, a fellow with the Atlantic Council's Cyber Statecraft Initiative, argues that such sales signal potential problems with oversight.
"There does not seem to be a willingness to self-regulate for a majority of these firms," she says. By marking such firms as "irresponsible proliferators," DeSombre hopes to encourage lawmakers around the world to target some companies for greater regulation.
[ ... snip ... ]
Return to Persagen.com