Norwegian noir meets cybercrime: a Snowden age "faction" stocking filler for your CEO

| 5 Comments | No TrackBacks
| More
Last night I had dinner with Carlos Solari, sometime White House CIO and V-P Security for Alcatel-Lucent and CSC, now co-author of eNikita. Carlos was happy for me to blog about the latter and his motives for writing it. eNikita is intended to be the first volume in a crowd-sourced and funded trilogy to draw in readers and educate them in the realities of cybercrime and response as they are today - in the world exposed by Edward Snowden and Mischa Glenny (McMafia and Dark Market ). As I had suspected, everything in the book has happened, but the changing of names, remixing of incidents and excuse that the book is fiction has enabled the authors to get clearance from the FBI and their libel lawyers to go where others have not. On Friday Carlos will be attending the public launch of the book in Oslo - where parts of the book will have a particular resonance. He hopes to organise a similar event in New York where where other parts will have equal resonance.

The decision to use pederasty rather than fraud or extortion as the main linking thread was deliberate, to maximise sales, but the book is actually about the interconnectedness of all three in the quest by organised crime for power over current and potential victims, personal, corporate or state. The short (one page) preface to the book begins with a quotation from Martin Luther King: "I am cognisant of the inter-relatedness of all communities and states. I cannot sit idly by in Atlanta and not be concerned about what happens in Birmingham. Injustice anywhere is a threat to justice everywhere. We are caught in an inescapable network of mutuality, tied in a sigle garment of destiny. Whatever affects one directly, affects all indirectly. " Carlos and John-Patrick Skaar extend this to the on-line world "where we blend the real and the virtual".

In this context the positive role of the Guardian in exposing the rot at the heart of the semi-privatised and politicised surveillance operations of the US needs to be balanced against the way it has also greatly weakened the operations of GCHQ, with its very much more robust governance. No one would believe a plot line in which Malcolm Tucker ordered the collection of material to enable HMRC to investigate the tax affairs of his opponents or the police to breathalyze them after a constituency party.  Perhaps that was why the US remake of "The Thick of It" failed. US audiences could not relate to the limitations on Malcolm Tucker's powers. We need to understand just how important it is to move rapidly to build confidence in  genuinely trustworthy frameworks for co-operation against organised crime and corruption, not just the terrorist bogeymen of the day and certainly not against political opponents.  

I therefore have no hesitation in updating my blogs on how to get main board buy in for your cyber security and the problem of boards with awareness but no strategy . Give a copy of eNikita to your CEO. He may not relate to the pederasty and grooming thread, unless he has children or grandchildren, but he will certainly relate to the parallel hijacking of the retirement funds of one of the parents. Your challenge will then be to provide him with an up-to-date, relevant and evolving, intelligence led, security strategy. On that I hope to blog again shortly, 

No TrackBacks

TrackBack URL: http://www.computerweekly.com/cgi-bin/mt-tb.cgi/50635

5 Comments

Oh Philip. Your faith in UK governance is really quite touching; especially your belief that it differs in some fundamental way from the 'semi-privatised, politicised' regime in the US. The fact is that GCHQ is breaking the law just as egregiously as the NSA (e.g. fiber hacking), and that power groups lurking at the shadowy intersection of government with the private sector are indeed involved in nasty, non-sanctioned initiatives, regardless of putative governance rules. See the BBC's update on Sir Peter Gibson's review of UK involvement in illegal renditions, for example (published today). The UK's revolving-door policies may not be as blatantly abusive as they are in the US - yet - but they're evolving rapidly (the fact that John Major was whisked straight into the Carlyle Group was one of the first big hints that multinational corporations have significant leverage over our darling politicians). But as I say; your optimism is touching.

Hm - you make some good points. Until your final paragraph. Both Snowden and Assange - whatever their individual failings - have done extraordinary service to the international community by uncovering a surveillance web of unparalleled complexity and sophistication. A vastly expensive web that is funded by you, me and every other taxpayer, but the purveyors of which argue they really shouldn't have to explain themselves to you, me or the rest of us. Because - get this - it's 'dangerous' for us to know.

The problem is very simple. Knowledge is power - as you say, nothing new about that. But the assumption that governance rules alone will suffice to control the abuse of secret knowledge is demonstrably false. They never have, they never will. The banking sector is a spectacular example of how secret knowledge creates a sense of law-transcending entitlement. The torture of prisoners, the existence of Guantanamo Bay, the mass stealing of personal data, all reflect the arrogance that is inevitably bred by the existence of a self-perceived 'secret elite'. The interesting thing is, there's no fundamental difference between these self-appointed 'secret supervisors' and the organised crime groups you quite rightly decry - both are flouting the law for reasons that may appear superficially different, but are actually in danger of converging. And will converge (cf. your accurate depiction of 'semi-privatised' US intelligence, used as much, if not more, for private gain as for public protection) unless we, the public, have a clear idea of the structures that are supposed to be protecting us, what regulatory frameworks these structures are operating in, and what limits are placed on these structures' powers.

The 'clear idea' is certainly not forthcoming from the government. So we are left to rely on the Snowdens, Assanges and Guardians of this world to find out about these things.

Thanks - I look forward to reading them. In return, I'd point you to the Guardian's latest revelations (from Snowden). I'm afraid they do not suggest a high standard of governance at GCHQ (in fact, your term 'semi-privatised' definitely springs to mind...):

http://www.theguardian.com/uk-news/2013/dec/20/gchq-targeted-aid-agencies-german-government-eu-commissioner

Leave a comment

About this Entry

This page contains a single entry by Philip Virgo published on December 12, 2013 11:13 AM.

Minister under fire for putting the brakes on a project that was off the rails was the previous entry in this blog.

Is there a bigger threat to your cyber safety than those who run awareness campaigns and enforce compliance regimes which assume that attacks are random or one-off? is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Archives

Recent Comments

Bill Maslen on Norwegian noir meets cybe... : Thanks - I look forward to reading them. In return...
Philip Virgo on Norwegian noir meets cybe... : You make some very good points and rather than rep...
Bill Maslen on Norwegian noir meets cybe... : Hm - you make some good points. Until your final p...
Philip Virgo on Norwegian noir meets cybe... : CESG is doing nothing that its predecessors have n...
Bill Maslen on Norwegian noir meets cybe... : Oh Philip. Your faith in UK governance is really q...

 

-- Advertisement --