Infosec 2014: US tech dominance Europe's fault, says Mikko Hypponen
Europeans are to blame for the dominance of internet data by US tech firms, says security expert Mikko Hypponen
Europeans only have themselves to blame for the dominance of internet data by big US technology firms, says Mikko Hypponen, chief research officer at Finnish security firm F-Secure.
Europeans continue to use US-based online services even though data is accessible to the US government because they have no alternative, he told attendees of Infosecurity Europe 2014 in London.
“And for this we largely have ourselves to blame because Europe has failed to produce alternatives, and the few successful firms like Skype are being sold to the US,” he said.
Hypponen, as an alumnus of the Infosecurity Europe Hall of Fame, was tackling the topic of whistleblowing, which has been hugely enabled by the internet and storage technology.
“Whistleblowing has always existed, but now it is possible to remove what would be truckloads of information on storage media like micro SD drives,” said Hypponen.
And through organisations like Wikileaks, he said, it is possible to expose wrongdoing within organisations internationally without getting caught.
“Companies know this, they know their employees know this, so they must either do no evil or be prepared to deal with the consequences of data leaks,” warned Hypponen.
More on Edward Snowden
- Spies infiltrated online games, Snowden docs show
- Security Think Tank: Snowden likely to prompt security reviews
- Security Think Tank: Never mind Snowden, think best practice
- NSA tracks 5 billion phone records daily, Snowden docs show
- The Guardian denies Snowden stories damaged national security
- NSA analysed UK data in secret deal, says Snowden
- IT security a new challenge post Snowden, ISSE conference told
- Security Think Tank: Snowden proves technology is only part of security
- Snowden revelations raise questions over security vendors
- Study: Privilege management policies unaltered after Snowden leaks
This is also true of groups outside organisations such as hacktivist groups like Anonymous that can use leaks to advance some agenda.
“Typically, leaks are in retaliation for something, so organisations should be able to anticipate such actions by disaffected parties with a response plan,” he said.
No discussion on whistleblowing would be complete without reference to Edward Snowden, who used his position as a contractor to the US National Security Agency to leak top secret information.
“Typically, leaks involve information classified ‘secret’ or below, but ‘top secret’ information very rarely leaks, making Snowden responsible for the biggest leak of ‘top secret’ data in history,” said Hypponen.
“Arguably, Snowden is the most powerful man to never finish high school,” he said.
Whether Snowden is ‘hero’ or ‘traitor’ remains unclear, he said. “While I would love the truth to be that he is a ‘hero’ who sacrificed himself the common good, I am not entirely convinced,” said Hypponen.
There are several small details that challenge this characterisation of Snowden’s actions, he said.
Chief among these is the fact that Snowden agreed to release information on the NSA roughly six weeks before he got the job that enabled him to access top secret data.
“This seems to be more unethical than true whistleblowing, which typically involves someone leaking information about wrongdoing that cannot be addressed in any other way,” said Hypponen.
In conclusion, he said the technologies that have enabled mass surveillance by the US intelligence agencies and their allies also enable whistleblowing on an unprecedented scale.
“While governments watch over us, they know we are watching over them,” he said.