Infosec 2014: US tech dominance Europe's fault, says Mikko Hypponen

Europeans only have themselves to blame for the dominance of internet data by big US technology firms, says Mikko Hypponen, chief research officer at Finnish security firm F-Secure.

Download this free guide

Computer Weekly's Buyer's Guide to GDPR

The race is on to get ready for GDPR next year. Computer Weekly looks at how to deal with data under the regulation, how compliance will affect businesses, and what organisations should do to prepare.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Europeans continue to use US-based online services even though data is accessible to the US government because they have no alternative, he told attendees of Infosecurity Europe 2014 in London.

“And for this we largely have ourselves to blame because Europe has failed to produce alternatives, and the few successful firms like Skype are being sold to the US,” he said.

Hypponen, as an alumnus of the Infosecurity Europe Hall of Fame, was tackling the topic of whistleblowing, which has been hugely enabled by the internet and storage technology.

“Whistleblowing has always existed, but now it is possible to remove what would be truckloads of information on storage media like micro SD drives,” said Hypponen.

And through organisations like Wikileaks, he said, it is possible to expose wrongdoing within organisations internationally without getting caught.

“Companies know this, they know their employees know this, so they must either do no evil or be prepared to deal with the consequences of data leaks,” warned Hypponen.

This is also true of groups outside organisations such as hacktivist groups like Anonymous that can use leaks to advance some agenda.

“Typically, leaks are in retaliation for something, so organisations should be able to anticipate such actions by disaffected parties with a response plan,” he said.

No discussion on whistleblowing would be complete without reference to Edward Snowden, who used his position as a contractor to the US National Security Agency to leak top secret information.

“Typically, leaks involve information classified ‘secret’ or below, but ‘top secret’ information very rarely leaks, making Snowden responsible for the biggest leak of ‘top secret’ data in history,” said Hypponen.

“Arguably, Snowden is the most powerful man to never finish high school,” he said.

Whether Snowden is ‘hero’ or ‘traitor’ remains unclear, he said. “While I would love the truth to be that he is a ‘hero’ who sacrificed himself the common good, I am not entirely convinced,” said Hypponen.

There are several small details that challenge this characterisation of Snowden’s actions, he said.

Chief among these is the fact that Snowden agreed to release information on the NSA roughly six weeks before he got the job that enabled him to access top secret data.

“This seems to be more unethical than true whistleblowing, which typically involves someone leaking information about wrongdoing that cannot be addressed in any other way,” said Hypponen.

In conclusion, he said the technologies that have enabled mass surveillance by the US intelligence agencies and their allies also enable whistleblowing on an unprecedented scale.

“While governments watch over us, they know we are watching over them,” he said.