High-tech Hide and Seek: How The NSA Is Mucking With Your Business


Was George Orwell merely off by 30 years? In 1949, the dystopian future he envisioned in his book "1984" was thought-provoking sci-fi. Two-way telescreen devices that let the government monitor the lives of private citizens—all in the name of the supposed public good—made for a great read.

And yet today, in an Orwellian twist, it's not unusual to see security professionals cover their laptop cameras with black tape—as some did at a major security conference earlier this year—for they are knowledgeable not only about the extent of the National Security Agency's intelligence-gathering capabilities, but of the tools that cybercriminals have at their fingertips to steal and sell information. The malware available to them can stealthily turn on a camera, snap photographs and record video.

"The irony is not lost on us that there are catalogs of ways that equipment can be exploited to sniff information and even undermine encryption," said Jeremy MacBean, director of business development at IT Weapons, a Brampton, Ontario-based solution provider. "People in our industry weren't surprised that this kind of thing was happening; they were just surprised about how organized it was."

Some believe the intrusion into people's private lives started following the Sept. 11, 2001, terrorist attacks when the U.S. Patriot Act gave law enforcement new powers to gain access to digital information—in some cases clandestine access—in the name of investigating potential terrorist activity. A secret Foreign Intelligence Surveillance Act Court oversees law enforcement efforts to access digital data, but there is little insight into the extent it rubber-stamps the probes or truly acts as a safeguard protecting civil liberties. More recently, the leaks of thousands of secret documents by former government contractor Edward Snowden outline an extensive and complex global surveillance operation that has given intelligence experts access to data intended to be confidential.

Meanwhile, research scientists are working on powerful, new ways to analyze the hodgepodge of collected information—from cellphone metadata to email messages and video chats—to investigate and track down terrorist cells with the aim of preventing another 9/11. Much of that research work happens in a $1.5 billion Utah data center, code-named Bumblehive, where government scientists apply powerful analytics to try to make sense of it all. This is no longer "1984's" Thought Police. This is real-world data crunching.

Global Scare, Business Impact

The extent of the global surveillance activities outlined by the Snowden leaks is scary, MacBean said, explaining that the NSA's cataloging of vulnerabilities to access communications software as well as the use of networking gear to view and record data is far greater than anyone thought. Clandestine access to data is a little unsettling, he said, but no small or midsize business is going to stop government surveillance as part of a government intelligence-gathering operation.

"As the consumer and the service providers, our ability to change outcomes is limited," MacBean said. "All we can do is educate and increase the level of awareness and, if the client is concerned about it, we can try to find alternatives."

Technology firms also are trying to re-establish credibility and trust with their customers following revelations last September that the NSA and its U.K. counterpart, the Government Communications Headquarters, found a way to bypass most security measures used by Internet companies to protect communications, financial and health data. The NSA also reportedly spent $250 million to "covertly influence" product designs of security technology vendors, including the development of secret vulnerabilities or access points into commercial security software.

NEXT: Alarmist Or Realist?