In his Sunday Observer column, John Naughton makes an important point that's hammered home by the escape of the NSA/GCHQ Regin cyberweapon into the wild: spies who make war on the Internet can't be trusted with its security.
Spying on friends as well as enemies is an ancient principle of statecraft. It used to be done for reasons of "national security"; now it is done for reasons of "cybersecurity" and therein lies a new problem. What is cybersecurity, really? What are GCHQ and the NSA trying to secure? Is it the security of the cyberspace – ie the internet? Or of some part of the network? And if so, which part?
Here, some throwaway lines in one of the Snowden documents become particularly interesting. "The facts contained in this program," they read, "constitute a combination of the greatest number of highly sensitive facts related to NSA/CSS's overall cryptologic mission. Unauthorised disclosure… will cause exceptionally grave damage to US national security. The loss of this information could critically compromise highly sensitive cryptologic US and foreign relationships, multi-year past and future NSA investments, and the ability to exploit foreign adversary cyberspace while protecting US cyberspace."
Note that last clause. "Cybersecurity" actually means two things: first, national security, and second, that the only corner of cyberspace that we care about is our own. We can exploit every other virtual inch of it for our own (national) purposes. This gives us carte blanche to, for example, undermine everybody's online security by weakening the encryption used for commercial transactions; purchase "zero-day exploits" from hackers for use against targeted organisations; and spread malware such as Regin anywhere we goddamn please. Welcome to our networked world.
Forget North Korea – the real rogue cyber operator lies much closer to home [John Naughton/The Observer]
(Image: Broken Rusty Lock: Security (grunge), Nick Carter, CC-BY)