Australian Outlook

In this section

Implications of the CIA’s Cyber Snooping

22 Mar 2017
By Dr Keith Suter
Off or on? Photo Credit: Ulrich Salvisberg (Pexels) Creative Commons

Wikileaks’ latest document dump revealed the extraordinary capacity of the CIA to hack into everyday devices. The continuing revelations about the extent of the cyber spy industry demand changes at the government and personal level.

Cyber-warfare is now the fifth dimension of war (after sea, land, air and space). We must therefore become accustomed to stories about information technology, both on its use and its misuse.

The latest controversy is Wikileaks’ release of alleged CIA documents. Over 8,000 documents can be found in this consignment, with more to follow.

The documents suggest that the CIA has overtaken the National Security Agency (NSA) in running some of the US cyberwar work. These documents allege that CIA scientists have discovered weaknesses in IT systems which they can use to hack the IT systems of almost any target—overseas or at home.

Traditionally the CIA dealt with overseas threats and the FBI with homegrown ones. Now apparently, the CIA is active at home and abroad.

Hacks of some domestic IT-based equipment include fake ‘off’ switches—homeowners think they are turning off the equipment, when in fact the television is being activated to record what is happening near it and transmitting the information back to the CIA. Another controversy relates to modern IT-enabled cars, which can be ‘car-jacked’ by gaining control of the car remotely and then driving it, say, into a tree.

Early indications are that the documents are authentic. Doubtless they will be subject to US congressional enquiries but no one is questioning their authenticity—for the moment anyway.

The controversy has seven major implications.

First, IT is a good servant but a bad master. What was welcomed years ago as a way to make life easier—such as typing documents and accessing information instantly through Google—has now created a monster that monitors our lives. All uses of internet-connected equipment can be monitored. The right to privacy has gone.

Second, there has never been a right to privacy in some states, such as the communist states in Eastern Europe, or in modern China and North Korea. Citizens know instinctively that they could be listened to at any time. There quickly develops a culture of caution when talking over the telephone or indeed in some buildings, such as hotels. With the loss of the right to privacy, it is likely that people in Western countries will also develop a culture of caution and be careful about what they say or write over the internet.

Third, the fact that such material can be leaked suggests that the CIA is not as good at security as one would hope. This concern is augmented by the claim that other similar CIA material is due for release.

Fourth, there is a need for new ways of conducting government security checks. For example, security problems may arise from idealistic staff becoming disenchanted when they learn how operations are carried out—cases like Daniel Ellsberg and the Pentagon Papers, Chelsea Manning and Edward Snowden. The real world of government may be more brutal than what is anticipated by some idealistic new recruits.

Fifth, still on the human factor, there is a risk that people with access to sensitive material may misuse that access for personal motives, like tracking down former lovers. As with other crimes and scandals, such people are quietly sacked rather than put on trial (for fear of the general public learning more about the situation). The challenge from the first century Roman poet Juvenal remains: “Who will guard the guards themselves?”

Sixth, if the CIA can identify these flaws within IT equipment, so can others, such as terrorists. One of the frightening aspects of the so-called Islamic State is just how well a group of terrorists operating from a desert hideout have been able to use IT. Other governments, such as those in Russia and China, will also be following this controversy to see what they can extract for their own cyber-war ambitions.

Finally, in political science there is the concept of “incrementalism”, whereby major long-term change happens in small steps or increments. These may result in unintended consequences. CIA’s expanded role in IT has come after the 9/11 terrorist attacks. It seemed like a good idea at the time to expand the role and budgets of the intelligence agencies. While the Islamist terrorist threat has not fully materialised in the US, a whole new spy industry has been created.

Dr Keith Suter is managing director of the Global Directions think tank. Among his many roles, he is foreign affairs editor for Channel 7’s Sunrise program.

This article is published under a Creative Commons Licence and may be republished with attribution.