Thursday, November 19, 2015 14:15
Anonymous Guy Fawkes mask takes part in a demonstration in front of the Eiffel tower in Paris. KENZO TRIBOUILLARD, AFP, Getty Images
Right under the noses of French intelligence agencies wielding some of the strongest surveillance powers on Earth, a group of eight terrorists operating under the banner of the Islamic State — one of the most scrutinized organizations on the planet — somehow managed to meticulously plan, coordinate and execute the deadliest terror attack seen in Europe in more than a decade. This played out only 10 months after the notorious Charlie Hedbo attack, which occasioned vows of unrestrained vigilance.
How could this have happened?
Ask ex-CIA Director James Woolsey and the blame falls squarely on one man: Edward Snowden. In Woolsey’s accounting, Snowden, the former U.S. National Security Agency contractor who leaked a vast trove of classified documents detailing the extent and workings of the American intelligence apparatus, now has “blood on his hands” and is responsible for the atrocities visited on Paris on Friday evening. The attacks left at least 129 people dead and hundreds wounded, many of them critically.
It was Snowden’s unprecedented leak of top secret information about how U.S. and U.K. spy agencies monitor and track people around the world, Woolsey said, that led terrorist groups like ISIS and al Qaeda to adapt their methods of communication to avoid surveillance, adopting more secure channels, including those offering end-to-end encryption.
Woolsey is not alone in that view. Former Bush White House spokeswoman and current Fox TV presenter Dana Perino tweeted: “F Snowden. F him to you know where and back.” Those now blaming Snowden echo similar comments made 10 months ago after the Charlie Hedbo attacks.
Also, F Snowden. F him to you know where and back.
— Dana Perino (@DanaPerino) November 14, 2015
But as journalist Glenn Greenwald, who has worked with Snowden to expose NSA secrets, has noted, that analysis collides with the fact that, long before Snowden’s leaks, intelligence agencies around the world failed to stop multiple terror threats, including the Bali bombing in 2002, the Madrid train bombing in 2004, the 7/7 London attacks in 2005 and the coordinated series of attacks in Mumbai in 2008. Not least, the 2013 Boston Marathon bombing took place in the midst of intense security at the leading annual event in a major American city, just months before Snowden released the first of enormous trove of documents.
The government response to all of these attacks has been uniform, calling to increase the powers of intelligence agencies, handing them greater abilities to track, surveil and monitor anyone they believe is suspicious.
After the Charlie Hebdo attack in January, France did just that, introducing some of the most draconian surveillance laws in the Western world, allowing security agencies to tap phones and emails without seeking permission from a judge. The country already had a law since 2013 allowing the police and spy agencies monitor Internet usage in real time without prior legal authorization.
“Just announcing new crackdowns and measures has a very real effect. You know that from message patterns, you can see that in the chatter for months after each one of these events. … The other thing is that it has a very real effect on calming people. But that doesn’t mean it’s effective in stopping these attacks, especially over time,” Anthony Cordesman of the Center for Strategic and International Studies told International Business Times.
Following Snowden’s revelations, officials in Europe — and in particular Germany, where it was revealed that Chancellor Angela Merkel’s phone was being tapped by the NSA — many governments were reticent to easily share information with the U.S.
In the wake of the horrific scenes in Paris on Friday, that may change, and one international security expert believes the fight against the Islamic State offers the perfect chance for countries that may not typically cooperate to do so because everyone wants to stop its operations: “Here we have the perfect opportunity to share as much information between our intelligence agencies, including the ones that don’t normally cooperate,” Mikko Hypponen told IBT.
Failure Of Intelligence
But despite these powerful new laws, Corinne Narassiguin, a spokeswoman for France’s ruling Socialist Party, admitted “there was a failure of intelligence,” adding that not all aspects are yet operational and not all of the 2,000 new posts the French created earlier this year have been filled.
In the U.K., Prime Minister David Cameron’s government is making its second attempt to push through what opponents call the “Snooper’s Charter,” which aims to undermine end-to-end encryption by forcing all telecom providers to insert a back door to let the government monitor secure communications. The company most vocally opposing this is Apple, whose iMessage service is completely encrypted, meaning not even Apple can see your communications. CEO Tim Cook has categorically stated that Apple will not compromise its system for anyone, and he says terrorists will simply find another way to communicate.
“Encryption exists, it has been invented, it is public knowledge, nothing is going to change that, and if we have uncrackable encryption — which we do — it can be used by good people and bad people,” Hypponen told IBT. “And there is nothing you can do to limit that.”
ISIS recently switched its main messaging platform to use the encrypted service Telegram, and it was on this channel the group first took responsibility for the attack. Telegram, however, is just one of dozens, if not hundreds, of secure and private channels terrorist groups can use to communicate, with Belgium’s home affairs minister recently revealing his worry that ISIS was using messaging systems on, of all things, Sony’s PlayStation 4 to communicate.
Hiding In Plain Sight
Trying simply to ban encryption is a pointless endeavor, Hypponen argues. “The Internet features strong encryption, and we will never be able to change that,” he says, suggesting that a return to traditional, real-world intelligence gathering would be more beneficial than simply handing intelligence agencies ever greater power to collect more data on everyone.
The trouble for intelligence agencies is, terrorists are always going to be one step ahead, and in a world where we are facing a digital information tsunami, to spot the vital piece of data is getting more and more difficult.
A report by the SITE Intelligence Group last May, after the attack by ISIS follower Elton Simpson at the American Freedom Defense Initiative’s “Muhammad Art Exhibit and Cartoon Contest” in Garland, Texas, showed that he was openly discussing the attack on Twitter for anyone to see.
While it was easy to spot the tweet after the attack, doing so beforehand is difficult, even on an unencrypted and open platform like Twitter. While SITE lays some of the blame at Twitter’s door, the incident highlights the fact that simply having access to more data is not a solution to combating terrorists.
One obvious step is more cooperation on a global scale. While it is a close ally of the U.S., France is not part of the Five Eyes program which sees intelligence shared with the U.K., Canada, New Zealand and Australia. The second wave of attacks on Paris in just 10 months could see more intelligence shared among Western countries, but it remains to be seen how effective that would be. The question is whether the tracking of international terrorism can be improved.
“The answer is probably, but you have to remember that tracking involves very sensitive intelligence and analysis … and that is extremely difficult, it requires not only an exchange of data but also basic structure of how it is collected, down to keywords, because you’re dealing with different languages” Cordesman said.
Speaking at the G-20 summit in Turkey on Sunday, President Barack Obama said the U.S. would work with other countries to hunt down ISIS: “We will redouble our efforts, working with other members of the coalition, to bring about a peaceful transition in Syria and to eliminate [ISIS] as a force that can create so much pain and suffering for people in Paris,” Obama said.
Across Europe, however, it appears that after an initial push to increase the sharing of data across borders, that has now stalled and this failure to co-operate is one answer to the questions posed in the opening paragraph.
Just over a week before the terror attacks in Paris, German police stopped a car and discovered a “professionally built”’ secret compartment crammed with weaponry and munitions of the type used in Friday’s attack with Paris set as the destination on the driver’s satellite navigation. This information was never passed on to French authorities.
“I can confirm that they apprehended a man who was smuggling weapons in his personal vehicle. We are now looking into whether he is connected to the terror attacks in Paris,” a representative of the German federal police told Ria Novosti, according to Sputnik News.
Sharing the information “now” is not how the system is supposed to work, and while leaders like Cameron, Obama and French President Francois Hollande speak about increasing co-operation, unless there are concrete steps taken, a repeat of the horror Paris saw on Friday cannot be ruled out.
Beijing’s Great Firewall employs hundreds of thousands of censors
China, the world’s most populous country, is used to superlative status. But a global study on Internet usage put the country in an unfamiliar position: last place. The Freedom on the Net 2015 report by American watchdog Freedom House found that even Internet users in Syria, Iran and Cuba had more unfettered online access than Chinese did. (North Korea wasn’t included in the ranking.)
Around half of Chinese are hooked up online — the world’s largest online population — but their Internet is very different from the one accessed by most other people in the world. A censorship apparatus that employs hundreds of thousands blocks content that is deemed politically or socially sensitive. Google, Facebook, YouTube, Twitter, Instagram and a host of major political and media websites are regularly banned within China’s borders. A recent crackdown on political debate has resulted in a neutered online space — who wants to download an activist tract or forward a political joke when it could get you detained?
Over the past year the Chinese government has also pushed foreign (and domestic) tech companies to essentially allow for official surveillance of their users’ online data and actions. At the same time, online research groups have traced cyberattacks on Western media and tech-freedom sites to China, meaning that Beijing appears intent to export overseas its cloistered Internet. All these factors led to China dropping three places from last year’s Freedom House survey to this year’s dead-last position.
The bad news documented by Freedom House is only half of the story. Chinese tech companies have thrived in recent years, their stock-market valuations sometimes rivaling those of their Western counterparts. In part because some foreign tech firms are blocked from operating in China, local companies have gobbled up market share. They have also created innovative, user-friendly products and platforms that have transformed China into a center of ecommerce. Taobao, WeChat, Baidu — these are major tech forces.
Still, it’s hard for China to fully integrate globally if its Internet is cleaved from the rest of the world’s. This story, written from Shanghai, could not be loaded onto WordPress, even when using a virtual private network (VPN), an often costly tech tool used to try to vault the Great Firewall. On occasion, Chinese factory owners cannot access their overseas orders because Gmail accounts don’t load. Chinese who once studied abroad cannot connect with foreign friends because Western social media is banned. At a time when China wants to accelerate its economy by promoting innovation, these online shackles and blinders are bad for business. And, as Freedom House documents. The world’s most restrictive Internet nation: that’s one superlative China shouldn’t want to win.
Read next: The Other Side of the Great Firewall
The international hacker collective Anonymous has jumped into the battle over the Thai government’s attempts to consolidate and monitor all of the country’s internet use through a single gateway.
On Thursday evening, the website for CAT Telecom, the state-run telecommunications company tasked with implementing the gateway, went offline for several hours. CAT currently manages Thailand’s international gateways and was Anonymous’s primary target.
Earlier that day, the group announced the launch of #OpSingleGateway, saying in astatement that the government’s restriction of human rights and free speech was “going too far.”
“The land of smile [sic] will soon be similar to China, North Korea or any tyranic [sic] country providing intrusive electronic systems to spy and prosecute their own citizens having different ways of thinking,” wrote the group. “We will not only fight against the single gateway project but will expose your incompetence to the world, where depravity and personal interests prevail.”
A Twitter account, @F5CyberArmy, tweeted images saying that thousands of CAT Telecom customer logins and passwords had been compromised.
“It seems very clear that the gateway is a mechanism for control,” said Madeline Earp, a research analyst for Freedom House, a nonprofit that regularly releases reports on internet and press freedom around the world. In its 2014 report on internet, the organization rated Thailand as “not free.”
“Thailand already has an environment of prosecution and surveillance,” Earp added. “The gateway is a sign that the government is trying to consolidate the control they already have and further it with more sophisticated technology.”
Thailand’s internet use is already heavily monitored. Under the 2007 Computer Crimes Act, people convicted of using the internet inappropriately can be sentenced to prison for up to five years. In August, two people were sentenced to 28 and 30 years in prison under Thailand’s controversial lèse majesté laws for posting messages on Facebook considered insulting to the monarchy.
Arthit Suriyawongkul, a member of the cyber-freedom group Thai Netizen Network, said that the government’s effort to monitor the internet is not new, citing earlier plans by the government to create its own social media networks for the sake of improving surveillance. He is most concerned about the military junta using the gateway as a “single point of control” to shut down websites. Under current law, the government must make a request to the courts before they can take down a site. The new gateway would bypass this provision.
“We would immediately lose our checks and balances,” said Suriyawongkul. “We would have no record of which sites the government took down and when, and you would never know who was responsible.”
News site TelecomAsia wrote that it recently received documents suggesting that the Thai government had made plans to monitor the internet, including key social media networks such as Facebook and Twitter, since 2006. The documents suggest that a single internet gateway “has been a priority and pushed by the highest levels of the army for years,” according to the report.
Following public outcry against the plan, the government has continually flip-flopped on whether it will continue to pursue the gateway.
Last Thursday, Deputy Prime Minister Somkid Jatusripitak said the government would halt the plan, according to a Reuters report. But earlier this week, CAT Telecom said it would move forward. Though the government has consistently denied that the attacks have caused any damage, the announced earlier this week that it would create a new “cyber warfare unit” to tackle cyber crimes. Prime Minister Prayut has called for tightened cybersecurity in light of the attacks.
The CAT Telecom homepage currently features a disclaimer that says its website and the privacy of its users was not compromised by cyber attacks: “As for the news of a Single Internet Gateway that has caused these misunderstandings, the policy does not exist, and we are confident that there will be no suppression of citizens’ rights.”
An activist group called Citizens Against a Single Gateway has pledged to continue its war against the government.
“We have continually demanded that the government end the single gateway plan, but all they did was go forward with it,” a representative told VICE News. “It makes us feel that the government lacks any sincerity and does not listen to the people.”
“These operations will continue until the government has agreed to end the single gateway project and we have regained our internet freedom,” the group said in a statement.
Follow Kanyakrit Vongkiatkajorn on Twitter: @yukvon
The single internet gateway has been dubbed the Great Firewall of Thailand for the degree to which it allows the government to monitor, control, and shut down websites. The plan was proposed as early as May 2014, soon after the military government took power in a coup, but it gained widespread attention last month after a Thai developer posted a tweet linking to a cabinet resolution detailing the plan.The resolution outlines plans for a gateway that would “control websites that are inappropriate and the flow of information from foreign countries.” The resolution also noted that the Ministry of Information and Communication Technology should look at existing laws and determine whether new ones needed to be passed to complete the project. If so, they could be formulated under the order of the prime minister, former army chief Prayut Chan-ocha.
Prayuth Chan Ocha. AP photo
Thailand will carefully consider if it is necessary to join the Trans-Pacific Partnership (TPP), backed by the United States, as the country is in talks regarding another major trade pact involving China, Prime Minister Prayut Chan-o-cha says.
Speaking during his weekly televised address on Friday night, Gen Prayut said the Commerce Ministry recently invited representatives from three major private sector organisations to discuss the impact of the TPP which comprises 12 countries.
The private organisations are the Thai Bankers’ Association, the Thai Chamber of Commerce, and the Federation of Thai Industries.
The ministry said the organisations agreed that Thailand should join the TPP as it would benefit the country, particularly in terms of investment, despite the fact that some business operators harboured concerns over the impact on some goods exports, Gen Prayut said.
Copies of data related to hundreds of customers of CAT Telecom — the Thai government communication agency in charge of implementing a controversial single gateway project — were shown in twitter messages.
“CAT Telecom compromised exposing 1000s of login, passwords, Thai IDs, and more,” said a message on the twitter account of Thailand F5 cyber Army — the moniker of cyber-activists opposed to what they call “The Great Firewall”.
The activists — who claimed to be aided by international hacking collective Anonymous — thus declared “victory” in their war against the junta’s plan to control online content.
According to the Bangkok Post, the CAT Telecom website was down for several hours late Thursday.
Another result of the hack was the leaking of documents, apparently from CAT Telecom files related to the single gateway project.
“TelecomAsia has received a set of leaked documents that would suggest the Single Gateway project has been a priority and pushed by the highest levels of the army for years,” wrote Information Technology journalist Don Sambandaraksa on the TelecomAsia news site.
Some documents attested that the project goes back as far as 2006, according to Sambandaraksa.
“One slide listed target media that need to be put under surveillance — Facebook, YouTube, Twitter, WordPress, Blogger, Flickr, Instagram and Tumblr,” he wrote.
In another attack, activists disrupted the Thai military’s finance department.
“The Citizens against Single Gateway claimed our victory in the first stage after our cyber-war declaration,” Thailand F5 cyber Army claimed in an online statement.
“We made the financial accounting system of the finance department of the Royal Thai armed forces unable to work for more than three hours,” it said.
The gateway came to the public’s attention at the end of September when a cabinet meeting document emerged online urging administrators to set up a system that could be used as a device to control inappropriate websites along with the flow of news and information from overseas.
Following a June 30 cabinet meeting, instructions were repeatedly delivered in July and August by the cabinet to the Information and Communications Technology Ministry to push for the realization of the project.
As the plan grew, the public reacted with dismay and tens of thousands of comments criticizing the proposal were posted online.
Shadowy cyber-activists also caused at least six government websites to crash Sept. 30.
Taken aback by the strong reaction, the government sought to deny that the project had entered the implementation stage, saying that it was just an idea floated during a cabinet meeting.
But junta leader-cum-prime minister surprised many last Wednesday when he affirmed that the plan was still on.
“You say we should not have the single gateway, but can you prevent your group from writing things that defame the nation and government?” he told local reporters.
“If you cannot, then don’t tell me what method should be used.”
After Wednesday’s apparent reversal, the Thailand F5 cyber Army announced the war on government websites.
The gateway is one of a number of factors that appeared to suggest a strengthening of government control over the Internet.
On Thursday, Defense Minister Gen. Prawit Wongsuwan announced the creation of a new Army Cyber Center with the aim of protecting the monarchy and “keeping track of information on media and social media, to sort them out systematically”.