Snowden: IT Workers Are Now the Target of Spies

Spies are increasingly targeting IT staff to gain access to key elements of internet infrastructure and sensitive databases, NSA contractor-turned whistleblower Edward Snowden has warned.
    
"It's not that they are looking for terrorists, it's not that they are looking for bad guys, it's that they are looking for people with access to infrastructure. They are looking for service providers, they are looking for systems administrators, they're looking for engineers," he said, speaking at the CeBIT technology show in Germany via a video link from Russia.
He added: "They are looking for the people who are in this room right now: you will be the target. Not because you are a terrorist, not because you are suspected of any criminal wrongdoing, but because you have access to systems, you have access to infrastructure, you have access to the private records, people's private lives. These are the things that they want. It is important for us to come together and prevent that from happening."
Snowden isn't the only one to warn that IT staff can be the target of spies, although mostly the finger is being pointed at foreign intelligence agencies. For example, the UK's M15 security service warned last year that IT workers have been recruited to help overseas spies gain sensitive personnel information, steal corporate or national secrets and even upload malware to compromise the network. IT staff have also been warned to beware of 'honey pot' sex stings.
Snowden said the best way to protect privacy was through technology, because that remains a constant across geographical or political boundaries. "That means end-to-end encryption; we have to protect communications while they are in transit, we have to improve the security of the endpoints and make this transparent to users," he said.
When we look back at 2013 a decade from now, the one technology story that's likely to have the biggest long-term impact is the Edward Snowden revelations.
While there were major password breaches at Adobe, Evernote, and Twitter as well as the Healthcare.gov debacle, nothing rocked the IT world more than the 200,000 classified documents that Snowden leaked to the press, uncovering the NSA's startling digital surveillance programs that reach more broadly across the internet than even many of the most extreme conspiracy theorists would have feared.
While the U.S. government defends the program as court-supervised and a powerful tool that has thwarted terrorist attacks and protected citizens, there's no doubt that the Snowden revelations have had a chilling effect on the technology world.
Here are the three biggest impacts: 
    1. Organizations are re-thinking how to effectively encrypt their most sensitive data.
    2. International organizations are looking at ways to do less business with U.S. companies, since the NSA has direct backdoors into many of them.
    3. The brakes are being put on cloud computing by some organizations, as they consider whether they want their data so easily accessible to surveillance agencies.

ZD Net 1  http://ow.ly/KCNRI
 ZD Net 2  http://ow.ly/KCNYC

« After the Arab Spring, Surveillance in Egypt Intensifies
Latest Insurance Hack Affects 11 Million Customers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Imperva

Imperva

Imperva is a leading provider of data and application security solutions including DDoS protection, Web application security, Data security and Cloud security.

Emerging Payments Association (EPA)

Emerging Payments Association (EPA)

The Emerging Payments Association (EPA) is a commercial membership association of payments industry influencers.

Cyanre

Cyanre

Cyanre delivers state of the art cyber forensic services through software technologies and procedures that exceed conformities of major law enforcement agencies across the globe.

Trapezoid

Trapezoid

Trapezoid is a cybersecurity company developing Firmware Integrity Management solutions designed to detect unauthorized changes to firmware & BIOS across the entire data center infrastructure.

Vintegris

Vintegris

Vintegris are a Certification Authority and manufacturer of innovative systems and applications for the full cycle of digital identity.

NETAS

NETAS

Netas offers solutions in information and communication technologies including end-to-end value added solutions, system integration and technology services to providers and corporations.

Matias Consulting Group (MCG)

Matias Consulting Group (MCG)

Your Business needs competitive and resilient ICT solutions. MCG defines, deploy & support them enabling you to focus on your core business.

Pentest People

Pentest People

Pentest People are a UK-based security consultancy focussing on bringing the benefits of Pentesting as a Service (PTaaS) to all its clients.

Charities Security Forum (CSF)

Charities Security Forum (CSF)

The Charities Security Forum is the premier membership group for information security people working for charities and not-for-profits in the UK.

White Bullet

White Bullet

White Bullet’s risk profiling AI detects, dynamically scores and flags unsafe domains, apps and advertising.

Cyber Pop-Up

Cyber Pop-Up

Cyber Pop-Up provide on-demand access to top security experts. No recruiting. No onboarding. No overhead costs.

FortifyData

FortifyData

FortifyData is the next generation of cyber risk management–a comprehensive platform that continuously evaluates your third-party, internal and people risks.

Q6 Cyber

Q6 Cyber

Q6 Cyber is an innovative threat intelligence company collecting targeted and actionable threat intelligence related to cyber attacks, fraud activity, and existing data breaches.

FINX Capital

FINX Capital

FINX strives to solve the cybersecurity issues with its proprietary technolog, FINX SHIELD, by utilizing big data, blockchain combined with artificial intelligence.

Great American Insurance Group

Great American Insurance Group

Great American's Cyber Risk Division offers cyber solutions for small and medium-sized businesses.

AccountabilIT

AccountabilIT

AccountabilIT is a full spectrum information technology services firm for enterprises with complex information technology needs seeking relief from those challenges.