AnonTechie writes:
"Schneier: NSA snooping tactics will be copied by criminals in 3 to 5 years. If you thought NSA snooping was bad, you ain't seen nothing yet: online criminals have also been watching and should soon be able to copy the agency's invasive surveillance tactics, according to security guru Bruce Schneier.
'The NSA techniques give about a three to five year lead on what cyber-criminals will do,' he told an audience at the RSA 2014 conference in San Francisco. 'These techniques for exfiltrating data aren't magical, they are just expensive. Everything we know about technology is that it gets cheaper. So the notion of putting up a fake cell tower or wireless access point, of jumping air gaps, you're going to see this stuff it's really just a matter of time.' "
(Score: 4, Insightful) by moo kuh on Sunday March 02 2014, @02:08PM
The big difference between criminals and the NSA, is the NSA can get subpoenas and gag orders with the backing of the the resources of the US government. Sure, criminal organizations can intimidate and get some people in high places, but that still doesn't compare to the power and resources of the US government. Even if some of the techniques are copied (or attempted to), I doubt criminals are going to have an army of PhD mathematicians and computer scientists, as well as huge amounts of spare cash, to implement some of these complex techniques and continue to come up with new and better ones. Some of the simpler things the NSA is doing, I would wager are already being done by criminals. I generally agree with Schneier, but in this case I don't
(Score: 5, Insightful) by jt on Sunday March 02 2014, @02:23PM
I agree that nobody can compete with the US government in this field, with the possible exception of some other nation states, but the point is that the criminals do not need to compete.
Academia churns out the new ideas and new concepts all the time. We can all read these, either for free (as it should be) or for the cost of a few journal subscriptions, which is hardly beyond the resources of organized crime. Independent researchers can be hired like any other staff.
Implementing these publicly-accessible concepts is not trivial, but is generally far easier than creating the ideas and the proofs of concept. Maybe only the US govt has the resources to do the Big Stuff with large-scale traffic redirection and intercept, but maybe organized crime doesn't need this.
(Score: 1) by moo kuh on Sunday March 02 2014, @03:17PM
You make some good points, hopefully you get modded up. It is generally true that coming up with the idea and proving it is generally the hard part (not always). On the flip side, now that a lot this is public, organizations can take steps to protect themselves. I will admit I did not RTFA (I came here from /.), but I wonder how many of these exploits are already being used by large criminal organizations and even corporations spying on each other.
(Score: 2) by jt on Sunday March 02 2014, @05:58PM
You're right that coming up with the good idea is not _always_ the hard part. Execution is important too, especially in the corporate espionage arena you mention here; organized crime can take risks that BigName, Inc. cannot (not for moral reasons, of course, merely due to practicalities of the cost-benefit analysis of being caught).
(Score: 1) by Fnord666 on Monday March 03 2014, @03:34AM
I second that. When it comes to criminal enterprises, no one can compete with the US government.
(Score: 2, Informative) by Anonymous Coward on Sunday March 02 2014, @02:59PM
Yeah. How likely is it for the Mob to get a telco to set up a "Room 641A" for them: https://en.wikipedia.org/wiki/Room_641A [wikipedia.org]
The NSA and FBI can tell telcos and other corps to bend-over at the top levels to do stuff like that. But if the Mafia tried the same thing the telco bosses may have their friends in Government show the Mafia a thing or two about who calls the shots.
Unless of course it's Russia where the line between the russian mafia and government seems rather blurry to me ;).
(Score: 0) by Anonymous Coward on Sunday March 02 2014, @05:54PM
It's the other army most people rightly are much more worried about.