Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday March 02 2014, @01:30PM   Printer-friendly
from the old-crooks-meet-the-new-crooks dept.

AnonTechie writes:

"Schneier: NSA snooping tactics will be copied by criminals in 3 to 5 years. If you thought NSA snooping was bad, you ain't seen nothing yet: online criminals have also been watching and should soon be able to copy the agency's invasive surveillance tactics, according to security guru Bruce Schneier.

'The NSA techniques give about a three to five year lead on what cyber-criminals will do,' he told an audience at the RSA 2014 conference in San Francisco. 'These techniques for exfiltrating data aren't magical, they are just expensive. Everything we know about technology is that it gets cheaper. So the notion of putting up a fake cell tower or wireless access point, of jumping air gaps, you're going to see this stuff it's really just a matter of time.' "

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Insightful) by moo kuh on Sunday March 02 2014, @02:08PM

    by moo kuh (2044) on Sunday March 02 2014, @02:08PM (#9600) Journal

    The big difference between criminals and the NSA, is the NSA can get subpoenas and gag orders with the backing of the the resources of the US government. Sure, criminal organizations can intimidate and get some people in high places, but that still doesn't compare to the power and resources of the US government. Even if some of the techniques are copied (or attempted to), I doubt criminals are going to have an army of PhD mathematicians and computer scientists, as well as huge amounts of spare cash, to implement some of these complex techniques and continue to come up with new and better ones. Some of the simpler things the NSA is doing, I would wager are already being done by criminals. I generally agree with Schneier, but in this case I don't

    Starting Score:    1  point
    Moderation   +3  
       Insightful=3, Total=3
    Extra 'Insightful' Modifier   0  

    Total Score:   4  
  • (Score: 5, Insightful) by jt on Sunday March 02 2014, @02:23PM

    by jt (2890) on Sunday March 02 2014, @02:23PM (#9605)

    I agree that nobody can compete with the US government in this field, with the possible exception of some other nation states, but the point is that the criminals do not need to compete.

    Academia churns out the new ideas and new concepts all the time. We can all read these, either for free (as it should be) or for the cost of a few journal subscriptions, which is hardly beyond the resources of organized crime. Independent researchers can be hired like any other staff.

    Implementing these publicly-accessible concepts is not trivial, but is generally far easier than creating the ideas and the proofs of concept. Maybe only the US govt has the resources to do the Big Stuff with large-scale traffic redirection and intercept, but maybe organized crime doesn't need this.

    • (Score: 1) by moo kuh on Sunday March 02 2014, @03:17PM

      by moo kuh (2044) on Sunday March 02 2014, @03:17PM (#9625) Journal

      You make some good points, hopefully you get modded up. It is generally true that coming up with the idea and proving it is generally the hard part (not always). On the flip side, now that a lot this is public, organizations can take steps to protect themselves. I will admit I did not RTFA (I came here from /.), but I wonder how many of these exploits are already being used by large criminal organizations and even corporations spying on each other.

      • (Score: 2) by jt on Sunday March 02 2014, @05:58PM

        by jt (2890) on Sunday March 02 2014, @05:58PM (#9680)

        You're right that coming up with the good idea is not _always_ the hard part. Execution is important too, especially in the corporate espionage arena you mention here; organized crime can take risks that BigName, Inc. cannot (not for moral reasons, of course, merely due to practicalities of the cost-benefit analysis of being caught).

    • (Score: 1) by Fnord666 on Monday March 03 2014, @03:34AM

      by Fnord666 (652) on Monday March 03 2014, @03:34AM (#9889) Homepage

      I agree that nobody can compete with the US government in this field,

      I second that. When it comes to criminal enterprises, no one can compete with the US government.

  • (Score: 2, Informative) by Anonymous Coward on Sunday March 02 2014, @02:59PM

    by Anonymous Coward on Sunday March 02 2014, @02:59PM (#9621)

    Yeah. How likely is it for the Mob to get a telco to set up a "Room 641A" for them: https://en.wikipedia.org/wiki/Room_641A [wikipedia.org]

    The NSA and FBI can tell telcos and other corps to bend-over at the top levels to do stuff like that. But if the Mafia tried the same thing the telco bosses may have their friends in Government show the Mafia a thing or two about who calls the shots.

    Unless of course it's Russia where the line between the russian mafia and government seems rather blurry to me ;).

  • (Score: 0) by Anonymous Coward on Sunday March 02 2014, @05:54PM

    by Anonymous Coward on Sunday March 02 2014, @05:54PM (#9677)

    I doubt criminals are going to have an army of PhD mathematicians and computer scientists...

    It's the other army most people rightly are much more worried about.