All roads of data sovereignty lead to a dystopia

My take on the draft Indian data privacy bill. An abridged version of this piece was published by The Tribune. It was also cross-posted at Medianama.

Let’s take a step back from the constant quibbling between the activists and the government. The interests of a citizen, especially in cyberspace, are aligned with that of neither. But let’s first understand the political shape-shifting of the internet in the recent years.

This isn’t a reverberation from my echo chamber, but anyone who hasn’t violated privacy at scale or undertaken mechanised cyber offence would be divorced from the reality on the ground. Or at the least, if the structural dominance of offence in cyberspace isn’t accounted for as a variable in your privacy equation, then it would remain inapplicable in the majority of the cases.

Continue reading “All roads of data sovereignty lead to a dystopia”

Cybersecurity vendors as foot soldiers

This report is a little unsettling if not surprising:

CyberScoop recently reported that FireEye had drawn a red line around exposing certain activities by so-called “friendlies.”

Ronald Prins, who founded Dutch security firm FoxIT, told Mashable in 2014 that his company chose not to publish details about a malware variant known as “Regin” because it might “interfere with NSA/GCHQ operations.”

A former U.S. intelligence official told CyberScoop that these types of “informal and unique” information sharing partnerships with the cybersecurity industry have proved invaluable in the past. The source said these arrangements are usually driven through “personal, one-on-one relationships” rather than a broad based agreement of some sort.

Continue reading “Cybersecurity vendors as foot soldiers”

The Mueller indictment: some thoughts on deterrence, OPSEC and linguistics

Unless your cave doesn’t have wifi, you probably know by now that 12 operatives from the GRU have been indicted by special counsel Robert Mueller.

The supporting document is a rare artefact, in a sense that it is the most public exposition of American cyber tradecraft ever.

Its analysis has been bolstered by an agency – the NSA, in case you are wondering – whose very DNA has been hardcoded with operational deniability. Remember, the US still issues a Glomar response on Stuxnet even when the operation has been outed by a hundred different sources.

Continue reading “The Mueller indictment: some thoughts on deterrence, OPSEC and linguistics”

An Indian cyber mercenary for hire? Bad OPSEC and global footprint

Cisco Talos has just published a report unmasking an Indian cyber actor.

The specific operation under investigation was in progress since 2015. An iPhone malware was deployed using an open-source mobile device management suite and targeted exactly 13 mobiles. This seems like a very focused effort.

But the operator is to only blame itself for getting exposed – it followed terrible OPSEC practices.

Continue reading “An Indian cyber mercenary for hire? Bad OPSEC and global footprint”

A sneak peek into the Pakistan Army’s cyber tradecraft

This seems to have gone unnoticed, so I am placeholding it here. A small ideological disclaimer: I do not *hate* Pakistan like many right-wingers do. In fact, I long visiting Lahore some day and sample its street food. Nonetheless, this is an interesting public exposure to the tradecraft – if it could be called so – of an adversarial army.

In March this year, Amnesty International released a dossier (PDF) on the intimidation and spying of human rights activists based in Pakistan, allegedly by the country’s own army operatives. Apart from the usual scare tactics, the operatives also engaged in social engineering and cyber espionage. Android and Windows based malware were used for the purpose.

Continue reading “A sneak peek into the Pakistan Army’s cyber tradecraft”