You hear about white hat hackers getting corporate gigs all the time. They perform some kind of impressive security breach, finding some flaw in something important and bam, if they aren't thrown in jail for it, they're suddenly working at Google, or one of its contemporaries. The same happens in the government sector too, where disillusioned hackers and security professionals jump ship for an ideological or financial pay cheque. Jim Penrose is one such man, who left the NSA after 17 years to join British digital-security specialists Darktrace, and has been speaking out about how to best protect yourself from his former colleagues.
While you would have to question the morality of all the world's intelligence communities, if someone that works there for that long is happy to just leave and start spilling non-classified beans, there aren't many people that consider groups like the NSA and GCHQ morally righteous at this point anyway. With that in mind, Penrose's statements are a great insight into how the intelligence agencies think.
He suggests that we all stop caring who's trying to look up out skirts and instead, just focus on making it so that we aren't easy to hack or surveil.
“Whether they’re cyber criminals or state sponsored actors, I think a lot of times they can get into a network using a less sophisticated approach or a variant of a known piece of malware… it’s a lower risk operationally for them,” he said (via the Guardian).
While there are supercomputers, custom built malware and dedicated hacking teams within all sorts of organisations, he said they don't want to use those resources unless absolutely necessary. While there isn't much in the way of oversight for the world's intelligence agencies, they do still have to work within a budget.
That means that if you cover your tracks enough and don't cause much of a stir, you aren't going to be worth investigating. That's worth bearing in mind should you feel like avoiding governments or indeed foreign criminals, from searching through your digital rubbish.
Despite his private sector defection however, Penrose was still loyal to the regime he spent a good part of his career in, suggesting that the exposure of its inner workings by whistle blower Edward Snowden was damaging, due to its destabilising of the NSA's “protection mechanisms.”
“I don’t know if that exists in all the other states that use their intelligence capability or military capability in that fashion… they certainly are incredible capabilities but they need to be used for the right purposes,” he said.
Discuss on our Facebook page, HERE.
KitGuru Says: Of course there's always the possibility that Penrose here is a double agent. As long as he isn't working with Other Barry, we should be ok though.
Image source: FX
In another totally unrelated news about the NSA, “EU Undermines NSA with Targeted Data Collection Proposal” http://bit.ly/1v9HDaZ