Ron Debert, director of Citizen Lab, one of the most prominent organizations investigating government spyware abuse, has issued alarms to the cybersecurity community and urged them to join and participate in the fight against authoritarianism.
On Wednesday, Deibert will give a keynote speech at the Black Hat Cybersecurity Conference in Las Vegas, one of the biggest gatherings of information security experts this year.
Prior to his speech, Debert told TechCrunch he plans to describe him as a “descent to a kind of fusion of technology and fascism,” and the role that big tech platforms play, “promoting the truly horrific kind of collective anxiety that is not commonly addressed as a cybersecurity issue.”
Deibert described recent US political events as “a dramatic descent into authoritarianism,” something the cybersecurity community can help defend.
“At least they should know what’s going on and hopefully they can’t contribute to it.
Historically, at least in the US, the cybersecurity industry has put some politics behind it. However, these days, politics has completely entered the world of cybersecurity.
Earlier this year, President Donald Trump ordered an investigation into former CISA director, Chris Krebs, who publicly refused Trump’s false claims about election fraud by declaring the security of the 2020 election. Trump later fired Krebs in a tweet. In an investigation ordered by Trump to reelection in 2024 several months later, Krebs has vowed to step down from Sentinel Lawn and fight back.
In response, Jen Easterly, another former CISA director and Krebs successor, called on the cybersecurity community to engage and speak out.
“Being silent when experienced, when mission-led leaders are on the sidelines or approved, risking something greater than discomfort. They risk reducing the very institutions here to protect,” Easterly wrote in a LinkedIn post.
Easterly was a victim of political pressure from the Trump administration when an offer to join West Point was withdrawn in late July.
Deibert, who published his new book, “Chasing Shadows: Cyber Spionage, Subversion, and The Global Fight for Democracy,” this year, reflects the same message as Easter.
“I think there’s a point where you have to recognize that the landscape is changing around you, and the security issues you set for yourself are trivial in light of the anxiety that’s being propelled forward without the broader context and proper checks and balance and monitoring.
Deibert is also concerned that large companies such as Meta, Google and Apple can take a step back from their efforts to combat government spyware, which is sometimes called “commercial” or “mercian” spyware, by thwarting threat intelligence teams.
These threat intelligence teams are dedicated groups of security researchers who track government hackers working within government agencies, such as China’s Ministry of National Security, the FSB and GRU, Russia’s intelligence agency, and companies such as NSO Group and Paragon.
These are the same teams responsible for detecting hacks against their users, such as when WhatsApp hacks more than 1,400 users in 2019, or when Apple uses government spyware to target customers and notify victims of an attack.
Deibert believes there is a “massive market failure when it comes to cybersecurity in global civil society,” part of a population that cannot afford to get support from large security companies that serve governments and corporate clients. “This market failure will become even more severe as support agencies evaporate and attacks on civil society amplify,” he said.
“Whatever you can do to contribute to offset this market failure (for example, pro bono work) is essential to the future of liberal democracies around the world,” he said.
Deibert is concerned that, given that the same companies have reduced moderation and safety teams, they can reduce or at least reduce these threat intelligence teams.
He told TechCrunch that threat intelligence teams like Meta are doing “amazing work” by remaining separate from the commercial weapons of the wider organization.
“But the question is how long it will last,” Daver said.
Source link
