Mikko Hyppönen says public has a right to know extent of government snooping

Mikko Hyppönen demands increased transparency over government snooping

Mikko Hyppönen, a security expert with F-Secure, has slammed governments for keeping the public in the dark over their surveillance programmes.

“We as citizens need to know what law enforcement is doing, in particular we need to know how successful each of their mechanisms are,” he said in a presentation prior to the annual Slush technology conference in Helsinki.

“The key for us citizens is that we need to know what the decision-makers are doing, we need to know what our agencies are doing, we need to know what law enforcement is doing and we need to know how successful their techniques are,” he said.

Hyppönen argued that some police powers, including malware injections, are simply an extension of rights authorities have always taken advantage of. Yet he maintained these systems need to become more transparent to ensure the trust of the public.

“Now in many countries cops can infect your system with a piece of malware if they believe you are a criminal. I don’t actually have a big problem with this as such but I do demand transparency,” he said.

“Let’s say that local law enforcement infected 100 citizens with malware. If 95 percent of those turned out to be drug traffickers or terrorists then I guess that’s fine.

“However, if 95 percent of those turned out to be law-abiding citizens then maybe it’s not okay. The trouble is, right now we don’t know which one it is. There’s no way for us to know without transparency.

“This year has been an eye opener because we have seen many attacks that are unusual”

– Mikko Hyppönen

Meanwhile on the other side of the law enforcement battle, Hyppönen said that understanding what is happening in the cyber security world is becoming increasingly unpredictable as hackers motives remain so fluid.

“This year has been an eye opener because we have seen many attacks that are unusual,” he said.

“If you look at what happened with Sony Pictures, they had their systems wiped, they had workstations wiped, they had servers wiped all because of an attacker who wasn’t interested in money but was interested in hurting them.”

Hyppönen indicated the Sony case only highlights the unpredictable nature of the business, especially when governments and nation states get involved.

“I was very suspicious of the North Korean link when it was first flaunted by the US government,” he noted.

“But later on when it confessed the information actually wasn’t guesswork but was based on information from the NSA who had breached some of the North Korean networks, that convinced me. But it also changed the story from ‘those god-damn North Koreans came and hacked our system’ to ‘those god-damn North Koreans came and hacked our systems and we know because we hacked them back’.”

Yet the common perception that countries such as North Korea, China and Iran are the worst offenders is wrong, Hyppönen argued.

“Which government has the most advanced cyber capability? That’s easy, it’s the United States. It is closely followed by the Five-Eye partners then probably the Israelis, then maybe the Russians,” he explained.

“The Chinese have a large volume in their attacks but most of their attacks aren’t actually that evolved.”

The IoT  – the next attack vector

Looking to the future and Hyppönen said the rise of the Internet of Things (IoT) is likely to add to the security risks facing the world.

“In computer security our job has changed more than we could have ever imagined,” he said.

“For years we thought our job was to secure a computer, that’s what we thought we were doing. Well that’s not what we do anymore.

“Everything in our society is being controlled by computers and software, which really means that we in computer security today are not securing computers, we are securing society and we are securing infrastructure.”

In order to combat this problem, F-Secure has developed a new product branded “Sense” that aims to protect every smart device in a home.

Formally announced during the Slush 2015 conference, Sense creates a secure network that will monitor and scan for security threats against any home device, in real time.

“We want to bring enterprise grade cyber security to the masses,” explained F-Secure CEO Christian Fredrikson.

“The challenge we face is that we will have [based on research from Gartner] 50 billion devices connected by 2020 and the developers of those devices have no understanding of in-depth security.

“It is ridiculously easy to hack anything connected to the internet because the people building [IoT devices] have not thought about security at all.”

F-Secure Sense

Meanwhile, Samu Konttinen, executive vice president of consumer security at F-Secure, said that the product will also aim to protect the privacy of internet users.

“If you think about the connected devices you have at home you might have a smart TV with a forward front-facing camera; what if someone hacks into that?” he said.

“In privacy I don’t think there is anything more precious than your home. You don’t want anyone invading or violating that privacy.”

During the pre-order period, a 12-month subscription for Sense is available in Europe for €99, with monthly renewals costing €8 per month.

Sense boasts a number of features not found in traditional internet security products, including a mobile application to monitor the network while on the move and cloud-based threat updates.

In 2016, F-Secure will be adding new capabilities to the product including anonymous internet surfing capabilities via VPN and increased banking protection on the Sense-controlled network.

If the article suppose to have a video or a photo gallery and it does not appear on your screen, please Click Here

11 November 2015 | 4:03 pm – Source: v3.co.uk


Leave a Reply

Your email address will not be published.