Hong Kong is one of the busiest and freest cities on Earth. It also recently played host to one of the biggest whistleblowers in history – Edward Snowden. In early June, Snowden, an ex NSA (National Security Agency) consultant, exposed their data collection program, causing unparalleled uproar and controversy. For many business operators it also created confusion.
Here is an overview of the story about the US surveillance whistleblowing story of Edward Snowden, with some tips businesses can follow to tighten up cyber security.
The NSA leak
From his hotel in Hong Kong, Edward Snowden sat down with journalists from the Washington Post and The Guardian to disclose that the National Security Agency (NSA) and the FBI have unprecedented access to personal information and data on the Internet. This program, called PRISM, supposedly monitors all foreign communication that passes through US servers.
The reports in the Post and Guardian noted that Microsoft; Yahoo; Google; Facebook; PalTalk; AOL; Skype; YouTube; and Apple, are all participants in this program and had provided the NSA with direct access to their data. After the articles broke, the nine tech companies denied ever willingly giving information to the NSA, but noted they likely would, or had, handed over information if ordered by the courts.
You may wonder why this is such a big deal, especially when the NSA has said they only target foreign traffic. Well, the answer is muddy, at best, but the vast majority of the traffic on the Internet passes through the US. What was most unsettling was the revelation about what data the NSA collects. According to the Washington Post, this includes, “audio and video chats, photographs, e-mails, documents, and connection logs… [Skype] can be monitored for audio when one end of the call is a conventional telephone, and for any combination of audio, video, chat, and file transfers, when Skype users connect by computer alone. Google’s offerings include Gmail, voice and video chat, Google Drive files, photo libraries and live surveillance of search terms.”
Netizens, and many news agencies, were understandably furious because this covers pretty much everything. A report published by the Associated Press confirmed that: “The NSA copies Internet traffic as it enters and leaves the United States, then routes it to the NSA for analysis.” Traffic from within the US, on the other hand, is largely left alone, but it may be connected if the NSA can prove, (with 51% surety), that one of the recipients of the traffic is foreign (not based in the US).
If you are interested in learning more this article in Business Insider covers the highlights of what is going on, or what we know to date.
What about small businesses?
So what can we deduce from this? The NSA primarily targets information flowing through the major tech companies. If you do business with companies outside of the USA, you might assume that the NSA has seen some correspondence, especially if it has contained keywords they have identified and are looking for.
Regardless of this, you should still take steps to ensure that your systems are secure, as you can bet that a number of enterprising criminals will try to cash in on this issue with scams, hacks or other malicious intent.
Here are three things you can do to shore up your cyber security:
This headline making leak is definitely huge and has many people worried as to what could possibly happen to private data. Be sure to stay tuned to the newspapers and blogs as the leak to keep updated as the fallout from this could be huge. If you would like to talk about the security of your systems, please contact us today.