Archive for ‘June, 2015’

More sexist headlines.

datePosted on 10:09, June 21st, 2015 by Pablo

So this was the headline that greeted me when I opened the Herald on line:  “Chris Cairn’s wife accuses Marc Ellis of harassment.” Now, I am not a fan of either Chris Cairn Cairns or Marc Ellis, so wish a pox on both of them. But what galls me about this particular headline is that, once again, some fool copy or sub editor has decided that the female who is the subject of the story should be reduced to the status of someone’s wife. In the article she complains of being mistreated as a senior business woman in Ellis’s ad agency, so it is not as if she is some teeny bopper that Cairns hooked up with in order to bolster his self-image. But in the eyes of the Herald editorial staff, she is just the female appendage of a dodgy ex-jock filing court papers against another ex-jock celebrity. Surely they can do better.

The really sad part of this particular episode is that it seems to be reflective of the casual sexism and misogyny that permeates NZ.  For all the women who have achieved high positions in politics, academia, arts and law (not so much the corporate world), there appears to be this ingrained backward gender weirdness on the part of a significant number of the male population. Come to think of it, sexism and misogyny are the flip side of the coin known as bloke culture–the latter cannot exist without the former.

One interesting aspect of the story is that she was appointed by Ellis to work for his ad agency in the first place. How did that happen? Was she the best qualified person for the job or did the hire have something to do with the fact that she IS Mrs. Cairns? That would add another layer of provincial small mindedness to the equation. The article also mentions that Ellis is the director and sole shareholder of the ad agency, which has as its client Toyota.

Toyota? How did one of the largest vehicle manufacturers on earth happen to award a contract to what is by all appearances a boutique ad firm with no proven track record? Was it because Ellis is seen as representative of the NZ sales demographic that Toyota is targeting? And is that demographic the blokes? That is the only explanation that makes sense to me, but if that is the case then Toyota needs to think harder about that target demographic because Ellis is certainly not representative of it (after all, his blokey larrikin ute-driving days supposedly ended a while ago and he is now portrayed as a responsible businessman, although Mrs. Cairns complaint would suggest otherwise). And if it is the blokes that Toyota is sales targeting, has it not paused to think of the female role in bloke culture? Or does it assume that all women associated with blokes are content with their status as appendages or side kicks to the alpha individual and share his tastes and interests? If so, it has not done enough due diligence with its market research (as well as on Mr. Ellis).

In any event, the headline sucks even though the sexism, nepotism, cronyism, harassment and dubious business practice implicit in the story may well prove true.

Cyberwar comes to New Zealand.

datePosted on 12:23, June 10th, 2015 by Pablo

News that Chinese hackers obtained personal details of 4 million US federal employees dating to 1985, following on the heels of similar attacks on the customer records of private insurance companies and retirement funds as well as the internal email networks of the US State Department and White House, demonstrate that a guerrilla cyber-war is underway. Although it will not replace traditional warfare any time soon, this is the new face of war for several reasons.

First, it does not involve physical conflict using kinetic weapons, which removes direct bloodletting from the equation. Second, it can target critical infrastructure (power grids, water supplies) as well as the command, control, communications, computing and intelligence (C4I) capabilities of adversaries. Third, it can be masked so that perpetrators can claim a measure of plausible deniability or at least intellectual distance from the action. Fourth, it can be used for tactical and strategic purposes and the pursuit of short or long-term objectives.

Much like military drones, cyberwar is here to stay.

The war is not one sided: Russian hackers have penetrated Pentagon email networks and the 5 Eyes signals intelligence alliance has dedicated hacking cells working 24/7 on targets of opportunity. Many other nations also indulge in the practice as far as their technological capabilities allow them. To these can be added a host of non-state actors—Wikileaks, Anonymous, ISIS, among others—who have also developed the capability to engage in electronic espionage, sabotage, data capture and theft.

With the most recent revelations about the hacks on the US Office of Personnel Management (OPM) archival records (which include personal details of active and retired federal employees as well as identities of those who have had or hold security clearances, perhaps including myself given my prior employment by the Department of Defense) an evolution in cyber warfare is now evident.

Previously, most state-sanctioned cyber attacks were so-called “front door” attacks on government or corporate mainframes, servers and networks. The interest was in surreptitiously obtaining sensitive data or installing surveillance devices in order to engage in ongoing monitoring of targeted entities. “Back door” probes and attacks were the province of non-state actors, especially criminal organisations, seeking to obtain private information of individuals and groups for fraudulent use. However, the recent attacks have been of the “back door” variety yet purportedly state sanctioned, and the Snowden leaks have revealed that 5 Eyes targets the personal communications of government officials, diplomats, military officials and corporate managers as a matter of course.

The move to state-sponsored “back door” hacks is ominous. Accessing data about current and retired government employees can be used to blackmail those suffering personal liabilities (debt, infidelity) in order to obtain sensitive information about government processes, procedures, protocols and policy. It can target active and former intelligence and military officials and others with access to classified information. It can target former public officials that have moved to the private sector, particularly in fields of strategic or commercial importance. Likewise, obtaining sensitive personal data of employees working in private firms opens the door to similar exploitation for illicit commercial gain.

Advances in consumer telecommunications have made cyber hacking easier. Smart phones and their applications are considered to be the most vulnerable to hacking. Because many people store an enormous amount of personal data on these devices, and because they often mix work and personal business on them, they represent an enticing entry point when targeted. Yet even knowing this millions of consumers continue to pack their lives into electronic devices, treating them more as secure bank vaults rather than as windows on their deepest secrets. Not surprisingly, both state and non-state actors have embarked on concerted efforts to penetrate mobile networks and hand-held devices. Encryption, while a useful defense against less capable hackers, only slows down but does not stop the probes of technologically sophisticated hackers such as those in the employ of a number of states.

The bottom line is this: the smaller the telecommunications market, the easier it is for cyber hackers to successfully place backdoor “bugs” into the network and targets within it, especially if government and corporate resources are directed towards defending against “front door” attacks. On the bright side, it is easier to defend against attacks in a smaller market if governments, firms, service providers and consumers work to provide a common defense against both “front door” and “back door” hacking.

The implications for New Zealand are significant.

In this new battleground physical distance cannot insulate New Zealand from foreign attack because cyber-war knows no territorial boundaries. New Zealand provides an inviting target because not only is an integral and active member of Western espionage networks, it also has proprietary technologies and intellectual property in strategic sectors of its trade-dependent economy (including niche defense-related firms) that are of interest to others. Because New Zealand’s corporate, academic and public service elites are relatively small and the overlap between them quite extensive, hacks on their personal data are a valuable tool of those who wish to use them for untoward purposes.

New Zealand public agencies and private firms have been relatively slow to react to the threat of cyber warfare. The data they hold on their employees, managers, policy elites and general population is an inviting “back door” for determined hackers seeking to exploit vulnerabilities in New Zealand’s cyber networks. Since many Kiwis are lax about separating their work and private electronic correspondence and records, the potential to access sensitive personal information is high.

New Zealand has been the subject of numerous “front door” cyber attacks and probes on public and private agencies, including an attack by Chinese-based hackers on the NIWA supercomputer carried out in concert with a similar attack by the same source on the supercomputer run by the US National Oceanographic and Atmospheric Administration (NIWA’s US counterpart). New Zealanders have been the targets of numerous “back door” intrusions such as phishing and other scams perpetrated by fraudsters and conmen. Yet successive governments have been slow to recognize the new threat advancing towards it in the cyber-sphere, only recently creating dedicated cyber security cells within the intelligence community and just last year amending the GCSB Act to address vulnerabilities in domestic internet security. But it still may not be enough.

Until New Zealand resolves the problem of institutional lag (that is, the time gap between the emergence of a technologically-driven threat and an institutional response on the part of those agencies responsible for defending against it), there is reason to be concerned for the security of private data stored in it. After all, in the age of cyberwar there is no such thing as a benign strategic environment.

Crowdsourcing opportunity: The 5th Eye.

datePosted on 14:13, June 4th, 2015 by Pablo

I had the opportunity some time go to be interviewed by the one of the director/producers of the documentary “Operation 8” for a forthcoming film about the GCSB and its role in the 5 Eyes signal intelligence network. These good people are part of the grassroots network that attempts to keep those in power accountable to the folk they supposedly serve, and while I may not agree with them on a number of issues I have no doubts about their sincerity, commitment and interest in the common good.

In order to finish the new documentary, titled “The 5th Eye,”  there is a crowdsourcing effort underway that is well worth supporting. The details are here. Besides information about donating, there is a short video trailer included on the page as well as updates and other valuable information. By all means check it out and help this film on its way to fruition.

If you support truly independent film-making in Aotearoa, this is an excellent opportunity to not only talk the talk, but to walk the walk.