Black Sea, Black Code: All Your Metadata Are Belong to Us

I recently read Ron Deibert’s, “Black Code: Inside the Battle for Cyberspace” and so my ears perked up a few days ago when I heard Deibert talking to Matt Galloway on Metro Morning.

Diebert, who is also the Director of the Citizen Lab at the Munk School of Global Affairs here in Toronto, was talking about surveillance at the upcoming winter Olympic Games in Sochi. He considers surveillance in Russian society to already be “near total,” and mentions a recent Russian directive that will ensure that all communications at the games are “collected, archived for three years and shared with the Russian FSB [Federal Security Bureau].” For Diebert this amounts to “PRISM on steroids.”

If you haven’t read Black Code I’d recommend it. It was first released in May 2013 and there’s a recent paperback edition out with a new preface talking about Ed Snowden and includes a timeline outlining 104 years of Anglo-American surveillance. Deibert provides a very readable collection of reports and anecdotes discussing everything from internet censorship and surveillance to computer network attacks and cyber espionage. He talks about the “militarization” of cyberspace and the intermingling of government and criminal elements that is effectively creating a bit of a cyberspace “arms race.”

In a recent interview with Dennis Fisher on Digital Underground Deibert says that his book is aimed at a public rather than an academic audience. He identifies problems with the public perception of the internet versus the underlying technology and worries that the average internet user lacks a “basic understanding of what goes on under the surface of the internet.” He warns against this so-called “intrusion technology” that is often marketing the techniques used by cyber criminals.

If I’m interpreting Diebert’s comments on Metro Morning correctly, Sochi will be a prime testing ground for governments and criminals alike to test these techniques. It’s the perfect opportunity to try out and develop new surveillance and cyber espionage applications. Deibert says he can, “imagine that the entire infrastructure and the surveillance regime that’s built around it will be something that is exported by Russian, Chinese and Canadian companies to urban developments in places like Africa as a way to deal with issues around mobilization, political mobilization and so on.”

He suggest that if you do plan on attending the games you should, “assume that everything will be monitored, and that means everything. All of your metadata, your cell phone will be monitored, so all of your movements will be tracked.” He refers to a memo given to U.S. government officials that advises they leave their electronics at home, or alternatively, bring a new, clean phone, tablet or laptop to the games and then be prepared to “discard it” when you leave. Otherwise you run the risk of having your personal information compromised, and for journalists that can mean their contact names and information sources, and you may inadvertently help to distribute any black seeds planted for later exploitation once the games are finished.