Two ways to help preserve privacy in an age of massive leaks and deep hacks

We live in the golden age of leaks. That’s not to say that leaks didn’t happen before. But the move to digital data and the availability of high-speed Internet connections has made the exfiltration of data on a massive scale much easier. Where in 1971 Daniel Ellsberg had to photocopy 7,000 pages of what became known as the Pentagon Papers before he could leak them to the New York Times, Chelsea Manning was able to give 750,000 military and diplomatic documents to Wikileaks in 2010 by copying them onto writable CDs. Later, Edward Snowden is believed to have gathered and removed around 1.7 million intelligence files – something that would have been impossible had it been analog data. All those leaks were made by whistleblowers who wanted the public to know about US government activities. But alongside the actions of Manning and Snowden there have been an increasing number of thefts of personal data on a massive scale.

For example, in 2014, the email addresses, encrypted passwords, birth dates, mailing addresses and other information for 145 million eBay users were stolen. In 2016, Yahoo admitted serious security breaches had occurred twice: the first saw half a billion accounts compromised, while the second involved one billion Yahoo users. The same year, details leaked from 400 million accounts on AdultFriendFinder, which calls itself the “world’s largest sex and swinger community” site.

More recently, a leak from Equifax took place. Although “only” 145 million users were affected, it was arguably much more serious than the larger leaks of personal data mentioned above. That’s because the information that was lost – full names, Social Security numbers, birth dates, addresses, and some driver license numbers – provides exactly the data that identity thieves need in order to set up fake accounts in the name of others. Since it will not be easy to change many of the details, it is likely that fraud as a result of the Equifax breach will go on for years.

Meanwhile, whistleblowers seem to have taken advantage of the falling costs for portable storage and/or increased download speeds for Internet connections to extract ever-larger sets of information. In 2015, an anonymous source leaked 11.5 million documents that detail financial and attorney-client information for more than 200,000 offshore entities. The so-called “Panama Papers” total 2.6 terabytes of data. Recently, 13.4 million confidential electronic documents relating to offshore investments known as the “Paradise Papers” were revealed. In total, they amount to 1.4 terabytes – half the size of the Panama Papers, but still a huge quantity of data.

A different kind of leak occurred last year, in many ways more serious than all of the above, when the NSA’s secret hacking tools were stolen by a mysterious group calling themselves the Shadow Brokers. As the New York Times explains in a recent article, the US authorities still don’t know who are behind the Shadow Brokers group, how they did it, or what exactly they have copied:

“Fifteen months into a wide-ranging investigation by the [NSA’s] counterintelligence arm, known as Q Group, and the F.B.I., officials still do not know whether the N.S.A. is the victim of a brilliantly executed hack, with Russia as the most likely perpetrator, an insider’s leak, or both. Three employees have been arrested since 2015 for taking classified files, but there is fear that one or more leakers may still be in place. And there is broad agreement that the damage from the Shadow Brokers already far exceeds the harm to American intelligence done by Edward J. Snowden, the former N.S.A. contractor who fled with four laptops of classified material in 2013.”

The seriousness of the leak comes from the fact that the NSA’s hacking tools can now be deployed anywhere in the world in order to steal yet more information. We know that has already happened. As Rick Falkvinge wrote earlier this year, at the heart of ransomware that affected millions of computers around the world, including many in UK hospitals, is the NSA toolkit that was obtained by the Shadow Brokers. That shows that at least some of the exploits are being used for criminal purposes, which means we can expect more.

The ransomware attacks, which cost victims hundreds of millions of dollars according to the New York Times story, underline an important point. At a time when leaks are already happening with increasing frequency and seriousness, the last thing intelligence agencies should be doing is creating more tools for hacking into systems. As Manning, Snowden and the Shadow Brokers proved, even what ought to be the world’s most secure organizations – the US intelligence services – are not leak-proof. That means if hacking tools are created, they are likely to leak out sooner or later. The NSA and others should not be undermining computer systems, they should be actively trying to make them resistant to attacks by state actors and criminals. That means finding and patching bugs in key software, not hoarding them for later use. It also means coming up with tools that defend privacy, rather than seeking to destroy it.

Those are actions that are relatively easy to implement, provided there is the political will to do so. There’s another way to bolster online privacy, but one that will be harder to put into place. What all the major leaks of highly-personal data mentioned above have in common is that they came from huge, centralized databases. Putting valuable data about hundreds of millions of people in a single store naturally magnifies the value in attacking and compromising that point of control.

One way to reduce – but not eliminate – the damage caused by leaks is to move to a federated data storage approach. In that case, the amount of data involved if one of the distributed databases is compromised is reduced. The greater the number of autonomous databases that are deployed, the harder it is for attackers to cause damage on a massive scale. The difficulties here are not technical, but economic and cultural. Companies like Facebook and Google are fighting hard against suggestions that they should store data locally – for example in the EU for citizens there. While they and other companies reject this distributed approach, leaks of highly-personal information will not only occur, but will get worse as the underlying centralized databases continue to grow in size.

Featured image by US Navy.