From: Declan McCullagh <declan@well.com>
To: cypherpunks@toad.com
Message Hash: bc8dc0d0466832d463b07bfe97fd3f633803f66e182266efab5c060bb0a1aeb8
Message ID: <Pine.GSO.3.95.970106201500.27803C-100000@well.com>
Reply To: N/A
UTC Datetime: 1997-01-07 04:15:44 UTC
Raw Date: Mon, 6 Jan 1997 20:15:44 -0800 (PST)
From: Declan McCullagh <declan@well.com>
Date: Mon, 6 Jan 1997 20:15:44 -0800 (PST)
To: cypherpunks@toad.com
Subject: Foreign spies snoop the Net, from The Netly News
Message-ID: <Pine.GSO.3.95.970106201500.27803C-100000@well.com>
MIME-Version: 1.0
Content-Type: text/plain
---------- Forwarded message ----------
Date: Mon, 6 Jan 1997 20:14:17 -0800 (PST)
From: Declan McCullagh <declan@well.com>
To: fight-censorship@vorlon.mit.edu
Subject: Foreign spies snoop the Net, from The Netly News
The Netly News
http://netlynews.com/
SPY VS. SPY
January 6, 1997
By Declan McCullagh (declan@well.com)
Move over, James Bond. Take your last bow, Maxwell Smart. Modern
spies are jacked into the Net, a recent report from the multiagency
National Counterintelligence Center says. It claims the Internet is
now the "fastest growing" means for foreign governments and firms to
gather information about U.S. businesses.
The eight-page quarterly report says that malevolent "foreign
entities" are sorting through web sites, pounding on search engines
and firing off e-mail queries to U.S. defense contractors in hopes of
winnowing out sensitive data.
"Use of the Internet offers a variety of advantages to a foreign
collector. It is simple, low cost, non-threatening and relatively
'risk free' for the foreign entity attempting to collect classified,
proprietary, or sensitive information... We also know foreign
intelligence and security services monitor the Internet," says the
report, which is distributed to government agencies and contractors.
Search engines apparently serve spies well. Want a copy of
something you shouldn't be able to get? Perhaps it was left in an
unprotected directory; try Altavista. "Foreign intelligence services
are known to use computers to conduct rudimentary on-line searches for
information, including visits to governments and defense contractors'
on-line bulletin boards or web sites on the Internet. Access to
Internet advanced search software programs could possibly assist them
in meeting their collection requirements," the NACIC briefing paper
says.
Beware of spam from spies, it warns: "These foreign entities can
remain safe within their borders while sending hundreds of pleas and
requests for assistance to targeted US companies and their employees."
Of course! This is any e-mail spammer's modus operandi: Flood an
astronomical number of addresses at an infinitesimal cost. Then hope
that at least some recipients will respond with the information you
want.
This isn't the first time that the Clinton administration has
painted economic espionage as a dire threat. Last February, FBI
director Louis Freeh warned the Senate Select Committee on
Intelligence of the possible harm. He said foreign governments are
especially interested in "economic information, especially
pre-publication data" including "U.S. tax and monetary policies;
foreign aid programs and export credits; technology transfer and
munitions control regulations... and proposed legislation affecting
the profitability of foreign firms acting in the United States."
Note to Freeh: That information already is online. For proposed
legislation, try Thomas -- or for munition regulations, the White
House web site is a good bet.
But forget Freeh's rhetoric. The White House isn't serious about
halting the overseas flow of American secrets over the Net. If it
were, President Clinton would lift the crypto export embargo. Strong
encryption is the most effective way for companies to fend off
foreign data-pirates, but current regulations allow U.S.
multinational firms to use only the cipher-equivalent of a toy cap
gun. Worse yet, last week the Commerce Department moved further in
the wrong direction by releasing its new encryption export
regulations that continue to keep American businesses at a
competitive disadvantage compared to their foreign competitors, which
generally are less hampered by crypto export rules. "The new
regulations are worse" than the old, says Dave Banisar, a policy
analyst at the Electronic Privacy Information Center.
Sure, France and Britain spy on us for economic purposes. But
we're just as guilty. We snooped on the French -- and got several
U.S. "diplomats" kicked out of France two years ago. We peeked at
Japanese secrets during automobile trade negotiations -- and got
caught then, too. Especially under President Clinton, economic
intelligence has become part of the mission of our spy agencies. Yet
if we complain about other countries while doing it ourselves, we
become hypocrites.
Stanley Kober, a research fellow at the Cato Institute, argues in
a recent paper that it's "folly" for the U.S. to continue such spying
and risk alienating political allies: "The world is still a dangerous
place, and it would be folly for the democracies to engage in nasty
intramural squabbles. Yet that is the danger that economic espionage
against other free societies poses."
"Washington ought to consider that it may need the cooperation of
Paris (or other Western capitals) to help deal with a mutual security
threat" from terrorism, Kober writes.
I asked Kober what he thought of the NACIC report. "It strikes me
as a normal security reminder," he says. "The specifics are fairly
slim. It's not the sort of thing that's sent to everyone. It's sent
to their clients, the people who have government contracts. Since the
Internet is new, they're telling people to be careful."
Indeed, netizens must be careful. It's common sense, really, and
defensive driving for the Net. Encrypt that e-mail. Use the
anonymizer at least once a day. Let paranoia be your watchword. That
e-mail from your mother may come from the KGB. When you're not
watching it, your monitor may be watching you.
Be afraid, Maxwell Smart. Your shoe phone may be listening back.
###
Return to January 1997
Return to “Declan McCullagh <declan@well.com>”
1997-01-07 (Mon, 6 Jan 1997 20:15:44 -0800 (PST)) - Foreign spies snoop the Net, from The Netly News - Declan McCullagh <declan@well.com>