Digital Leviathan: Nation-State Big Brothers (from huge to little ones)

Video thumbnail (Frame 0) Video thumbnail (Frame 911) Video thumbnail (Frame 4716) Video thumbnail (Frame 7217) Video thumbnail (Frame 8337) Video thumbnail (Frame 9820) Video thumbnail (Frame 11654) Video thumbnail (Frame 12755) Video thumbnail (Frame 13448) Video thumbnail (Frame 14400) Video thumbnail (Frame 15664) Video thumbnail (Frame 16727) Video thumbnail (Frame 17234) Video thumbnail (Frame 17807) Video thumbnail (Frame 18485) Video thumbnail (Frame 21202) Video thumbnail (Frame 22422) Video thumbnail (Frame 23646) Video thumbnail (Frame 25824) Video thumbnail (Frame 27722)
Video in TIB AV-Portal: Digital Leviathan: Nation-State Big Brothers (from huge to little ones)

Formal Metadata

Title
Digital Leviathan: Nation-State Big Brothers (from huge to little ones)
Alternative Title
Digital Leviathan: A Comprehensive List of Nation State Big Brothers
Title of Series
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
2018
Language
English

Content Metadata

Subject Area
Abstract
In his notorious book Leviathan, the XVII century English philosopher Thomas Hobbes stated that: we should give our obedience to an unaccountable sovereign otherwise what awaits us is a state of nature that closely resembles civil war—a situation of universal insecurity. It looks like a lot of current political leaders have red and found the teachings of Hobbes applicable to modern day online life. We witness the rise of the Digital Leviathan. The same apps and applications that people use to connect, express opinions and dissatisfaction are used by governments (even democratic ones) to perform surveillance and censorship. This talk will focus on evidence of Nation-State spying, performing surveillance, and censorship. The aim is to present a systematical approach of data regarding cyber attacks against political targets (NGO/political groups/media outlets/opposition), acquisition and/or use of spywares from private vendors, requested content/metadata from social media/content providers, and blocking of websites/censorship reported by multiple sources. The findings of the research imply that: - 25 nations that have already used cyber offensive capabilities against political targets. - 60 nations acquired/developed spyware. - 117 nations requested content/metadata from social media/content providers. - 21 countries perform some level of censorship to online content.
Uniformer Raum State of matter 1 (number) Family
Group action State of matter Multiplication sign Source code 1 (number) Price index Cyberspace Quantum state Software bug Leak Computer crime Information Website Source code Purchasing Spyware Gamma function Internet service provider Category of being Latent heat Sample (statistics) Computer crime Quicksort Block (periodic table) Hacker (term) Electric current Open source Observational study Civil engineering Cybersex Spyware Content (media) Focus (optics) Power (physics) Local Group Goodness of fit Natural number Internetworking Authorization Gamma function Traffic reporting Mathematical analysis Group action Leak Information privacy Subject indexing Blog Universe (mathematics) Form (programming)
Slide rule View (database) Source code Content (media) Attribute grammar Mach's principle Word Tablet computer Different (Kate Ryan album) Googol Aerodynamics Website Traffic reporting Speech synthesis Cybersex Mobile app Source code Focus (optics) Content (media) Counting Computer network Instance (computer science) Flow separation Twitter Open set Quantum state Facebook Hypermedia Self-organization Hacker (term)
Group action Backup User interface Mapping Cybersex 1 (number) Diffuser (automotive) Independence (probability theory) Coma Berenices Branch (computer science) Instance (computer science) Cartesian coordinate system Quantum state Type theory Graphical user interface Personal digital assistant Hypermedia Different (Kate Ryan album) Internet service provider Normed vector space Personal digital assistant
Distribution (mathematics) Mapping Internet service provider Cybersex Cartesian coordinate system Traffic reporting Twitter
Dialect Graph (mathematics) Cybersex Source code Content (media) Perspective (visual) Twitter Category of being Different (Kate Ryan album) Personal digital assistant Internetworking Internet service provider Direct numerical simulation Right angle
Arithmetic mean Process (computing) Software Source code Computer network Open set Traffic reporting Open set
Mobile app Decision theory Multiplication sign Cellular automaton Projective plane Source code Shared memory Bit Twitter Web 2.0 Subject indexing Internetworking Right angle
Probability density function Dialect Information Mapping Concentric Content (media) Mathematical analysis Average Number Average Different (Kate Ryan album) Hypermedia Internet service provider Representation (politics) Traffic reporting Resultant
Cybersex Graph (mathematics) Mapping State of matter 1 (number) Total S.A. Cyberspace Perspective (visual) Number Twitter 2 (number) Vector potential Power (physics) Goodness of fit Inclusion map Internetworking Hypermedia Green's function Quicksort Addressing mode
Torus Electronic data interchange Cross-correlation Internetworking Multiplication sign Statement (computer science) Musical ensemble
hey guys my name is Eduardo I'm from Brazil alongside my friend on Hajj ago we did this research on state brick brothers and sadly he couldn't be here today and we actually are independent researchers so we couldn't afford to be both of us here so I'm gonna do my best to replace them okay the idea here is to talk about a nation-state activity online and not focusing so much on huge Big Brother's but the little ones also we have four steps for our agenda some
intro and basic concepts the major sources that we used to our research and the outcomes of the analysis and the conclusion and final remarks regarding the subject okay the idea we borrow here from the 16 silly philosopher English philosopher Thomas Hobbes the idea that basically human beings cannot work together he was in very very optimistic he considered that we would almost all the time resort to some sort of state of nature and civil war which is you know 16th century philosophy if you think about an internet it's a pretty good example of the exactly the opposite people gather around a common idea without a top-down Authority without someone saying how it should be so consensus may took a while but it eventually emerges so this idea is largely being used when politicians try to increase state power the idea that threats are too big we have terrorism we have cyber crime we have espionage so we need to give power to someone to an authority often they're politicians there so they want to increase state power and through our research we actually found quite the opposite the most effective and most active actor around cyberspace is actually states doing things attacking not only other states but major attacks against civil society and political groups so it's one of the the conclusions of our research and I hope we can show you some evidence of that some three concepts these are not Academical ones that we use to look for and state misbehavior states big brother-ish activity espionage surveillance eavesdropping censorship you might find better concepts than the ones that we are listening here but you were the ideas to which we went looking for evidence concerning state nation-states activity online well the
main source is that we went four or five first apt reports those were the reports and blog posts from private vendors and gos C certs universities we have some studies from EF f from citizen lab from Toronto some certs from Japan United States so that's a pretty pretty wide material over 750 of them it's pretty Western biased so 80 percent of them are actually from countries within the Western Hemisphere but it allows us to take a good grasp on state activity especially focusing on political targets NGOs political opposition so forth the second and third major sources are not exactly the reactions of the states the the nation state sponsored attacks but the potential capability so the fact that it states are buying there are acquiring offensive solutions and we got that from major leaks from hacking team and gamma goop and finfisher and also some good open sources out there such as bug planet and the surveillance industry index even official documents such as reports from exportations from United United Kingdom Germany in Switzerland also issue some license to sell spyware so it was a good pretty good source for that use the
fourth and fifth sources we have looking for censorship several different organizations do lookup that on the online we're gonna cover them up in the next slides and the fifth one is transparency reports which is pretty interesting because it's relatively new it is start with the Snowden revelations where companies interested in increase their accountability starting to publish the government requests of content and removal so we have a pretty interesting view on how governments are behaving towards that online information okay
jumping into some of the outcomes we're gonna focus first on what we have seen from States cyberattack state-sponsored cyber attacks and fifty-five percent of the documents led to some level of the attribution we had a pickle when we need to group the documents among actors among campaigns because vendors tend to have a branding of their own someone call them bears something called a PTA areata and then we had to group it so we wouldn't count twice for the same attack for instance but that led us to 119 state-sponsored attacks which is a lot and when we looked for the countries when the attribution allowed that we found out 19 different countries with a state-sponsored apt advances persistent threat and you get a picture like that
the map shows us of course the traditional ones Russia US Israel etc but we also get to see some different countries such as Ethiopia Lebanon Syria Pakistan countries that you might not think that had these capabilities so it's interesting to see how diffuse it is and when we look at the types of targets it's interesting to notice also that in 46 cases we had political targets and I mean by political targets I mean opposition parties I mean NGOs independent media outlets so it's rather interesting to see that it's the first place even ahead of military governmental or diplomatic targets so it's pretty interesting to see that we have an evidence that attacks are being directed to civil society to groups to political interests and not exactly interstate Affairs jump into the idea of
a potential capabilities the second layer we should say we found 71 countries that acquired some solutions 41 of them we couldn't even we could identify the user or buyer in 19 cases the buyer was military or an intelligence agency which is interesting because they tend to operate with less oversight from judicial branch for instance and in 20 cases we see an application of backup policies why not you buy from multiple providers maybe in one of them won't work so you have another one that's the picture of what
we see from the distribution of 7-1 countries and the major providers that we identify interesting to notice that not all of these are providers of offensive solution we have a interesting report from citizen lab that covers the use of applications from Procera in Turkey in Syria for the use of surveillance in those countries which is really interesting a narrowing now the countries that we
identify to be military or intelligence agency users and the others that we didn't know we couldn't see who who actually bought it we have this this map and when we select the user buyers from military Intel in an intelligent community we get these 19 countries you get to see that a lot of Middle Eastern countries not of Africa and South Southeast Asian countries are there which is kind of a trend across our data
here is the picture considering the multiple providers from red to green we're seeing red the countries that are acquired for solutions and orange the three yellow to and green just a single solution we had also is easier to see here in the graph you can see that Southeast Asia and Middle East sorry about that are the countries that are the regions which have countries with most actually multiple providers so it's a it's a kind of a trend it's not a surprise so we see these repeated over and over in our data and on the rights of course you see the user buyers from category perspective when we jumped into
the idea of censorship censorship and the blocking of contents we also found 40 countries with some evidence of violence censorship and 42 countries with some level of Internet shutdown curious to see that in almost 75% of the cases the shutdown reached the national level which is remarkable if you think about it and in 57 countries they were in different methodologies in different sources so reinforce the idea that those countries actually are engaging in this kind of big brother-ish behavior here's I'm not
gonna go into the methodology of each one of the sources but I'm gonna go pass through the sources here is only open Observatory of network interference I encourage you to go online and check out their methodology very very oriented to Asian and Middle Eastern countries the
Freedom House written off the net report which is yearly report where the Freedom House evaluates freedom of users online it goes from free to partly free to not free so yellow to red means that you're not doing a very good job similar to
that the web foundation and web index the web index goes from one to two zero to one so you see from light green to to red the same goes for the open net initiative it's a citizen lab project a little bit older but remains remains valid because reinforces the some of the perceptions some of the evidence that we collected prior to that and here the
access now that are shut down tracker you only see India on the red here because in the last two years India reported over 150 shutdowns and all the other countries actually reported less than 30 so it's kind of a outsider here an outlier here in Brazil we had our share of Internet blocking it's worth sharing with you guys it was actually two and two different decisions from two different judges where they wanted the what's up cellular app to wiretap on drug dealers and when whatsapp said it couldn't be done because technically it couldn't be done the content wasn't at their disposal the judge thought it might convince what's up to do something about it by blocking the app a nationwide so that happened for two times two or three days it'll eventually a higher court overruled the first decision but that's Brazil you know you don't need a dictator to do these kind of things you get our judges doing it but never mind on the second thank you on the on the right you see the countries that appeared in multiple sources and you see that same trend where Southeast Asian and Middle Eastern and North African countries appeared besides Iran and China that you might imagine Saudi Arabia Vietnam Turkey if you Opia are countries that are recurring appearing on the data we collected and we go finally to idea of
transparency reports it's interesting one we have already seventy seventy transparent transparency reports published we only actually analyzed stem of the major providers due to lack of human resources but the average for a request to have some data produce was sixty-four percent which is shows why countries are actually interested in in demanding that from social media and overall 125 countries have already requested information or removal content so it's a pretty popular way to get information regarding your targets this
map of the concentration of requests a different social media requests you see that is much more Western oriented most likely because most of social networks have Western users so I we are abated the the result of that but when we break down to numbers and we selected five countries we selected Brazil India Mexico Poland and Turkey as a representation of different regions we see a light and going up which means these countries have requested more information over the years but we do see a country stand out and that's turkey and we check out the numbers only for Turkey it's interesting
to see that going up from 2013 and on Turkey has really spiked the the requests and that coincides to the political crackdown that re-elected president Erdogan it's playing out in the country so maybe this is an evidence that cyberspace is actually being used to impose - to limit civil society and I draw your attention to the bottom right graph that's exactly the removal requests that whitter received that's a percentage of how many requests were issued by Turkey regarding the whole world's the the total amount of requests from Twitter so from 2013 on Turkey responded for 30 40 and finally 50% of all removal requests so it's a pretty big number if you think about a turkey 80 million country maybe 40 50 million Internet users maybe even less Twitter users so it's a maybe it's a good evidence of state misbehavior and towards social media and while going for now some final remarks as you guys can
see I really love maps so this is just the last one where well actually not last one but one of the last ones where I put all the layers together on cyber capabilities you see in orange countries with state-sponsored apts and then in on in yellow and green countries with intelligence and military capabilities and in purple countries will not law enforcement light green a civilian and you can see it's very diffuse we can look at and think like Joseph Nye said is a diffusion of power it really is many countries do possess this capability and when we think about this in a perspective of Internet users 54% of Internet users actually live in countries that already had state-sponsored attacked and if we scale it up to include Intelligence Agency that reach 65 percent and if we go full stack anyone who has some sort of capability potential one that's 92 percent that's pretty much everyone and it means we're all in it together and the second kind of misbehavior that we
classified here as censorship and blocking it's much more oriented towards in Asia and in Africa and you can see that's a strong correlation between censorship and Internet shutdowns we can see 26 countries doing both of the things and 66 and 56 percent of users online are subject to this and well Def Con T's here is talking about 1983 and we are closing in to 1984 and the evidence that we brought justifies that we are actually are there and many of the countries are actually leaving already in 1984 and this is the best place so we can be aware of this and think of creative solutions so we can help them and maybe our daily lives doesn't doesn't reflect really this this kind of statements behavior but we should all be aware that it's out there it's happening right now and we should do something about it I thank you for your patience thank you for your time I leave my context please if you have thank you [Music] [Applause]
Feedback