 |
| James Clapper, US director of national intelligence. Photograph: Alex Brandon/AP |
The US intelligence chief has acknowledged for the first time that
agencies might use a new generation of smart household devices to
increase their surveillance capabilities.
As increasing numbers of devices connect to the internet and to one another,
the so-called internet of things promises consumers increased
convenience – the remotely operated thermostat from Google-owned Nest is
a leading example. But as home computing migrates away from the laptop,
the tablet and the smartphone, experts warn that the security features
on the coming wave of automobiles, dishwashers and alarm systems lag far
behind.
In an appearance at a Washington thinktank last month, the director
of the National Security Agency, Adm Michael Rogers, said that it was
time to consider making the home devices “more defensible”, but did not
address the opportunities that increased numbers and even categories of
connected devices provide to his surveillance agency.
However, James Clapper, the US director of national intelligence, was
more direct in testimony submitted to the Senate on Tuesday as part of
an assessment of threats facing the United States.
“In the future, intelligence services might use the [internet of
things] for identification, surveillance, monitoring, location tracking,
and targeting for recruitment, or to gain access to networks or user
credentials,” Clapper said.
Clapper did not specifically name any intelligence agency as involved
in household-device surveillance. But security experts examining the
internet of things take as a given that the US and other surveillance
services will intercept the signals the newly networked devices emit,
much as they do with those from cellphones. Amateurs are already
interested in easily compromised hardware; computer programmer John
Matherly’s search engine Shodan indexes thousands of completely unsecured web-connected devices.
Online threats again topped the intelligence chief’s list of
“worldwide threats” the US faces, with the mutating threat of
low-intensity terrorism quickly following. While Clapper has for years
used the equivocal term “evolving” when asked about the scope of the
threat, he said Tuesday that Sunni violent extremism “has more groups,
members, and safe havens than at any other point in history”.
The Islamic State topped the threat index, but Clapper also warned
that the US-backed Saudi war in Yemen was redounding to the benefit of
al-Qaida’s local affiliate.
Connected household devices are a potential treasure trove to
intelligence agencies seeking unobtrusive ways to listen and watch a
target, according to a study that Harvard’s Berkman Center for Internet
and Society released last week. The study found that the signals
explosion represented by the internet of things would overwhelm any
privacy benefits by users of commercial encryption – even as Clapper in
his testimony again alleged that the growth of encryption was having a
“negative effect on intelligence gathering”.
The report’s authors cited a 2001 case in which the FBI had sought to
compel a company that makes emergency communications hardware for
automobiles – similar by description to OnStar, though the company was
not named – to assist agents in Nevada in listening in on conversations
in a client’s car.
In February 2015, news reports revealed that microphones on Samsung
“smart” televisions were “always on” so as to receive any audio that it
could interpret as an instruction.
“Law enforcement or intelligence agencies may start to seek orders
compelling Samsung, Google, Mattel, Nest or vendors of other networked
devices to push an update or flip a digital switch to intercept the
ambient communications of a target,” the authors wrote.
No comments:
Post a Comment