BPR interviewed Ronald Deibert, director of Citizens Lab at the Munk School of Global Affairs, University of Toronto, an interdisciplinary research organization focusing at the intersection of internet, global security and human rights. They have worked for the office of the Dalai Lama.
BPR: You worked on the Dalai Lama’s cyber security, can you tell us a little about that?
Deibert: Back in 2008, a researcher who worked with us had spent many years with the Tibetan government and in and around the office of the Dali Lama in India. He had become aware that there were reports of people, working at those offices, being monitored, they suspected through their computers. There were instances of people crossing into China being interrogated and presented with transcripts of their chat records. We got interested in this and undertook a forensic investigation of a number of computers not only in Dar Salah but also in the office of Tibetan organizations in New York, London, Brussels and elsewhere. After analyzing this data for many months, we realized that they were in deed infiltrated, but the attackers that managed to infiltrate them managed to infiltrate also hundreds of government agencies, prime ministers offices, ministries of foreign affairs and international organizations, even the UN. This became a GhostNet report, which we released in 2009.
BPR: What documents from the Dali Lama’s files were of interest to these hackers?
Deibert: It is hard to tell exactly what they are interested in because you are seeing bits and pieces of things that are being removed from the computers under their control. The capabilities of the Trojan horse they used are still freely available on the internet. It allowed them to record every keystroke, take snap shots of the desktop screen, even turn on the audio and video capture devises on the computer, effectively turning the computers into wiretaps. They were removing documents from computers that at the time were highly sensitive. The Dali Lama and Tibetan organizations make a point of saying they have no secrecy around their operations, and it is true, but they do communicate in ways that could put peoples’ lives in jeopardy.
BPR: We are talking about private property and sometimes destruction of property. Where do these fall under traditional legal definitions and are judicial branches preventing this type of invasions?
Deibert: It definitely exists in a grey area. We are talking first about an area that is not covered under any international law, which is espionage, an art form that goes as long as there have been interactions among communities of human beings. It takes place in a formal set of customs and rises to the surface usually because someone is either caught or makes a mistake, as it happened in the GostNet case.
There is a really exceptional set of activities that seemed to be emanating from China. China appears to have either condoned or tolerated a high volume of hacking activities that happened within its boarders and many people suspect this is being done deliberately to encourage a kind of vacuuming out of all data and intellectual property through corporate espionage, political espionage, military espionage, as a deliberate strategy. The GhostNet report was really a landmark case because so few people have actually heard of this outside of specialist circles. Certainly it is for the American government which is negotiating with the Chinese as to what to do about this. So there is no law but it has certainly become an international political issue.
BPR: Can you tell us a little bit about your work at Citizens Lab?
Deibert: The Citizens Lab is a university based research lab and the GhostNet report is a good example of the activities we engage in. First of all we are an inter-disciplinary lab, meaning that we employ researchers who come from a variety of different disciplines, who work jointly on projects. All of the research is oriented around, as we call it, “lifting a lid on the internet”. When I founded the citizen lab in 2001, I was interested in uncovering the battles that were going on in cyberspace that were often hidden from the average internet user. GhostNet is a good example of that. Over the years we have documented the growth of internet censorship worldwide through a project called “The OpenNet Initiative”. We have mentored very closely attacks on human rights organizations that were emanating from their adversaries, whether it’s Iran, Syria or China. We have also invented technologies that have helped people circumvent internet censorship and protect themselves online. So we are kind of “hacktivists.”
BPR: What is hacking today and what does the global landscape of cyber subversion look like?
Deibert: The term has two completely different meanings. Today hacking has become virtually synonymous with breaking the law. If you look at the standard definition, it will say – a person who engages in computer crime or breaks into computers. However, originally, it had very positive connotations. It meant being curious about technology and not accepting it at face-value. I think the tension between those two definitions still exists. The kind of Wild West breaking into things idea of hacking is exploding now. Fifty years ago, to hack into a computer or bring down a website, required some basic computer engineering skills. Today programs can be bought from open websites for as little as 100 dollars that could take down almost any website. So there is a kind of democratization going on and governments are developing capabilities to fight and win wars. Some do so by exploiting the underworld of cybercrime and encouraging people that hack on behalf of the state, generating the pro-patriotic hackers in Russia, China, Iran, Syria and elsewhere. I think this is really creating a kind of dangerous environment for cyber space.
BPR: Where do you see internet freedom in the future?
Deibert: I think we stand at a crossroad, and it looks pretty bleak right now. I believe if you look ahead 50 years from now, historians will look back and say that there was this brief window in the 1990’s and 2000’s when citizens created this worldwide network where you could access the same information whether you were in Canada or Central Africa and could communicate in an unfettered manner, but was somehow subverted through censorship. I think the forces driving us towards this latter path are really formidable. I think an analogy might be made with the global environmental movement. We should protect the internet in the way that we protect the earth, all of us should think of preserving cyberspace as a commons of information.