Government plan to force ISP backups of emails could lead to leaks, warns cyber security expert

  • @jerometaylor

The mass leaking of millions of Syrian emails to WikiLeaks could occur in Britain if the government presses ahead with plans to monitor our internet activity, cyber security experts have warned.

This week WikiLeaks began publishing the first of what it claims are 2.4million emails taken from 680 different Syrian government and corporate accounts. Although the whistle-blowing platform will not say how it got hold of the emails, analysts believe it is likely they were taken from just a small number of sources on the internet.

As an authoritarian dictatorship, Syria is tightly controls cyberspace with the state acting as the only internet service provider. The infrastructure allows the state to monitor and censor the website much more easily but it also leaves it significantly more vulnerable to hacks when breaches are successful.

Online hactivists from the Anonymous network have consistently targeted Syrian government websites for the past year whilst the opposition groups have already proven themselves able to use defectors to steal sensitive data.

Although Britain has an internet set-up that is much more varied, the government’s plans to force service providers to create backups of all the emails and messages we send could make it much more vulnerable to a hack.

“Any plans to install a centralised monitoring capability, whether for email, SMS, web traffic or any other form of communication carry an attendant risk,” says Rik Ferguson, a cyber security expert at Trend Micro.

“For traffic to be inspected it must pass through one or more points of aggregation. The networks or systems responsible for this monitoring become potential points of failure. If a compromise can be successfully carried out, then any other party has the potential for the same level of visibility required by the original authority or regime.”

Like any journalistic organisation, WikiLeaks vehemently protects the identity of its sources. The one source who appears to have been uncovered is Bradley Manning, a US army private who is accused of being the source who gave WikiLeaks a vast trove of diplomatic cables.