If you allow another country to gain access to really critical data about your society, over time that will erode your sovereignty, you no longer have control over that data.MI6 chief Richard Moore to BBC News (30 November 2021).
“Cyber-security experts have unveiled one of the biggest computer hacking campaigns to date, releasing a list of 72 organisations whose networks were attacked over a five-year period. Victims include the UN and several governments.
REUTERS – Security experts have discovered the biggest series of cyber attacks to date, involving the infiltration of the networks of 72 organizations including the United Nations, governments and companies around the world. …
In the case of the United Nations, the hackers broke into the computer system of its secretariat in Geneva in 2008, hid there for nearly two years, and quietly combed through reams of secret data, according to McAfee.”
Personal information leaked in sensitive contexts can spark violence, discrimination, exclusionary policies. Yet my NGO shares confidential data freely
“If there are no consequences for the [UN] agencies for failures like these … there will be more breaches.”
“About this investigation:
While researching cybersecurity last November, we came across a confidential report about the UN. Networks and databases had been severely compromised – and almost no one we spoke to had heard about it. This article about that attack adds to The New Humanitarian’s previous coverage on humanitarian data. We look at how the UN got hacked and how it handled this breach, raising questions about the UN’s responsibilities in data protection and its diplomatic privileges.“
Approximately 4,000 employees may have had their data compromised.
“In summer 2019, hackers broke into over 40 (and possibly more) UN servers in offices in Geneva and Vienna and downloaded “sensitive data that could have far-reaching repercussions for staff, individuals, and organizations communicating with and doing business with the UN,” The New Humanitarian reported on Wednesday.”
“Oz Alashe, CEO of CybSafe, says that the unintentional disclosure of this cyber attack on such an important institution last year is concerning.
“This delay, and the fact that the UN did not report this attack to any governing authority – or even their own staff – may have put victims at unnecessary risk. Not only were staff passwords stolen, system controls and security firewalls were compromised too which could have led to the critical confidential reports falling into criminal hands,” he pointed out.
This attack could end up undermining trust in the UN – trust that they are able to keep sensitive information safe and trust that they will notify affected individuals when they fail.”
Foreign Policy: EXCLUSIVE U.N.: Backs Down on Partnership With Chinese Firm for 75th Anniversary: The decision comes after U.S. officials and human rights advocates complained that Tencent aids Beijing in surveillance.
“I am very honoured to join you today in this inauguration ceremony of the Regional Hub for Big Data in China, in support of the United Nations Global Platform. The inauguration of this Regional Hub is most important, and timely.
The demand for data, especially during the COVID-19 pandemic, is greater than ever. Governments are in need of detailed data on the spread of the virus and its impacts on society. Under these challenging circumstances, statistical institutes have had to respond urgently to the demand for data, and to present innovative solutions. Consequently, in these times of need, the statistical community is now able to effectively use Big Data and advanced technologies.
For example, census data – together with detailed geospatial information – can help identify the most vulnerable populations during the pandemic. And, real-time data on the position and movement of ships, for example, can estimate the volume of cargo being transported, and thus help produce estimates on the state of the economy. These real-time shipping data are available as a global data set on the United Nations Global Platform, and can be accessed by the whole statistical community.”
Foreign Policy: CHINA USED STOLEN DATA TO EXPOSE CIA OPERATIVES IN AFRICA AND EUROPE: The discovery of U.S. spy networks in China fueled a decadelong global war over data between Beijing and Washington.
“Around 2013, U.S. intelligence began noticing an alarming pattern: Undercover CIA personnel, flying into countries in Africa and Europe for sensitive work, were being rapidly and successfully identified by Chinese intelligence, according to three former U.S. officials. The surveillance by Chinese operatives began in some cases as soon as the CIA officers had cleared passport control. Sometimes, the surveillance was so overt that U.S. intelligence officials speculated that the Chinese wanted the U.S. side to know they had identified the CIA operatives, disrupting their missions; other times, however, it was much more subtle and only detected through U.S. spy agencies’ own sophisticated technical countersurveillance capabilities.”
A United Nations research institute is being set up in China that will amass and analyze huge amounts of data from around the world on sustainable development goals. Chinese researchers are expressing the need for data in order to analyze human behavior.
“China’s influence is undoubtedly growing in the United Nations, with four of the 15 specialized agencies of the intergovernmental organization being led by Chinese nationals. Beijing seized the “absence” of the United States, accelerated by the Trump administration’s disdain for the U.N., to extend its tentacles to unexpected places.
A plan to set up the first U.N. big data research institute is underway in Hangzhou, Zhejiang Province, China. Officially, it would facilitate U.N. operations by amassing and analyzing huge amounts of data from around the world on sustainable development goals (SDGs) to tackle global issues such as starvation and climate change.
One cause for concern is that Chinese researchers are expressing the need for data in order to analyze human behavior. The United States, which is wary of any data leaks to China, is raising alarms against the plan. In an October 7, 2020, article in The Wall Street Journal,Hudson Institute fellow Claudia Rosett warned that the plan would enable China to collect data from U.N. member states and set the standards for data collection.”
“The data privacy and security of Rohingya refugees in Bangladesh has reportedly been jeopardised by the UN Refugee Agency. In an exposé published on 15 June by Human Rights Watch (HRW), UNHCR stands accused of improperly collecting the Rohingya’s biometric information and later sharing it with the Myanmar government without the Rohingya’s consent. Refugees said they had been told to register to receive aid, but the risks of sharing their biometrics had not been discussed, and the possibility this information would be shared with Myanmar was not mentioned.
The potential harm of sharing information with a regime that has a long history of manipulating registration systems to exclude and marginalise Rohingya populations is obvious. That biometrics are involved makes it worse. Unlike names or other personal information, biometrics are sticky – it’s not something you can change or escape.”
“People in Afghanistan are fearful of the Taliban accessing personal information captured and stored by aid agencies including biometric data which could be used to identify individuals. Experts have raised concern that approaches used by security firms and United Nations development agencies could prove problematic for refugees and vulnerable groups, reports the Thomson Reuters Foundation, the charitable trust of Thomson Reuters.
The Intercept reported that equipment used by the U.S. army for biometric collection has already been seized by the Taliban. Biometric data on Afghans who assisted the U.S. were widely collected, making anybody identified vulnerable to persecution from the Taliban.
Sources told the Intercept that there was little planning for such an event, while the U.S. Army plans to continue to spend another $11 million on biometrics capture equipment including 95 more devices.
The UNHCR has been using biometrics in the region since 2002 when it tested iris recognition technology on Afghan refugees in the Pakistani city of Peshawar. Aid agencies praise biometric technology’s anti fraud and contactless capabilities.”
“Hackers breached the United Nations’ computer networks earlier this year and made off with a trove of data that could be used to target agencies within the intergovernmental organization.
The hackers’ method for gaining access to the UN network appears to be unsophisticated: They likely got in using the stolen username and password of a UN employee purchased off the dark web.”
“Organizations like the UN are a high-value target for cyber-espionage activity,” Resecurity Chief Executive Officer Gene Yoo said. “The actor conducted the intrusion with the goal of compromising large numbers of users within the UN network for further long-term intelligence gathering.”
“A spokesperson for the United Nations has confirmed that the organization was breached by hackers in early 2021, and that attacks tied to that breach on various branches of the UN are ongoing. The data breach appears to stem from an employee login that was sold on the dark web. The attackers used this entry point to move farther into the UN’s networks and conducted reconnaissance between April and August. Information gleaned from this activity appears to have been put to use in further attacks, with attempts made on at least 53 accounts.”
UN data breach creates long-term havoc for organization
“The UN has a unique need for cutting-edge cybersecurity given that it is one of the world’s prime targets for hackers, and that it fields regular attacks from advanced operators. Many of these go unrecorded, but the organization has weathered some high-profile attacks in recent years.”
At some of the world’s most sensitive spots, authorities have installed security screening devices made by a single Chinese company with deep ties to China’s military and the highest levels of the ruling Communist Party
Data integrity and cross-border data sharing have been concerns for a very long time. False Data Makes Border Screening Corruptible
There’s a War Going On But No One Can See It by Huib Modderkolk, Bloomsbury, 02 Sept. 2021
“Based on the cases he investigated over a period of six years, award-winning Dutch journalist Huib Modderkolk takes the reader on a tour of the corridors and back doors of the globalised digital world. He reconstructs British-American espionage operations and reveals how the power relationships between countries enable intelligence services to share and withhold data from each other.”
The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power by Shoshana Zuboff, Profile Books, 2019
“Surveillance Capitalism: A new phase in economic history in which private companies and governments track your every move with the goal of predicting and controlling your behaviour. Under surveillance capitalism you are not the customer or even the product: you are the raw material.”
“In a wide-ranging interview ahead of his first major public speech since taking on the role as head of MI6, Mr Moore:
- warned China has the capability to “harvest data from around the world” and uses money to “get people on the hook” …
“Speaking about the threat posed by China, Mr Moore described its use of “debt traps and data traps”.
He said Beijing is “trying to use influence through its economic policies to try and sometimes, I think, get people on the hook”.
Explaining the “data trap”, he said: “If you allow another country to gain access to really critical data about your society, over time that will erode your sovereignty, you no longer have control over that data.
“That’s something which, I think, in the UK we are very alive to and we’ve taken measures to defend against.”
This work is licensed under a
Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.
ORCID iD: https://orcid.org/0000-0001-5311-1052.
© David South Consulting 2021