Juan Andres Guerrero-Saade, in September: The top tier of the information security industry has undergone a tectonic shift. Information security researchers are increasingly involved in investigating state-sponsored or geopolitically significant threats. As a result, the affable and community-friendly information security researcher has become the misunderstood and often imperilled intelligence broker. Both individual researchers and top-tier infosec firms face drastic changes in embodying their new role as intelligence brokers. As this new playing field comes into clear view, so will the perils and ethical conundrums that are its permanent features. In the face of investigations with geopolitical weight and consequences, whose final attributions entail unmasking nation-state operations, even the most capable security researcher among us will need drastic preparations, not only to excel but to survive.
Alex Stamos, in October: Starting today, we will notify you if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state. To protect the integrity of our methods and processes, we often won't be able to explain how we attribute certain attacks to suspected attackers. That said, we plan to use this warning only in situations where the evidence strongly supports our conclusion.
David Sanger, in November: Over the past month, Iranian hackers identified individual State Department officials who focus on Iran and the Middle East, and broke into their email and social media accounts, according to diplomatic and law enforcement officials familiar with the investigation. The State Department became aware of the compromises only after Facebook told the victims that state-sponsored hackers had compromised their accounts.
Don Clark, in December: Microsoft said it plans to begin informing users of its online email and file-storage services if it suspects attackers associated with government agencies have tried to break into their accounts.
|