Global cyber security researchers are blowing the whistle on intelligence agencies using cyber espionage and warfare. These researchers are now being harassed, blocked from tendering work, and in some countries are being deported, according to Juan Andrés Guerrero-Saade lead research officer for international software security group Kaspersky Lab.
His company, headquartered in Moscow, Russia but registered in the United Kingdom as a holding company, provides cyber security services in 200 countries.
Guerrero-Saade says the retaliation tactics by the intelligence agencies is in direct response to news reports of “prominent advanced-persistent threat campaigns that have coloured information security reporting over recent years”.
He says those reports are forcing researchers to reveal malware attacks by government controlled or sponsored spy agencies.
Guerrero-Saade says details of some of the retaliation are widely and openly spoken about in “private information security circles”, but because some people are afraid to speak out openly, other details circulate as insider rumours.
“In many places, intelligence services tend to be more civilised than in others — you would be lucky to deal with them in the US versus wherever else, Latin America, Asia, or Eastern Europe where they take very different tactics, ” says Guerrero-Saade.
“You can definitely see these threats to livelihoods where it can be as simple as patriotic notions, all the way to ‘you have already made it clear where you stand and it’s going to be next to impossible for you to get a security clearance’ and to work in a large sector of countries where a large amount of anti-malware work is being done,”
“I think it is easier to imagine situations where blackmail, compromise, and threat of livelihood is an issue, and it has been an issue for certain researchers for obvious reasons aren’t going to speak up.”
Other researchers say they have heard similar stories and are not surprised their colleagues find security clearances revoked. They cite China has a major offender.
Guerrero-Saade says many researchers are targeted through blackmail where security agencies use dug up “secrets, debt, and shameful proclivities and mis-steps” to “own” an individual.
“This type of compromise is in some cases related to the threat to livelihood as private information security companies have displayed a more or less strict moralism in their hiring practices, often preferring practitioners untainted by publicly known blackhat tendencies,” he says.
Stay Connected