by Dave Chappelle
Ron Deibert (PhD,
University of British Columbia) is Associate Professor of
Political Science, and Director of the Canada Centre for Global
Security Studies and
the Citizen Lab at the Munk
School of Global Affairs, University of Toronto.
The Citizen Lab is an interdisciplinary research and development
hothouse working at the intersection of the Internet, global
security, and human rights.
As a political scientist at U of T he is involved in several
collaborative cyberspace R&D projects. He is also a co-founder
and a principal investigator of the
Information Warfare Monitor and
OpenNet Initiative projects. Mr
Deibert will be speaking at
SC Congress Canada in June.
OpenNet document patterns of Internet censorship and
“We hold a mirror to
state-based and other forms of Internet filtering, going
back to 2002,” he said. “Every year we test in over 70
countries using field research and technical interrogation
Generally speaking in the
early part of 2000s, governments either didn't care or were
oblivious to what was happening on the Internet. Today
censorship has become a worldwide norm.
In addition countries are
applying next generation controls.
“They’re engaging in
offensive activities and surveillance implementing new laws
that bring in a climate of censorship, and in some cases
forcing ISPs to do the policing for them.”
May 12, 2011
The Information Warfare Monitor focuses on cyber warfare and espionage.
Tracking Ghostnet and
Shadows in The Cloud, published in 2010,
both originated in the office of
“Our aim was to investigate cyber espionage
networks,” Mr Deibert said.
“So we figured it would be at a targeted
organization with lax security. We also had good relations with the
Tibetan government in exile through our field researchers.”
What they didn’t realize is that the same
attackers had simultaneously infiltrated hundreds of high-level targets,
including many governments.
“We’re trying to understand how it’s being
contested, and how governments and other authorities are exercising
their power in this domain. Cyberspace is a new domain of geopolitical
contestation. We want to outline several complimentary forces that are
leading to a watershed moment in the history and character of
The major forces are first a demographic shift,
from the north and west to the south and east of the planet.
The northern democratic countries where the
knowledge economy was formed are being overtaken by the developing
countries. Asia for example has 40% of the Internet population, yet it ranks
sixth in terms of penetration. There’s a huge growth potential that will
dwarf the number of users that come from places like Toronto or Silicon
Valley or Washington DC.
Most discussion occurs inside policy circles, within constituencies that
assume things - such as inside the Beltway.
“In fact the center of gravity of cyberspace
is shifting before our eyes, and that will affect the character of
cyberspace in ways we can’t predict.”
The Internet is expanding into countries
that have long histories of state intervention.
“We need to get used to that and think about
what it means.”
Communities want to communicate in their own
That pressures linguistic domains, which in turn
could lead to increasing government intervention in cyberspace.
“When we started there were only a handful
of countries that filtered Internet content. Now there are over 30. Many
are imposing requirements on ISPs to filter access to content. Not only
is it legitimate for governments to intervene, but also they’re becoming
Which leads to another factor - the
militarization of the Internet. There’s a lot of hype and exaggeration about
the idea of cyberwar. Yet there’s a ripple effect.
With the creation of the
US military Cyber Command it
is now overt.
“What’s different is that armed forces of
governments are tasked with building doctrines to fight and win wars in
this domain," said Mr Deibert.
"Many of these governments are looking to
the underworld of cybercrime to give them an advantage. Both the attacks
on Estonia and Russian-Georgian conflict involved the exploitation of
cybercrime that were directed by Russian authorities, and also piled on
by well-known criminal botnets.”
There is an arms race in cyberspace, and
criminals are caught up in it.
“Now we have huge cold war behemoths
partaking. That alone is an important force. Not just in terms of how
the market is organized by defense expenditures, but also by the
technology - deep packet inspection or computer exploitation tools.”
May 16, 2011
In Egypt protestors found evidence that
UK firm had been contracted to assist the Egyptian secret police
with computer exploitation services.
"Suddenly this technology and behavior is
attractive to authoritarian regimes. A Canadian company -
Netsweeper - is unapologetic about
servicing this market,” said Ron Deibert, Associate Professor of
Political Science, and Director of the Canada Centre for Global Security
Studies and the Citizen Lab at the Munk School of Global Affairs,
University of Toronto.
The Citizen Lab is an interdisciplinary research
and development hothouse working at the intersection of the Internet, global
security, and human rights.
As a political scientist at U of T he is involved in several collaborative
cyberspace R&D projects. He is also a co-founder and a principal
investigator of the OpenNet Initiative and Information Warfare Monitor
“Cyberspace is owned and operated by the
private sector. So when governments want to control they have to pass
laws. Many of these private companies have to contravene laws of their
own countries... RIM in India, for example."
To operate in a market these firms may have to
turn over information on users.
RIM turning over data to UAE security services
may result in activists being thrown in jail, or worse.
“That will become more common,” Mr Deibert
“The character of cyberspace is certainly
empowering of individuals in ways we’ve never seen. At the same time,
it’s a human made domain. It’s an artifact hat has been created. And it
can be destroyed or changed. Looming on the horizon are many threats.”
For example: network neutrality.
Change is coming, both from governments wanting
more control, and the large telcos that have to deal with the huge amounts
“The amount of malicious traffic Bell Canada
has to deal with is imposing on them the choice to discriminate the
traffic to better control it,” Mr Deibert said.
“It’s a commercial imperative. Not only defending their networks, but
also going out and disabling those responsible for engaging in offensive
computer attacks. It raises questions, if not alarms - a Canadian
company attacking inside a foreign government. If Bell can do that,
what’s stopping Chinese from doing that to a Canadian ISP that hosts a
Falun Gong page? It legitimizes the behavior.”
The US needs to be able to respond aggressively.
Whether you agree or not.
“In response to Shadows in the Cloud, where
our report showed evidence of Chinese infiltrators inside Indian
infrastructure, India proposed passing laws allowing patriotic hacking.”
And of course “patriotic” is defined by the
Wikileaks founder was arrested,
Anonymous targeted Visa and Mastercard, the
Tunisian government, an obscure US church, and then HPGary.
“This is the climate that’s engendered by
the overall militarization of cyberspace. Now it’s not restricted at all
- it‘s openly advocated.”
The huge market for cyber security now has
“What is Canada doing here?” asked Mr
“As a country with a huge geographic
landmass with distributed population, we’re dependent on
telecommunications more than any other. We have no foreign cyberspace
policy, in contrast to many of our allies. We’re dependent on an open
yet secure global communications space. What can we do - cyberspace arms
control? It may not have merit, yet it’s worthy of discussion.”
There’s a lot that could be done in the law
enforcement side. One reason cybercrime is exploding is lack of law
enforcement, especially cooperation between countries.
And law enforcement officers are picky about
which laws they want to enforce.
“We did an investigation on Koobface, which
using Facebook. We had access to their
command and control infrastructure. We gave the information to the RCMP,
which did nothing with it. Low and behold the command and control
infrastructure of Koobface is now set up in Montreal, by a well-known
ISP that hosts malicious networks.”