The real lessons to be learnt from the phone hacking saga
What have we actually learned from the phone-hacking scandal so far? That this is a game changer? Don’t believe it. That Murdoch won’t get BSkyB? Don’t believe it. He will eventually, one way or another. This current furore will blow over, die down and be replaced by another story. The abdication of Gaddafi? The overthrow of Assad? The implosion of the Eurozone?
What worries me most is that ultimately, nothing much will change. Tabloid journalists will just find other ways to get the scoop. And we’ll not change our phone habits. We’ll lose them. We won’t secure them. And we won’t adopt voice encryption. We’ll also just accept the new joined up Police National Database (PND) despite the proven corruptibility of the police that access it. So let’s look at those two things: mobile phone security, and the PND.
Mobile phone security
Clearly we need to take this more seriously. Strong access control to use it, anti-malware to protect it, data encryption for our sensitive information, remote shutdown in case of loss. All of this is available, and much of it can be got free of charge. But we should now also be thinking in terms of voice encryption to protect our conversations; which sadly is not yet so simple.
One option would be to use Skype VoIP, with its built-in encryption. This would effectively be free (and probably lower our telephony costs as well); but it is far from ideal. I asked Konstantin König, sales and marketing manager at GSMK CryptoPhone, for his view on this.
Skype encryption only helps “against the neighbour”, like an amateur sniffing on your network segment. It is however not strong and well protected enough against determined attackers, especially those with a good technical background or even intelligence background. With more and more nations engaging in economic espionage and countries either helping out their championed companies or directly getting involved in strategic takeovers, this is not a theoretical risk. Skype is also not protected against attacks with Trojan horse software, that is frequently used to snoop into users Skype communications. Trojans are being offered even commercially today and are in widespread use by all kind of attackers, down to jealous spouses.
You will not be surprised to know that GSMK offers a particularly strong product for mobile phone voice encryption.
The GSMK CryptoPhone comes with very strong encryption that has been designed to withstand even attacks from nation states and has a hardened operating system, that provides a high degree of protection against attacks with Trojan horse software, as long as the user maintains physical control of the phone.
I asked Constantin Graf zu Stolberg, executive partner at merchant bank Moorgate and Co and a customer of GSMK why he had adopted the CryptoPhone voice encryption. “Customer pressure,” he answered simply. “Our customers need to talk to us in total confidence about their finances, corporate takeovers, mergers and so on.” Either one or other party would have to travel potentially hundreds of miles in order for them to speak in guaranteed privacy – or they would need good strong encryption. In this case, economy pointed to the latter. I suspect the same economy of security will apply to many large companies. For the rest of us, sadly, it is simply too expensive. But perhaps it shows a market opportunity for the development of seriously strong but inexpensive voice encryption for the masses – something I’m sure that our law enforcement and intelligence agencies will not welcome. Which leads neatly to the second point – the PND.
Police National Database
I have no problem with the idea of a single joined up national police database. My problem is with the data stored on it and the access to it. First of all, it will contain unproven accusations against people never found guilty of the crime in question. And then something like 12,000 police officers will be able to access it.
The PND will face attack on two fronts; from external hackers (including foreign nations) and from the proverbial insider threat: corrupt, inquisitive or dissatisfied police officers. Anybody who thinks or claims that the PND is external hack-proof is living in cloud cuckoo land. It will happen sooner or later: accusations, founded or unfounded, of things like sexual (especially with minors) misdemeanours is valuable information for foreign agencies, competitive companies and organised gangs.
However, the insider threat from police officers themselves, is just as severe. I asked the NPIA for some further information. Are there any basic rules that define what information is and what information is not added to the PND?
Existing information held on local police databases which supports the custody, crime, intelligence, domestic violence and child abuse police business areas has been loaded. The PND can be used for any policing purpose, but the initial business focus will be in three key areas of policing: safeguarding children and vulnerable adults, countering terrorism and preventing and disrupting serious and organised crime. The PND is primarily an intelligence tool and will be used mainly by police investigators and analysts.
So that confirms that you don’t need to be guilty of an offence, merely to have had a complaint made against you, for your details to be held on the PND. How many people can access the PND? How is a user ‘authorised and appropriately vetted’?
Up to 12,000 vetted and authorised individuals will have access. Access will be strictly limited to those whose roles require it. Extensive background checks are made on all users, and the system is fully and heavily audited. PND can only be used for policing purposes and accessed by police forces or police organisations such as CEOP or SOCA. Role-based access dictates what level of information a user can view in terms of its security marking, not what business area the information is linked to.
At which point, think back to Stephen Gerrard’s affray…
In 2009 Gerrard was tried and subsequently cleared of any misdemeanour relating to an altercation between himself and Marcus McGee…
The case generated such interest within Merseyside Police that officers and staff, with no involvement in the case, breached data protection laws by accessing Gerrard’s file. Following an audit by Merseyside’s professional standards directorate, 130 officers have been cited as being involved in the data breach, with the file containing information such as Gerrard’s Date of Birth, address, the allegations against him and the photograph of him taken upon his arrest…
The report says that these breaches are common across Britain with the Lancashire Force experiencing a total of 84 breaches over a three-year period. This included one officer running checks on his daughter’s boyfriend to expose the man’s criminal record for sex offences.
FOI Act reveals Merseyside Police breach Data Protection Laws for information on Steven Gerrard
So we can pretty well expect PND breaches out of simple curiosity. Now think of the current phone hacking scandal, with allegations of cash paid to policemen for peoples’ personal phone numbers.
Brian Paddick, formerly a senior police commander, told the BBC that journalists make clandestine cash payoffs to police in envelopes, which are handed over at a drive-thru fast food restaurant near the News International headquarters.
Sometimes the reporters get information about celebrities in trouble — he cited a car crash involving singer George Michael, who was using marijuana and alcohol at the time — and sometimes it deals with ongoing investigations.
He said there are cases when payoffs are “jeopardizing serious criminal investigations by giving out confidential information that could be useful to criminals.”
Police officials have said only a handful of police are suspected of receiving payments, but declined to say how many.
Paddick, a former London mayoral candidate who may run again in 2012, said one journalist said he had paid 30,000 pounds (about $50,000) for information.
Focus of UK phone hacking scandal shifts to possible police corruption as tabloid closes
So I think we can say quite categorically that the PND will be hacked from the outside, and illegally accessed from the inside. Frankly, if someone has been convicted of a crime, that should be a matter of public record; so I’m not particularly concerned if it does get hacked. But a lot of the information will be unproven, possibly false and malicious accusation and hearsay: fodder for the intelligence tool. And theft of that sort of information is not merely worrying, it is potentially dangerous and life-destroying for totally innocent people.
Back to our original question: what have we learned? Probably nothing – but what we should have learned is that we need to increase our security stance for our mobile phones; and that the Police National Database should not be allowed to contain information that has not been verified by a successful criminal prosecution.