Government hacking
Government hacking permits the exploitation of vulnerabilities in electronic products, such as software, to gain remote access to information of interest. This information allows government investigators to monitor user activity and interfere with device operation. Government attacks on security may include malware and encryption backdoors. The National Security Agency's PRISM program and Ethiopia's use of FinSpy are notable examples.
Hackers
s have extensive knowledge of technology, and may use their knowledge for illegal or unethical purposes. Hackers take advantage of vulnerabilities in software and systems; the hacking consists of manipulating computer systems or electronic devices to remotely control a machine or access stored data.Due to new technologies, it was necessary to update cryptographic algorithms. This need has raised the level of complexity of techniques used for encrypting the data of individuals to guarantee network security. Because of the difficulty of deciphering data, government agencies have begun to search for other ways to conduct criminal investigations; one such option is hacking.
Since government hacking is characterized by the use of technology to obtain information on citizens' devices, some say that government agents could also manipulate device data or insert new data. In addition to manipulating data from individuals, tools developed by the government could be used by criminals.
Hacking by governments
To conduct searches and gain remote access on a regular, large scale, legal attempts have been made to change encryption. Weaker encryption would make technology less secure overall. Governments could copy, modify, or delete data during digital investigations.Cyberwarfare
Hacking is a set of actions which exploit the capabilities of electronic devices. Cyberwarfare is a set of practices in defense of political, socio-environmental, socio-technological and cultural causes which is waged in cyberspace. Intergovernmental cyberwarfare is a consciously-defined, orderly action by a government to attack another government, focusing on the other country's resources, systems and organizations. A cyberattack, thought to be a joint US-Israeli operation, was made on Iran's nuclear power plants in 2010. The attack was made by Stuxnet, a computer worm which targets Microsoft Windows systems and Siemens devices.Types
Government attacks on security use several methods.Malware
This technique sends malware over the Internet to search computers remotely, usually for information which is transmitted on anonymous target computers. Malware can control a computer's operating system, giving investigators great power. According to attorney and educator Jennifer Granick, the courts should restrict government use of malware due to its uncontrollable distribution.Stockpiling or exploiting vulnerabilities
A government may find system vulnerabilities and use them for investigative purposes. The Vulnerability Action Process, a system-vulnerability policy, was created to allow the US government to decide whether to disclose information about security vulnerabilities. The policy does not require disclosure of security breaches to technology vendors, and discussion leading to a decision is not open to the public.Backdoors
Because of the complexity of encryption, governments attempt to unravel and defeat such security features to obtain data. Encryption backdoors allow the strongest encryption to be ignored.Malicious hacking
The government can hack into computers remotely, whether authorized or not by a court. To meet needs, agents CAN copy, modify, delete, and create data. With inadequate oversight of the judicial system, this practice occurs stealthily through the creation of warrants; it is possible to deny the sharing of malware details with defendants during a trial.Harms
From the moment a government allows hacking for investigations and other reasons of state, positive or negative impacts are possible; a number of harms may occur.Property
Generally, hackers damage devices or software and may limit their operation; data on devices involved in the attack may be lost. Replacing devices and efforts to recover data may also be costly, increasing financial damage.Reputation
Hackers may also harm a target's image, specifically or generally. The reputation of an individual is placed at risk for a number of reasons; a person may be innocent but is hypothesized as the target of an attack. In most cases, the individual cannot perceive that he is being attacked and risks being involved in improper security practices.Digital security
Government operations on the Internet to assist in certain operations may reduce digital security. Other users may also be vulnerable to black-market actors, who could introduce viruses into software updates or create hardware. Loss of confidence in the Internet could affect communications and the economy.Criminal cases
Due to technological innovations, the US government has focused on research techniques; examples include the use of hackers and malware through software deployment. Diversified mthods infiltrate and monitor others, especially when the target is an irregular activity by the computer network and an investigation must be remote. The Federal Bureau of Investigation uses Network Investigative Techniques.The US government has increasingly used hacking as an investigative technique. Since 2002, the FBI has used malware in virtual criminal investigations. The main research targets of early NITs were individual computers. The FBI has since developed a form of hacking which attacks millions of computers in one operation. The use of this technique was encouraged by privacy technologies which ensure that users have their identity, and their activities, hidden. Malware is installed so the government can identify targets who use tools which hide their IP address, location or identity.
The best-known and legitimate form of government hacking is the watering hole attack, in which the government takes control of a criminal-activity site and distributes a virus to computers which access the site. The malware can be installed through a link clicked by a user or through access to a site. The user is not aware of the infection on their machine; the malware partially controls it, searches for identifying information and sends it to the source.
To deploy malware, the FBI requires authorization and uses search warrants issued by magistrates in accordance with Rule 41 of the Federal Rules of Criminal Procedure. According to a court transcript, one operation affected 8,000 computers in 120 countries.
In one case which demonstrated this new use of technology by the government, the FBI obtained access to a server in North Carolina stored photos and videos of child victims of sexual abuse and shared them through a website accessed by thousands of users. Instead of shutting down the site, the bureau controlled it for 13 days to create hundreds of criminal cases. According to the FBI, its action was justified by the arrest of hundreds of alleged pedophiles.