Citizen Lab Director Warns of US Authoritarian Descent

Citizen Lab Director Urges Cybersecurity Community to Confront Authoritarianism

Ron Deibert, director of the esteemed Citizen Lab, is issuing a critical appeal to the cybersecurity sector. He is requesting increased involvement in countering the rise of authoritarian practices globally.

Deibert is scheduled to deliver a keynote address at the Black Hat cybersecurity conference in Las Vegas this Wednesday. This event represents a significant gathering of information security experts annually.

A Convergence of Technology and Authoritarianism

Prior to his presentation, Deibert shared with TechCrunch his concerns regarding a “descent into a fusion of tech and fascism.” He emphasized the role of major technology platforms in exacerbating a concerning trend of collective insecurity.

He characterized recent political developments within the United States as a “dramatic descent into authoritarianism.” However, Deibert believes the cybersecurity community possesses the capacity to mitigate these risks.

“Alarm bells must be sounded,” Deibert stated to TechCrunch. “This community should, at a minimum, be cognizant of these developments and actively work to avoid contributing to them, or ideally, help reverse them.”

Politics Increasingly Intertwined with Cybersecurity

Traditionally, the cybersecurity industry in the United States has maintained a degree of political neutrality. However, this separation is diminishing, with political considerations now significantly impacting the field.

Earlier this year, former President Donald Trump initiated an investigation into Chris Krebs, the former director of CISA. This action followed Krebs’ public affirmation of the 2020 election’s security, directly contradicting Trump’s unsubstantiated claims of fraud. Subsequently, Krebs was dismissed via Twitter.

This led to Krebs’ departure from SentinelOne and a commitment to actively challenge the investigation. Jen Easterly, Krebs’ successor and also a former CISA director, responded by urging the cybersecurity community to engage and voice their concerns.

“Remaining silent when experienced, dedicated leaders are marginalized or penalized jeopardizes more than just comfort; it threatens the institutions we are dedicated to protecting,” Easterly articulated in a LinkedIn post.

Easterly herself experienced political interference when a job offer from West Point was withdrawn in late July.

Echoing Calls for Action

Deibert, author of the recently published “Chasing Shadows: Cyber Espionage, Subversion, and the Global Fight for Democracy,” reinforces Easterly’s message.

“There arrives a point where recognizing a shifting landscape is crucial,” Deibert explained. “The security challenges you initially address may become insignificant compared to the broader context and the insecurities arising from a weakening of checks, balances, and oversight.”

Concerns Regarding Government Spyware and Threat Intelligence

Deibert also expressed apprehension that major technology companies – including Meta, Google, and Apple – might curtail their efforts to combat government spyware, often termed “commercial” or “mercenary” spyware. This could involve reducing the size of their dedicated threat intelligence teams.

These teams comprise security researchers focused on tracking government hackers. This includes individuals affiliated with agencies like China’s Ministry of State Security, Russia’s FSB and GRU, and private companies such as NSO Group and Paragon.

These teams are instrumental in identifying attacks against users, such as the discovery by WhatsApp of NSO Group hacking over 1,400 users in 2019, and Apple’s detection of government spyware targeting its customers.

A Market Failure in Cybersecurity for Civil Society

Deibert highlights a “huge market failure when it comes to cybersecurity for global civil society.” This segment of the population often lacks the financial resources to access the security services typically provided to governments and corporations.

“This market failure will worsen as supporting institutions diminish and attacks on civil society escalate,” he warned. He believes that any contributions to address this gap, such as pro bono work, are vital for the preservation of liberal democracy globally.

Given recent cuts to moderation and safety teams within these companies, Deibert is concerned about potential reductions to threat intelligence teams as well.

He noted to TechCrunch that these threat intelligence teams, like those at Meta, are performing “amazing work” by maintaining a degree of independence from their organizations’ commercial interests.

“However, the question remains: how long can this separation be sustained?” Deibert concluded.