HACIENDA is the latest program to be uncovered in this week’s reporting. It is a collaborative program between FIVE EYES Intelligence agencies to scan for and infect computers outside their borders. You don’t have to be a target to be a victim of their attacks. Your machine can be owned merely as a stepping stone on their quest to compromise a target.
Borrowing from Bruce Schneier’s eloquent and concise summary of the implications:
“Increasingly, innocent computers and networks are becoming collateral damage, as countries use the Internet to conduct espionage and attacks against each other. This is an example of that. Not only to these intelligence services want an insecure Internet so they can attack each other, they want an insecure Internet so they can use innocent third-parties to help facilitate their attacks.”
A tragic analogy to this are innocent bystanders who become victims of drive-by shootings between criminal gangs hashing it out between them.
If you live in the Anglo-sphere and think “well I’m safe this is everyone else’s problem”, – besides the faulty morals behind the view that non-citizens deserve less rights and protections against this aggressive illegal behavior, it is a mistake to assume that these capabilities are only available to intelligence agencies with enormous black budgets. Hijacking and diverting internet traffic of other countries has happened repeatedly in the past, without having a privileged position on internet backbone. The unencrypted traffic can be poisoned by any attacking state. QUANTUM-like systems are available for any anemic dictatorship with a million dollars to spare as revealed in the Gamma International hack.
Unfortunately there are security “vendors” who always use news like this to mislead and con the uninformed public into buying some ineffective product such as an antivirus. Others buy into the false promises and laughable charade of politicians passing privacy legislation with loopholes preserving the status quo. There are ways to take the fate of your online life and privacy in your own hands and to start protecting yourself from this very moment. They are completely free in every sense of the meaning both in controlling and auditing what runs on your computer and in cost.
The GNU/Linux Free Software OS that is transparent and security centric. It can be installed as your host system on any hardware out there. You can set up your workflow so that any internet interaction be done exclusively through Whonix, running on the built-in KVM hypervisor.