I got an interesting note from Varonis, a company that leads in making sure that only the folks that are supposed to see stuff actually do. They wondered how many of the folks who were identified in the Ashley Madison breach, a huge number of which were government officials, are now being blackmailed by China and have been conscripted as Chinese spies. I’m kind of surprised this hasn’t come up before. Given the kind of security that can allow a simple admin like Eric Snowden vast access to government secrets a list of folks that have behaviors that could result in divorce or job terminations would provide an ample hunting ground for hostile governments fishing for information.
This wasn’t the only note that Varonis sent out either, earlier they pointed out how 3D printers were being used to create unique clothing items like shoes that could be used to hide USB sticks and cameras which could then be smuggled into secure areas to collect and then sell or otherwise provide confidential information. This isn’t just about government employees either, what about getting secrets out of Lockheed or even Apple (strangely folks would likely pay more for Apple secrets)?
Let’s talk about how hostile the world has suddenly become.
Despite all of the warnings about the fact that someone is watching everything you do either now or in the future people still do things on-line believing they are private. This myth means there are an incredible number of folks that are in key security positions that can be blackmailed. If we take one thing away from Ashley Madison it is that no site is private. Of course the number of fake women on that site suggests that we can also take a certain amount of pleasure knowing that the guys who thought they were cheating on their wives were doing so with a man pretending like he was a woman and you’d think that might get them to rethink their choices in the future. Unfortunately my sex isn’t known for thinking with its big head so I wouldn’t entirely bet on that.
I wonder how many people that are using these sites who are executives, church officials, politicians, police/security, or judges who now can be blackmailed to do illegal things to protect their jobs, marriages and reputations realize that it is only a matter of time before some crook, spy, or opportunist decides to mine them for information, money, influence or all three. One pastor committed suicide to avoid the embarrassment exemplifying just how damaging, and effective as blackmail, this could be to a variety of trusted groups and that the level of corruption in organizations we trust is likely spike.
Of course, were I China or Russia, after seeing this I’d be tempted to fund a replacement site focused on government officials that want to cheat and hire hookers to meet with them and film the whole thing for an even stronger noose around their collective necks. With the Ashly Madison data I’d know just how to target with my special “fee” affair service and they would likely unwittingly walk right into my trap. If I were working for one of the three letter agencies I’d be tempted to do the same thing and then suggest the caught official resign on the spot or use them as bait to catch the Chinese or Russians attempting to do the same thing.
You can see why Varonis would circulate this speculation, it makes a tool like the one they sell a critical part of any information security program. But that doesn’t mean the risk isn’t real and the best scare tactic is one based in fact like this one is. In the end though, you might want to think about what you are doing on-line and how a hostile force might use it. If you are in a position of trust factor the value of your marriage and freedom against the momentary pleasure and the excitement of a tryst against the excitement of an indictment or the call from a blackmailer. Hopefully that will give you a perspective before you lose your life, for some of you, I expect, you’ll blow this off and wish you didn’t. I hope you aren’t in the latter group.