Who will be “securing the internet?”

Who will be securing the internet?

Arne Vollertsen

Who will be at the front defending the world's networks from malicious software? asks Mikko Hyppönen, Chief Research Officer at F-Secure.

– Don't trust a guy with a ponytail. Especially if he works with cyber security, Mikko Hyppönen once said as an opening remark at a Danish cyber security event.

In fact, and despite the ponytail, a lot of people do trust Hyppönen, when it comes to expert opinions on internet security. Just take a look at his Twitter account. 111.000 people follow his tweets concerning everything related to cyber security.

Although, in October 2009, Twitter administrators temporarily closed Hyppönen's account, after he had posted a link to a phishing site, as a warning to other users. Nevertheless, Twitter has later given credit to Hyppönen for improving Twitter's security.

War against the virus outbreaks

Mikko Hyppönen is the Chief Research Officer at F-Secure, and has been with the company since 1991. He started programming on a Commodore 64 and has been reverse engineering malware since it was spreading on floppies.

He has fought the biggest virus outbreaks in the net, including Loveletter, Blaster, Conficker and Stuxnet. In 2003 his team was responsible for taking down the Sobig.F botnet.

Hyppönen made international news in 2011, when he travelled to Lahore, Pakistan, to track down the authors of Brain, the first PC virus in history. He produced a documentary of the event, published on YouTube.

Mikko Hyppönen is widely used in the media as an expert source, both concerning virus outbreaks and internet security in general. He has also keynoted or spoken at various conferences around the world, including Black Hat, DEF CON, DLD and RSA.

"However, I'm a foreigner"

In recent years he has become increasingly concerned about American intelligence agencies cooperating closely with American technology companies. That is why Hyppönen, in December 2013, cancelled his appearance at the RSA Conference 2014, reacting to a news story alleging that RSA had accepted a random number generator from the National Security Agency, and set it as the default option in one of RSA's products, in exchange of $10 million.

NSA's random number generator was found to be flawed on purpose, in effect creating a back door. RSA had kept on using the generator for years despite widespread speculation that NSA had backdoored it.

In an open letter to RSA, Hyppönen wrote:

– Aptly enough, the talk I won't be delivering at RSA 2014 was titled "Governments as Malware Authors". I don't really expect your multibillion dollar company or your multimillion dollar conference to suffer as a result of your deals with the NSA. In fact, I'm not expecting other conference speakers to cancel. Most of your speakers are American anyway – why would they care about surveillance that's not targeted at them but at non-Americans. Surveillance operations from the US intelligence agencies are targeted at foreigners. However, I'm a foreigner. And I'm withdrawing my support from your event.

Great surveillance tools – phone and internet

Later it has been revealed, that the NSA does not limit its surveillance to foreigners only. The agency is conducting widespread digital surveillance of both US citizens and anyone whose data passes through a US entity, and that it has actively sabotaged encryption algorithms.

Mikko Hyppönen has become one of the most outspoken critics of the agency's programs:

– The two greatest tools of our time have been turned into government surveillance tools. I'm talking about the mobile phone and the internet. George Orwell was an optimist, Hyppönen said, commenting on the PRISM surveillance program, under which the NSA collects internet communications from at least nine major US internet companies.

"The two greatest tools of our time have been turned into government surveillance tools."

His 2013 TED Talk entitled "How the NSA betrayed the world's trust" has been seen by 1.4 million people. His TED Talk "Fighting viruses, defending the net" has been seen by almost 1.5 million people and has been translated to 38 languages.

Why are we so willing to hand over digital privacy?

According to Hyppönen, we need to find alternative solutions to using American companies for the world's information needs. He has pointed out several times, that neither Google nor any other of the large American companies are enemies. They just want to make money. But if American authorities or the NSA try to gain access to their data, what will these companies do?

As an example Hyppönen mentioned Microsoft, the American government being Microsoft's largest customer.

– It's nice to have you as a customer, but will you please stop hacking our systems, Hyppönen said, to illustrate this paradoxical situation.

Hyppönen asks, what's next? Who will be at the front defending the world's networks from malicious software?

– It's more than unsettling to realize there are governments and large companies out there developing backdoors, exploits and trojans.

So now the man, who has been ranked among the 50 Most Important People on the Web by PC World, is asking us all:

– Why are we so willing to hand over digital privacy?

The title of Mikko Hyppönen's keynote speech on Tuesday 20th September at the NORDUnet conference is "Securing the internet". The talks are streamed and you can find them here. You can read the original article here.


comments powered by Disqus