Feb 19, 2019

Hacking in the public interest

Photo: Wodicka/ullstein bild via Getty Images

There is a critical shortage of cybersecurity experts working in public interest roles, including advising at-risk charitable groups, lawmakers and advocacy organizations.

Why it matters: We've written before about difficulties legislators have finding experienced advisers for tech issues and the detrimental effect that can have on policy debates.

  • This is all according to security expert Bruce Schneier, who will host the first symposium on the subject at March's RSA conference ("Bridging the Gap: Cybersecurity + Public Interest Tech").
  • "But it's not just a policy problem," Schneier told Axios' Codebook newsletter. "Civil groups need cybersecurity professionals for protection."

The big picture: There's plenty of need for hackers to serve in public interest roles — but groups are unaware they need the help, and there is little infrastructure to guide civic minded security pros to those groups.

  • This isn't an abstract problem. We've recently seen nations target outmatched nongovernmental groups that antagonize them in even trivial ways. Mexico appears to have spied on advocates of a soda tax in 2017 with militarized spyware that's only sold to governments.

Schneier sees the gap as two solvable problems: "There's a supply problem and a demand problem," he noted.

  • Qualified professionals don't currently know they are needed. And when they do, they often don't know how to get involved.
  • Advocacy, governmental and charitable groups will never be able to pay as much as the private sector.
  • But, said Schneier, that hasn't stopped these groups from being able to employ other traditionally highly paid workers at steep discounts. "I don't know how to solve the salary issue," he said, noting that volunteering and rotating in and out of public service jobs might be an option. "But I do know that the ACLU can only pay a fraction of what a law firm can, but that every time there is an opening they get 100 applicants."

The demand problem can be especially complicated for protection positions.

  • Many public interest groups don't realize they are targeted by governments. Those that do might still decide they'd prefer to use their limited resources on their actual mission rather than on cybersecurity protection.
  • But the problem has grown big enough that the University of Toronto's Citizen Lab has built an international reputation by investigating nation state breaches of public service groups.
  • "High risk groups have resource constraints all over the place," said Citizen Lab's John Scott-Railton, who will appear at the RSA symposium. "A top flight researcher is going to go to an NGO and discover they haven’t set their printer up correctly."

Between the lines: Security tech doesn't work without a qualified person to run it, said Scott-Railton. This isn't a problem that can be solved without funneling new bodies into the sector.

  • RSA is a high profile conference attracting much of the field's talent. It's also a particularly business-focused event, making this a unique place to launch this initiative. Schneier said he doesn't know what size crowd to expect. But sometimes, he said, just getting the conversation started is enough.

Go deeper: "White hat" hackers fill companies' cybersecurity demand

Go deeper

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 12:30 a.m. ET: 859,556 — Total deaths: 42,332 — Total recoveries: 178,300.
  2. U.S.: Leads the world in confirmed cases. Total confirmed cases as of 12:30 a.m. ET: 189,510 — Total deaths: 4,076 — Total recoveries: 7,109.
  3. Business updates: Should you pay your rent or mortgage during the coronavirus pandemic? Find out if you are protected under the CARES Act.
  4. Public health updates: More than 400 long-term care facilities across the U.S. report patients with coronavirus — Older adults and people with underlying health conditions are more at risk, new data shows.
  5. Federal government latest: President Trump said the next two weeks would be "very painful," with projections indicating the virus could kill 100,000–240,000 Americans.
  6. Coronavirus in custody: Inmates in all U.S. federal prisons are set to enter a 14-day quarantine on April 1. A federal judge on Tuesday ordered U.S. Immigration and Customs Enforcement to release 10 detained immigrants who are at risk of contracting COVID-19 while in confinement.
  7. U.S.S. Theodore Roosevelt: Captain of nuclear aircraft carrier docked in Guam pleaded with the U.S. Navy for more resources after more than 100 members of his crew tested positive.
  8. What should I do? Answers about the virus from Axios expertsWhat to know about social distancingQ&A: Minimizing your coronavirus risk.
  9. Other resources: CDC on how to avoid the virus, what to do if you get it.

Subscribe to Mike Allen's Axios AM to follow our coronavirus coverage each morning from your inbox.

U.S. coronavirus updates: Death toll tops 4,000

Data: The Center for Systems Science and Engineering at Johns Hopkins; Map: Andrew Witherspoon/Axios

The novel coronavirus has now killed more than 4,000 people in the U.S. — with over 1,000 deaths reported in New York City alone, per Johns Hopkins data. The number of deaths are still much lower than those reported in Italy, Spain and China.

Of note: Hours earlier, President Trump noted it's "going to be a very painful two weeks," with projections indicating the novel coronavirus could kill 100,000–240,000 Americans — even with strict social distancing guidelines in place. "They are going to be facing a war zone," he said of medical workers.

Go deeperArrowUpdated 29 mins ago - Health

World coronavirus updates: UN warns of recession with "no parallel" to recent past

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's Health Ministry. Note: China numbers are for the mainland only and U.S. numbers include repatriated citizens and confirmed plus presumptive cases from the CDC

The novel coronavirus pandemic is the "greatest test" the world has faced together since the formation of the United Nations just after the Second World War ended in 1945, UN chief António Guterres said Tuesday.

The big picture: COVID-19 cases surged past 858,000 and the death toll exceeded 42,000 Tuesday night, per Johns Hopkins data. Italy reported more than 12,000 deaths.

Go deeperArrowUpdated 2 hours ago - Health