Hugo Rifkind

Are we all potential cyberterrorists now?

The TalkTalk hack suggests we might be. So will the spies have to snoop on us all?

29 October 2015

9:00 AM

29 October 2015

9:00 AM

Hollywood got there first, of course. Back in 1983, before most of us even learned — then forgot again — what a modem was, Matthew Broderick starred in the seminal and brilliant WarGames. He played a computer hacker; a teenager who goes hunting for games on the global computer network that isn’t quite called the internet, yet. Unwittingly, he instead hacks into Norad, the North American Aerospace Defense Command and, via a convoluted series of events we need not go into here, very nearly sparks World War Three.

Various angry generals assume, first of all, that he is the Russians. Then they assume he must at least be working for the Russians. But he isn’t. He’s just some kid who isn’t even Ferris Bueller yet. At his fingertips, nonetheless, is the expertise to blow up the world. I thought of him this week, when a boy of 15 was arrested in County Antrim on suspicion of hacking into the broadband provider which sponsors The X Factor.

It might not have been him. He was freed on bail the next day. The point, though, is that it could have been. No, the hacking of TalkTalk was not quite World War Three, although Lord knows you could have been forgiven for thinking it was, given the fuss made on Radio 4’s Today programme. Was somebody senior a customer, perhaps? Either way, the initial suspicion was that it could have been cyberterrorists of some sort; perhaps Islamists. Somebody ominous. And maybe it was. Or maybe it wasn’t. Maybe it was nobody much at all.

Western security services are on a cyber-PR push right now. Possibly it’s the groundwork for Britain’s pending Investigatory Powers Bill, which seems to be popping up at the same time as America’s Cybersecurity Information Sharing Act. Always, the stated targets are big and scary. Having finally wearied of TalkTalk, the BBC had Richard Ledgett, the deputy director of America’s National Security Agency, who spoke in a gravelly voice about the threat of cyber-attacks by hostile nation-states. As our own bill draws closer, expect to hear others warning of cyberterrorism, organised crime, paedophile rings.


These are all things worth worrying about, more so now than ever. One quiet upshot of the defection of the former CIA analyst Edward Snowden in 2013 (you remember; there was nothing else in the Guardian for months) was that many US-based internet companies — Facebook, Gmail, etc. — switched on encryption by default. As a result, at least so far as we know, western security services suddenly found it much harder to monitor email traffic, to whatever extent they were already legally allowed to do so. We are on the cusp, in other words, of near-uncrackable encryption becoming ubiquitous. Everybody will use it. Indeed, you’ll probably need a high level of technical nous to turn it off.

According to the technology press, the government’s pending bill is best understood as a workaround for this. However strongly you encrypt your communications, you always need at some point to decrypt them again in order to read them. This bill places a focus not on intercepting traffic, but on the devices that are ultimately used to read it. Which, in the case of terrorists, criminals and paedos, seems all for the good.

What about everybody else, though? What about, for example, 15-year-old boys from County Antrim? How do you monitor them? And if you don’t, how do you catch them if it turns out — and of course, it might not — that they have hacked TalkTalk? Or to put that another way, how do you catch the bad guys, when the bad guys could be anybody at all?

The New Yorker once ran a brilliant cartoon of a floppy-eared hound sitting at a keyboard. ‘On the internet,’ ran the caption, ‘nobody knows you are a dog.’ Nobody knows, either, whether you’re an Islamist cyberterrorist or a kid doing the digital age equivalent of hurling a brick through a window. We are about to dive into a big old debate about the dangers that lurk online, from which our government wishes to protect us. Sooner or later, though, somebody has to be honest about where they can come from, which is anywhere at all. One day, almost anybody will be able to start World War Three. So do we want the spooks to be watching almost everybody? Or what?

Swede victory

Triumph! For years now, I have been conducting an annual campaign to restore the Halloween turnip. A campaign hindered, I’ll grant you, by the South calling a turnip a swede and the North and Scots doing vice versa, which rather complicates matters, and must cause a fair degree of shouting at grocers in the Midlands. And frankly, apart from a handful of people on Twitter (we carve, we bleed, we share photos, it’s all rather forlorn) nobody has given a damn.

Not this year, though. This year, thanks to an apparent shortage of those damned squash-family-answer-to-the-grey–squirrel pumpkins, Halloween turnip advocacy has been visible on the pages of the Daily Mail, the Telegraph, the Independent and the Guardian, and in the news on both Sky and ITV. This is our moment. This is our tipping point. Although I’ve a nagging fear they might mean swedes. But still.

You might disagree with half of it, but you’ll enjoy reading all of it. Try your first 10 weeks for just $10


Show comments
  • Captain Dryland

    Howking the meat out of a hallowe’en turnip was a test of courage, perseverance, and engineering skills that helped develop the character of millions of British schoolchildren, before the arrival of the flabby-bellied American alternative.

  • rtj1211

    Dear Mr Rifkind

    The spies ALREADY spy on us all. At least, on all of us considered to be compos mantis.

    I do hope your dad was a bit more up to speed when he was heading the JSI…..

    • Johnny Foreigner

      I don’t think so…

  • Mc

    Rifkind’s towering intellect never fails to impress

  • Ivan Ewan

    It’s a news story with no news, just old news with a new soundbite attached.

  • mickey667

    The state does snoop on us all already.

    The political police force has babies with political activists, organises blacklists for people raising health and safety concerns on construction sites, sweeps up all our contacts, who we email, who we call, when where how, has MPs and journalists on the domestic extremism database (alongside 10s of thousands of other people who have had the nerve to exercise their democratic rights to attend a protest).

    We are the most surveilled state in the world, have a secret political police force unlike anything any other Western state has, protest is criminalised, 100s of undercover police infiltrate campaigning groups and disrupt and harm them, and our police has virtually unhindered access to our online communications, again, unlike anything any other western nation would dream of.

    I think, with regards free speech and democratic protest, we can;t really consider ourselves a democracy anymore.

    • Cobbett

      The Tories new anti-‘Extremist’ measures will make it even worse…for one thing they will be giving millions to various organisations to police the internet etc rooting out all ‘intolerant’ opinions, with offenders being hounded out of their jobs as one of the ‘punishments’. So much for small government and the benefits of diversity.

      • jeremy Morfey

        Indeed – the burden of proof required for a criminal conviction is “beyond reasonable doubt”, to stop you seeing your kids, it is “within the balance of probability and the determination of the parent-with-care to thwart contact”, to disqualify you from employment or working with children or vulnerable adults for life “a record of a complaint made to a police officer”. It seems that fairly draconian punishments can now be meted out using hearsay, gossip or malice. A charge of paedophilia (which is a state of mind, not an tangible crime until acted on), once suggested, is notoriously hard to defend. This has set a precedent that can now spill out onto other misdemeanours.

        Because I oppose Single Gender “marriage” and have said so online, I lack, by Teresa May’s definition “British values” and am therefore a radical extremist. I await the knock on the door.

        What burden of proof is required, say, to arrange a fishing raid, Cliff Richard-style on your home and the confiscation of your computer and other personal possessions for anything incriminating?

        Should we be revisiting Habeas Corpus?

        We need to separate the safeguarding of national security, which should be covert, discrete and goes no further than military intelligence and privy councillors, from the police investigation of general criminality which, by its nature of open justice, must be subject to much stricter safeguards on privacy and personal liberty and respect for judicial principles going back to 1215. Whatever we may feel about Gary Glitter, he was hardly about to bring about the collapse of our nation through organised treason. Nor did it require all this blanket intrusive covert surveillance to secure his conviction. Even Ian Huntley would never have been taken on as a school caretaker had his employer chased up his references.

        • Mr B J Mann

          Rubbish.

          How can councils ensure that wheely bins are properly closed and kids are in the right school catchment area without these powers?!?!?!!!!!

    • Johnny Foreigner

      Almost spot on, but you forgot CCTV.

  • Cobbett

    Yeah, that’s right…we’re all dab hands at computer hacking…(if I was it would be bank accounts).

  • carl jacobs

    Wargames was an idiotic movie. It was an artificially constructed plot that conveyed complete ignorance of the subject it purported to represent. I laughed all the way through it.

  • Jackthesmilingblack

    “Ship me somewheres east of Suez
    Where the best is like the worst
    Where there ain’t no Ten Commandments
    And a man can raise a thirst”

  • Mr B J Mann

    We have the technology to read the address off the front of envelopes electronically and transform it into a digital code, have had for decades, perhaps half a century.

    Isn’t it about time that Royal Mail customers were forced to put senders addresses on the backs of envelopes and leave them unsealed?

    And for the postal service to scan both addresses, and store the data for security services use?!

    They should also divert any envelopes posted to or from suspect addresses to them for checking.

    OK, criminals and terrorists might find ways of getting round such measures, but if they are good enough for emails and mobiles, the should be good enough for snail mail,

    And if it saves just one life, isn’t it worth it?!

    After all, if you’ve nothing to hide: you’ve nothing to fear!!!

    Perhaps we coul trial it at Westminster and constituency offices, and MPs first and second homes?!?!!!

Close