In 2008, Burhan Hassan, age 17, boarded a flight from Minneapolis to the Horn of Africa. And while Burhan was the youngest recruit, he was not alone. Al-Shabaab managed to recruit over two dozen young men in their late teens and early 20s with a heavy presence on social media platforms like Facebook. With the Internet and other technologies, they've changed our everyday lives, but they've also changed recruitment, radicalization and the front lines of conflict today.
2008. godine, Burhan Hassan, 17-godišnjak, ukrcao se na let iz Minneapolisa za Afrički rog. Dok je Burhan najmlađi regrut, nije bio jedini. Al-Shabaab uspio je regrutirati više od 20 mladića, starijih tinejdžera i onih u ranim 20-ima kroz snažnu prisutnost na platformama društvenih medija poput Facebooka. Internet i druge tehnologije promijenile su našu svakodnevnicu, ali su promijenili i načine regrutiranja, radikalizacije i prve fronte suvremenih sukoba.
What about the links connecting Twitter, Google and protesters fighting for democracy? These numbers represent Google's public DNS servers, effectively the only digital border crossing protesters had and could use to communicate with each other, to reach the outside world and to spread viral awareness of what was happening in their own country.
Što je s vezama između Twittera, Googlea i prosvjednika koji se bore za demokraciju? Ove brojke predstavljaju Googleove javne DNS servere što je praktički bio jedini digitalni prijelaz granice koji su prosvjednici mogli koristiti za međusobnu komunikaciju, za kontakt s vanjskim svijetom te za viralno širenje svijesti o tome što se događa u njihovoj državi.
Today, conflict is essentially borderless. If there are bounds to conflict today, they're bound by digital, not physical geography. And under all this is a vacuum of power where non-state actors, individuals and private organizations have the advantage over slow, outdated military and intelligence agencies. And this is because, in the digital age of conflict, there exists a feedback loop where new technologies, platforms like the ones I mentioned, and more disruptive ones, can be adapted, learned, and deployed by individuals and organizations faster than governments can react.
Danas, sukob nema granice. Ako granice sukoba postoje, one su omeđene digitalnom, a ne fizičkom geografijom. Ispod svega ovoga je vakuum moći, u kojem nedržavni akteri, pojedinci i privatne organizacije imaju prednost pred sporim i zastarjelim vojnim i obavještajnim agencijama. Ovo se događa jer u digitalnom dobu sukoba postoji povratna sprega gdje nove tehnologije, platforme koje sam spominjao, ali i razornije, pojedinci i organizacije mogu prilagoditi, naučiti i iskoristiti brže nego što vlast može reagirati.
To understand the pace of our own government thinking on this, I like to turn to something aptly named the Worldwide Threat Assessment, where every year the Director of National Intelligence in the US looks at the global threat landscape, and he says, "These are the threats, these are the details, and this is how we rank them." In 2007, there was absolutely no mention of cyber security. It took until 2011, when it came at the end, where other things, like West African drug trafficking, took precedence. In 2012, it crept up, still behind things like terrorism and proliferation. In 2013, it became the top threat, in 2014 and for the foreseeable future.
Kako bismo razumjeli tempo razmišljanja naše vlasti o ovome, okrenuo bih se nečemu prigodno nazvanim Worldwide Threat Assessment, u kojoj Direktor obavještajnih službi SAD-a pregledava svjetske prijetnje i kaže: "Ovo su prijetnje, ovo su detalji, a ovako ih rangiramo." 2007. uopće nije bilo spomena cyber sigurnosti. 2011. nalazila se na začelju, pri čemu su stvari poput trgovine drogom u Zapadnoj Africi bile ispred. 2012., podigla se, ali još uvijek iza terorizma i proliferacije. 2013. postala je glavna prijetnja za 2014. i skoru budućnost.
What things like that show us is that there is a fundamental inability today on the part of governments to adapt and learn in digital conflict, where conflict can be immaterial, borderless, often wholly untraceable. And conflict isn't just online to offline, as we see with terrorist radicalization, but it goes the other way as well.
Ovo nam pokazuje da danas postoji bitna nesposobnost vlasti za prilagodbu i učenje u digitalnom sukobu, u kojem je sukob nematerijalan, bez granica i teško mu je ući u trag. On ne ide samo iz online u offline svijet, kao kod terorističke radikalizacije, nego ide i u drugom smjeru.
We all know the horrible events that unfolded in Paris this year with the Charlie Hebdo terrorist attacks. What an individual hacker or a small group of anonymous individuals did was enter those social media conversations that so many of us took part in. #JeSuisCharlie. On Facebook, on Twitter, on Google, all sorts of places where millions of people, myself included, were talking about the events and saw images like this, the emotional, poignant image of a baby with "Je suis Charlie" on its wrist. And this turned into a weapon. What the hackers did was weaponize this image, where unsuspecting victims, like all of us in those conversations, saw this image, downloaded it but it was embedded with malware. And so when you downloaded this image, it hacked your system. It took six days to deploy a global malware campaign. The divide between physical and digital domains today ceases to exist, where we have offline attacks like those in Paris appropriated for online hacks.
Upoznati smo sa strašnim događajima koji su se odvijali u Parizu ove godine s terorističkim napadom na Charlie Hebdo. Jedan haker ili manja grupa anonimnih pojedinaca uključili su se u razgovor na društvenim medijima, u kojima su mnogi sudjelovali, #JeSuisCharlie. Na Facebooku, Twitteru i Googleu i drugim mjestima gdje su milijuni ljudi, uključujući i mene, razgovarali o događajima i vidjeli ovakve slike, emotivnu, tešku sliku bebe s "Je suis Charlie" na zapešću. Ovo se pretvorilo u oružje. Hakeri su od ove slike napravili oružje, a nesumnjičave žrtve, poput svih nas u ovim razgovorima, vidjele su sliku, skinule ju, no ona je sadržavala zlonamjerni softver. Kada bi skinuli ovu sliku, hakirala bi vaš sustav. Trebalo je šest dana za pokretanje globalne kampanje protiv zlonamjernog softvera. Podjela između fizičke i digitalne domene danas prestaje postojati, gdje se offline napadi poput onih u Parizu prilagođavaju za online hakiranja.
And it goes the other way as well, with recruitment. We see online radicalization of teens, who can then be deployed globally for offline terrorist attacks.
Ovo ide i u suprotnom smjeru kroz regrutaciju. Vidimo online radikalizaciju tinejdžera koji se tada globalno mogu upotrijebiti za offline terorističke napade.
With all of this, we see that there's a new 21st century battle brewing, and governments don't necessarily take a part.
Kroz sve ovo, vidimo da se stvara nova borba 21. stoljeća, a vlasti nužno ne sudjeluju u njoj.
So in another case, Anonymous vs. Los Zetas. In early September 2011 in Mexico, Los Zetas, one of the most powerful drug cartels, hung two bloggers with a sign that said, "This is what will happen to all Internet busybodies." A week later, they beheaded a young girl. They severed her head, put it on top of her computer with a similar note. And taking the digital counteroffensive because governments couldn't even understand what was going on or act, Anonymous, a group we might not associate as the most positive force in the world, took action, not in cyber attacks, but threatening information to be free. On social media, they said, "We will release information that ties prosecutors and governors to corrupt drug deals with the cartel." And escalating that conflict, Los Zetas said, "We will kill 10 people for every bit of information you release." And so it ended there because it would become too gruesome to continue. But what was powerful about this was that anonymous individuals, not federal policia, not military, not politicians, could strike fear deep into the heart of one of the most powerful, violent organizations in the world. And so we live in an era that lacks the clarity of the past in conflict, in who we're fighting, in the motivations behind attacks, in the tools and techniques used, and how quickly they evolve. And the question still remains: what can individuals, organizations and governments do?
Drugi slučaj je Anonymous protiv Los Zetas. U ranom rujnu 2011., u Meksiku, Los Zetas, jedan od najmoćnijih kartela, objesili su dva blogera uz znak na kojem je pisalo: "Ovo će se dogoditi svim zabadalima na internetu." Tjedan dana poslije, mladoj djevojci su odrubili glavu. Odsjekli su joj glavu i stavili na njezino računalo sa sličnom porukom. Digitalni protunapad, jer vlasti nisu razumjele što se događa niti znale što raditi, učinio je Anonymous, grupa koju ne vidimo kao najpozitivniju silu u svijetu, poduzeli su akciju, ne kroz cyber napade, nego kroz prijetnje o otkrivanju informacija. Na društvenim medijima poručili su: "Razotkrit ćemo informacije koje povezuju tužitelje i guvernere s korupcijom i dilerima kartela. Kako bi eskalirali ovaj sukob, Los Zetas su rekli: "Ubit ćemo 10 ljudi za svaki bit informacije koji otkrijete." Završilo je na tome jer je postalo premorbidno nastaviti. No moćna stvar u ovome je što su anonimni pojedinci, a ne savezna policija, vojska ili političari, uspjeli unijeti strah u kosti jednoj od najmoćnijih i najnasilnijih organizacija na svijetu. Živimo u doba u kojem nema jasnoće prijašnjih sukoba o tome protiv koga se borimo, o motivacijama iza napada, o alatima i tehnikama te brzini njihove evolucije. Pitanje koje preostaje je: što mogu učiniti pojedinci, organizacije i vlast?
For answers to these questions, it starts with individuals, and I think peer-to-peer security is the answer. Those people in relationships that bought over teens online, we can do that with peer-to-peer security. Individuals have more power than ever before to affect national and international security. And we can create those positive peer-to-peer relationships on and offline, we can support and educate the next generation of hackers, like myself, instead of saying, "You can either be a criminal or join the NSA." That matters today. And it's not just individuals -- it's organizations, corporations even. They have an advantage to act across more borders, more effectively and more rapidly than governments can, and there's a set of real incentives there. It's profitable and valuable to be seen as trustworthy in the digital age, and will only be more so in future generations to come.
Odgovor na ova pitanja počinje s pojedincima i mislim da je odgovor peer-to-peer sigurnost. Ljudi koji su u ovim vezama pridobili tinejdžere na internetu, možemo učiniti to kroz peer-to-peer sigurnost. Pojedinci imaju više moći nego ikada prije utjecati na nacionalnu i međunarodnu sigurnost. Možemo stvoriti ove pozitivne peer-to-peer veze na i izvan interneta, možemo podržavati i obrazovati sljedeću generaciju hakera, poput mene, umjesto da govorimo: "Možeš biti ili kriminalac ili raditi za NSA." Ovo je danas bitno. Ne radi se samo o pojedincima -- nego i o organizacijama i korporacijama. Imate prednost djelovati preko više granica učinkovitije i brže od vlasti, a tu je i niz pravih poticaja. Profitabilno je i vrijedno doimati se pouzdanim u ovo digitano doba, a ovo će biti sve važnije budućim generacijama.
But we still can't ignore government, because that's who we turn to for collective action to keep us safe and secure. But we see where that's gotten us so far, where there's an inability to adapt and learn in digital conflict, where at the highest levels of leadership, the Director of the CIA, Secretary of Defense, they say, "Cyber Pearl Harbor will happen." "Cyber 9/11 is imminent." But this only makes us more fearful, not more secure. By banning encryption in favor of mass surveillance and mass hacking, sure, GCHQ and the NSA can spy on you. But that doesn't mean that they're the only ones that can. Capabilities are cheap, even free. Technical ability is rising around the world, and individuals and small groups have the advantage. So today it might just be the NSA and GCHQ, but who's to say that the Chinese can't find that backdoor? Or in another generation, some kid in his basement in Estonia?
No ipak ne možemo ignorirati vlast jer se njoj okrećemo za kolektivnu akciju radi sigurnosti i zaštite. No vidimo kamo nas je to dovelo zbog nesposobnosti prilagodbe i učenja u digitalnom sukobu, gdje na najvišim razinama vodstva, Direktor CIA-e i Ministar obrane kažu: "Cyber Pearl Harbor će se dogoditi." "Cyber 11.09. je neminovan." No zbog ovoga smo sve uplašeniji, ne osjećamo se sigurnije. Zabranom šifriranja u korist masovnog nadzora i hakiranja, naravno, GCHQ i NSA vas mogu špijunirati. No to ne znači da su oni jedini. Mogućnosti su jeftine ili čak besplatne. Tehničke sposobnosti su u porastu diljem svijeta, a pojedinci i male grupe su u prednosti. Danas su to možda NSA i GCHQ, ali tko kaže da Kinezi ne mogu pronaći taj stražnji ulaz? Ili u idućoj generaciji, neki klinac u svom podrumu u Estoniji?
And so I would say that it's not what governments can do, it's that they can't. Governments today need to give up power and control in order to help make us more secure. Giving up mass surveillance and hacking and instead fixing those backdoors means that, yeah, they can't spy on us, but neither can the Chinese or that hacker in Estonia a generation from now. And government support for technologies like Tor and Bitcoin mean giving up control, but it means that developers, translators, anybody with an Internet connection, in countries like Cuba, Iran and China, can sell their skills, their products, in the global marketplace, but more importantly sell their ideas, show us what's happening in their own countries.
Rekao bih da nije stvar u tome što vlast može učiniti, nego u onome što ne može. Današnje vlasti moraju prepustiti moć i kontrolu kako bi nam pomogli zaštititi nas. Gašenjem masovnog nadzora i hakiranja te zatvaranjem ovih stražnjih ulaza znači da nas oni ne mogu špijunirati, ali ne mogu ni Kinezi ili taj haker iduće generacije iz Estonije. Podrška vlasti tehnologijama poput Tora i Bitcoina znači predaju kontrole, ali znači da developeri, prevoditelji, bilo tko s internet vezom u državama poput Kube, Irana ili Kine, mogu prodati svoje vještine i proizvode na globalnom tržištu, ali i prodati svoje ideje, pokazati nam što se događa u njihovim državama.
And so it should be not fearful, it should be inspiring to the same governments that fought for civil rights, free speech and democracy in the great wars of the last century, that today, for the first time in human history, we have a technical opportunity to make billions of people safer around the world that we've never had before in human history. It should be inspiring.
Stoga ne bi trebalo plašiti, nego inspirirati ove vlasti, koje su se borile za civilna prava, slobodu govora i demokraciju u velikim ratovima prošlog stoljeća, da danas, prvi puta u ljudskoj povijesti, imamo tehničku mogućnost zaštititi milijarde ljudi diljem svijeta koju nikada prije nismo imali. Ovo bi nas trebalo inspirirati.
(Applause)
(Pljesak)