The Challenge of Using Big Data to Help Achieve the SDGs

9

October

2020

No ratings yet.

According to the United Nations, Big Data has plays an essential role in both better measuring the progress on the Sustainable Development Goals, as well as the achievement of the goals.

In the private sector, big data analysis is commonplace. Services are being personalised with the help of big data, consumer profiling is largely possible due to big data analytics and big data plays a crucial role in advertising and making predictions in the financial sector. Organisations use this data for internal value creation.

Similar techniques could be used to target aid interventions to vulnerable groups based on insights into people’s wellbeing.

One way to do this is by establishing public-private partnerships. As said in the beginning of this text, most data is collected by the private sector. It will be challenging however, to ensure that these collaborations are sustainable, especially in less developed economies. Clear frameworks and clarifications on roles and expectations on all sides should be put into place to warrant long-term sustainable partnerships.

Another necessary element for this solution to be sustainable is supervision and monitoring. This is one of the key roles of the United Nations. They have set principles and standards to facilitate collective action to enable the safe use of data. These principles mainly focus on openness and transparency to avoid unethical data use. This is important because one of the reasons some parties are hesitant to embrace big data in regards to the SDGs is because of ethical concerns. The opportunities that big data create can only be realised if the fundamental elements of human rights can be safeguarded.

Another objection is that the adoption of big data analytics could potentially cause an increase in inequality and bias. If we only focus on the data we do have, we neglect a major part of the problem. Major gaps are already present between the data we have and the data we do not have. This gap exists because many people are excluded from data and information. The most vulnerable groups are the least likely to leave digital fingerprints. The very reason behind this are the problems we are trying to solve with the SDGs in the first place: poverty, lack of technology infrastructure, lack of education, et cetera.

Data in the private sector is currently collected and analysed for corporate value creation. However, there is a great potential for society as a whole. Especially public-private sector partnerships look promising, although the barriers to the data gap need to be overcome: If Big Data is going to be used on a larger scale to help achieve the SDGs, we first need to build the required capabilities to overcome inequalities between more and less developed countries regarding access to information and data (the gap between what we know and what we don’t know).

Please rate this

China & Big Data Espionage

4

October

2020

No ratings yet.

Unit 61398 & Chinese Hacks on US Databases

The 2nd Bureau of the People’s Liberation Army’s General Staff Department 3rd Department, more informally known as Unit 61398, has a title as innocuous and soporific as the drab office building in the outskirts of Shanghai from which they operate. But dull as it may sound Unit 61398 is the elite of China’s offensive cyber forces, and the picture of the drab building which heads this post is their headquarters (Li, 2014). From there Unit 61398 has conducted some of the largest and most significant hacks on US targets yet uncovered, and their successes have enabled China to compile an enormous database on which to run their ever growing big data analytic capabilities.

While the full extent of Unit 61398’s activities are unknown, the US Government has become increasingly willing to identify China and its cyber forces as the perpetrators behind large scale data breaches affecting US companies. On 10 Februrary 2020, US Attorney General William Barr announced the indictment of four members of the Chinese military for hacking into the credit-reporting agency Equifax (Barr, 2020). In his speech announcing the indictment the Attorney General pointed the finger at China’s cyber forces for a litany of past attacks, saying:

“For years, we have witnessed China’s voracious appetite for the personal data of Americans, including the theft of personnel records from the U.S. Office of Personnel Management, the intrusion into Marriott hotels, and Anthem health insurance company, and now the wholesale theft of credit and other information from Equifax. This data has economic value, and these thefts can feed China’s development of artificial intelligence tools as well as the creation of intelligence targeting packages.” (Barr, 2020).

The attacks which AG Barr identified were all significant. The United State’s Office of Personnel Management was an often overlooked, at least from a cyber security perspective, department of the US government. But it was the repository for the personal data of some 22 million Americans who had, did or had applied to work for the US government, including the roughly 5 million Americans that held “secret” or “top secret” clearances (Sanger, 2018). Over a 15 month period between late 2013 and April 2015 the hackers stole 4.2 million personnel files, 5.6 million fingerprints and an astonishing 21.5 million SF-86 forms, a 127 page form completed by every applicant for a security clearance in the US, containing extensive personal details about the applicant’s life (Sanger, 2018).

While the OPM hack was squarely targeted at US federal employees, other hacks attributed to the Chinese military have had a broader scope. The Marriott/Starwood hack involved the loss of up to 383 million travel records from visitors of all kinds, along with 5 million passport numbers (Chen, 2019), while the Anthem Insurance attack extracted data on 80 million employees and members, including social security numbers, home addresses and income data (Chen, 2019). Other victims of Chinese attacks include United Airlines, which lost data of flight passengers and their movements, Community Health Systems, from whom records on 4.5 million of their customers was taken, and even the US Navy, which had more than 100,000 personnel files stolen by Chinese hackers (Chen, 2019).

Big Data & Espionage

While the loss of such large volumes of data is embarrassing, it is only in recent times that it has become positively concerning. The reason is that until the advent of big data analysis techniques, large databases of the kind targeted by Unit 61398 were simply too massive to mine productively. As Admiral Mike Rogers, the head of the National Security Agency between April 2014 and May 2018, explained: the sheer volume of information from the OPM hack would have overwhelmed any foreign intelligence agency and meant that the theft as a whole was of little value (Sanger, 2018).

But times have changed. The highest levels of the Chinese government have made commitments to developing China’s big data capabilities in all fields, including the military and intelligence gathering. President Xi Jinping himself articulated this policy during his report to the 19th National Congress of the Chinese Communist Party in October 2017, where he made clear that China would “…promote the deepened integration of Internet, big data, and artificial intelligence with the real economy” (Xi, 2017).

The result is that databases of the kind stolen by Unit 61398 are now of real value to the intelligence community. As Admiral Rogers put it during a panel debate in Aspen, Colorado in October 2015:

“One of the lessons from OPM for me is we need to recognize that increasingly data has a value all its own and there were people who were actively out there interested now in acquiring data, in volumes, in numbers that we didn’t see before…you combine the power of big data analytics, and the fact that today the ability to bore through huge amounts of data and find seemingly disconnected and unrelated individual data points and bring coherent meaning and insight, something that wasn’t there in the past…” (Rogers, 2015)

While the precise big data techniques used by intelligence agencies to mine stolen databases are unsurprisingly classified, the implications of some of those techniques has been hinted at. Robert Knade, the director of cybersecurity policy in the Obama White House, is reported to have said that as a result of the OPM hack, “a whole bunch of CIA case officers [could be] spending the rest of their careers riding desks”, as a result of their covers being compromised (Sanger, 2015). To similar effect, Admiral Rogers observed, “From an intelligence perspective, it gives you great insight to potentially use for counter-intelligence purposes…If I’m interested in trying to identify US persons who may be in my country – and I’m trying to figure out why they are there: Are they just tourists? Are they there for some alternative purpose? There are interesting insights from the data you take from OPM”.

By comparing stolen databases, both against each other and against publically available and other confidential sources, China has the capability not only to identify potential spies in their own country or targets for recruitment abroad, but may even be able to identify a person of interest’s family and foreign contacts, or as one China cyber expert put it, “So now the Chinese counterintelligence authorities know which American officials are meeting with which Chinese” (Nakashima, 2015). The data available from stolen databases may also provide a treasure trove of information from which intelligence agencies can put together highly targeted phishing attacks, that may in turn enable them to compromise other networks or databases (Rogers, 2015).

The use of big data by China for intelligence gathering purposes remains an ongoing concern. President Trump’s demands that TikTok find a US owner or face sanctions on national security grounds over concerns that the app collects data on US citizens’ which is ultimately available to the Chinese government, is but the latest in what will inevitably be a continuing conflict over proprietary databases containing valuable personal information. While the classified nature of intelligence agency operations means that the commercial sector will not immediately, if ever, benefit from the techniques now being used by intelligence agencies to mine and analyse the data sets they have obtained; the knowledge that databases are a valuable target for foreign militaries and intelligence agencies should serve as a yet further spur to action by the commercial sector to appropriately secure and protect their networks and data, as well as providing possible hints at future directions of research for those of us interested in big data applications.

References
Barr, W. (2020). Attorney General William P. Barr Announces Indictment of Four Members of China’s Military for Hacking into Equifax. Available at: https://www.justice.gov/opa/speech/attorney-general-william-p-barr-announces-indictment-four-members-china-s-military. [Accessed 4 Oct. 2020].
Chen, M. S. (2019). ‘China’s Data Collection on US Citizens: Implications, Risks, and Solutions’. Journal of Sciency Policy & Governance, 15(1), 3.
Li, Z. (2014). What we know about the Chinese army’s alleged cyber spying unit. CNN. Available at: https://edition.cnn.com/2014/05/20/world/asia/china-unit-61398/index.html [Accessed 4 Oct. 2020].
Nakashima, E. (2015). With a series of major hacks, China builds a database on Americans. The Washington Post. Available at: https://www.washingtonpost.com/world/national-security/in-a-series-of-hacks-china-appears-to-building-a-database-on-americans/2015/06/05/d2af51fa-0ba3-11e5-95fd-d580f1c5d44e_story.html [Accessed 4 Oct 2020].
Rogers, M. (2015). Beyond the build: leveraging the cyber mission force. Aspen: The Aspen Institute, pp. 12-13. Available at: https://silo.tips/download/the-aspen-institute-beyond-the-build-leveraging-the-cyber-mission-force-aspen-co [Accessed Oct 4 2020].
Sanger, D. E. (2018). The Perfect Weapon, 1st ed. London: Crown, pp. 113-114.
Xi, J. (2017). Full Text of Xi Jinping’s Report at the 19th CPC National Congress,” Xinhua, November 3, 2017. Available at: http://www.xinhuanet.com/english/special/2017-11/03/c_136725942.htm [Accessed Oct 4. 2020].

Please rate this