Encryption backdoors will increase the risk of nation-state attacks

Encryption backdoors will increase the risk of nation-state attacks

Encryption backdoors will increase the risk of nation-state attacks

Nearly three in four IT security professionals believe that forcing organisations to create encryption backdoors to sensitive data could place nations at greater risk of suffering nation-state attacks.

In December last year, the Australian parliament passed a bill that authorised law enforcement agencies to compel messaging services such as WhatsApp to give them access to encrypted communications of individuals involved in terrorism and organised crime.

The new Australian law, called The Assistance and Access Bill, empowered law enforcement agencies to issue “technical capability notices”, using which they can obtain encrypted communications from popular apps such as WhatsApp, Telegram, and Signal.

In the United States, the FBI has also pushed for the creation of encryption backdoors, stating that doing do will enable the agency to better deal with cases involving terrorism, child exploitation, organised crime and trafficking.

While addressing a gathering at the International Conference on Cyber Security in New York last year, FBI Director Christopher Wray said that mobile phone companies must create encryption backdoors that only authorities will be able to exploit, thereby ensuring that such backdoors will stay out of reach of cyber criminals and enemy states.

“Being unable to access those devices is a major public safety issue and impacts our investigations across the board. This problem will require a thoughtful and sensible approach. We have people devoted to working with stakeholders to find a way forward. We need the private sector’s help,” he said.

Encryption backdoors creating new risks for nations

However, unlike investigative agencies, a majority of IT security professionals at private organisations share the opinion that instead of securing nations, encryption backdoors will, in fact, put their countries at greater risk of nation-state attacks.

In a recent survey carried out by Venafi, 73% of IT security professionals said that countries with government-mandated encryption backdoors are more susceptible to nation-state attacks. While 75% of them said governments should not be able to force technology companies to grant access to encrypted user data, 69% said countries with government-mandated encryption backdoors suffer economic disadvantages in the global marketplace.

“This is a tense moment for industry professionals because they know backdoors make our critical infrastructure more vulnerable. This is not rocket science; backdoors inevitably create vulnerabilities that can be exploited by malicious actors,” said Kevin Bocek, vice president of security strategy and threat intelligence at Venafi.

“Last December, Australia’s parliament passed legislation requiring tech businesses to create encryption backdoors within their products. We know that attackers don’t abide by restrictions; they don’t follow the rules or buy products in controlled markets. Countries that enact these near-sighted restrictions harm law abiding businesses and court economic damage as well as intrusions focused on sovereign government processes,” he added.

In May last year, a survey carried out by Venafi also revealed that due to recent geopolitical changes, 64% of IT security professionals had increased their personal encryption usage, compared to just 45% who did so in the previous year.

“We’re entering a world where machines process and conduct transactions autonomously. As a result, it will be incredibly important to preserve privacy with the use of strong encryption. Despite the challenges this poses, it’s excellent news that more than half of these security professionals use encryption to protect their personal privacy,” said Bocek.

ALSO READ: Government v Tech: The question of encryption is a battle to infinity

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]