Crypto Wars: Encryption is a Double-edged Sword
Earlier last month, conflict between the US administration and technology companies were locked in a debate on whether companies like Google and Apple should enable users to encrypt their digital communications in such a way that not even the FBI could decrypt the information. In other words, the administration wants encryption to be more "law-enforcement friendly".
According to a judicial hearing, FBI Director James Comey stated that while encryption benefits the digital lives of users and supports the fundamental rights of people, companies who “do not retain access” to consumers’ information can endanger lives by preventing investigative tools from following critical terrorist leads. Consequently, strong encryption methods can make investigations more difficult for law enforcement agencies because service providers don’t have access to actual communications—the lack of which could impede criminal investigations even when served with a warrant.
This matter extends to the existing and possible implementation of end-to-end user encryption, which makes it impossible to intercept digital messages. In response, leading technologists argue that the entreaty being sought by law enforcement officials is technically impractical and would expose consumers and businesses to a considerable risk of data breaches and identity theft.
The Duality of Encryption
Encryption itself is supposedly a good thing. It was developed to protect data from unauthorized access. Essentially, encryption safeguards a user’s identity and privacy. When using encryption, users can somehow rest assured that phone calls, email messages, online purchases, and other online activities are safely protected from any potential intruder.
In light of Edward Snowden’s revelations about the NSA’s unwarranted mass surveillance, the increasing need to encrypt communications and data have prompted many companies to roll out stronger end-to-end encryption methods. In the past, companies were mandated to unlock phones for law enforcement, but amid growing public concerns about government surveillance and data breaches, the companies prevented their own capacity to decrypt data stored in devices, as it weakened security.
Unfortunately, while encryption was designed for good intentions, it does have a dark side. Apart from the political issues surrounding the dilemma, cybercriminals have also used strong encryption methods to develop unbreakable crypto-ransomware variants, which they use to force victims to pay a ransom fee or lose access to their files.
This could be tricky though, as paying the ransom does not guarantee that the victim can actually recover their files, and even the use of anti-malware software to resolve a crypto-ransomware infection has proved futile.
Given the likelihood of this situation, users are encouraged to back-up their files regularly and to use proper security measures such as scrutinizing suspicious emails, and avoiding embedded links to prevent getting infected. Ultimately, user awareness could go a long way in security data and communications.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Exposed Container Registries: A Potential Vector for Supply-Chain Attacks
- LockBit, BlackCat, and Clop Prevail as Top RAAS Groups: Ransomware in 1H 2023
- Stepping Ahead of Risk: Report Trend Micro sulle minacce di cybersecurity del primo semestre 2023
- Diving Deep Into Quantum Computing: Modern Cryptography
- Uncovering Silent Threats in Azure Machine Learning Service: Part 2