German Police To Hack Suspect Devices

Uploaded on 2017-08-16 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

German police are set to make use of new laws to hack the devices of criminal suspects in order to monitor communications, bypassing the need to force tech companies to provide encryption backdoors.

Local media reports referencing Interior Ministry documents claimed that law enforcers will be able to make use of new Remote Communication Interception Software (RCIS) to target Android, iOS and BlackBerry mobiles.

The idea is to hack into suspects’ devices in order to read communications at source. This would seem to be a neat way of monitoring targets without the need to engage with providers of services like WhatsApp, iMessage and Telegram.

Tech companies including Facebook and Apple have been steadfast in refusing to engineer backdoors for law enforcers, arguing that it would undermine security for millions of innocent users and businesses. As most are based in the US, it’s unlikely that the German government alone could do anything about it.

That’s why they’re working to install backdoors on targeted devices themselves.

Tom Van de Wiele, principal security consultant at F-Secure, railed against misleading media reports claiming the encrypted messages themselves on platforms like WhatsApp could be hacked by police.
“The police are installing backdoors on suspect phones using phishing or other ways, as well as they should if they want to catch someone committing a crime or with ample evidence that that person requires further investigation,” he said. “If you control the phone then of course you control what was received and what is being sent from the phone, encrypted or not.”
The German parliament recently passed a new law expanding the power of the police to hack devices belonging to all criminal suspects and not just terror suspects.

This is in stark contrast to the situation in the UK, where the new Investigatory Powers Act grants police the power to hack devices irrespective of suspicion of criminal activity.
However, activists in Germany are still worried about the move, especially as the authorities have been revealed to have bought surveillance software from infamous provider FinFisher, as a back-up in case their own RICS 2.0 tools are leaked or get compromised.

By using third party provider tools, governments could skirt legal restrictions on what they can and can’t do, according to Deutsche Welle.

The European Commission claimed back in March that it was planning to give tech communications providers “three or four options” forcing them to make the communications of suspects available to police, ranging from voluntary measures to legislation.

In related news, rights groups have this month signed a joint open letter to EU member states urging more to be done to reform EU rules governing the export of surveillance equipment. It claimed over 330 export license applications for such technology have been made to 17 EU authorities since 2014; with 317 granted and only 14 rejected.

Infosecurity:

You Might Also Read:

Germany Gets Tough On Social Media:

Security & Encryption After Edward Snowden:

Is Apple Right To Resist The FBI?:

 

« Who Are The Shadow Brokers?
Using AI In Business Intelligence »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Prolinx

Prolinx

Prolinx provide secure Data Centre hosting services and other fully managed security services for networks and information systems.

National Cyber Security Centre (CNCS) - Portugal

National Cyber Security Centre (CNCS) - Portugal

CNCS is the operational coordinator and Portuguese national authority in cybersecurity working with State entities, and digital service providers

Software Factory

Software Factory

Software Factory develops custom-built high-performance software solutions and products for applications including industrial cyber security.

CodeOne

CodeOne

CodeOne provides solutions for website and web app security.

CTM360

CTM360

CTM360 is a unified external security platform offering 24x7x365 Cyber Threat Management for detecting and responding to cyber threats.

Madrona Venture Group

Madrona Venture Group

Madrona Venture Group invests in seed and early-stage technology companies in areas including cybersecurity.

Smoothstack

Smoothstack

Smoothstack is a technology talent incubator whose immersive training program kick starts IT careers and delivers a fresh source of IT talent.

Computer Services Inc (CSI)

Computer Services Inc (CSI)

CSI is a leading fintech, regtech and cybersecurity solutions partner operating at the intersection of innovation and service.

HolistiCyber

HolistiCyber

HolistiCyber provide state-of-the art consulting, services, and solutions to help proactively and holistically defend against a new era of constantly evolving cyber threats.

eaziSecurity

eaziSecurity

eaziSecurity has built an eco-system of technology and services that bring enterprise scale security solutions to the SME marketplace.

HiSolutions

HiSolutions

HiSolutions is a renowned consulting firms for IT governance, risk & compliance in Germany, combining highly specialized know-how in the field with profound process competence.

Solcon Capital

Solcon Capital

Solcon Capital is a forward-looking, technology-focused investment firm that is committed to identifying and investing in the most promising areas of innovation and development in the tech industry.

Nukke

Nukke

Nukke offers advanced cybersecurity software and tailored solutions for your business.

Geobridge

Geobridge

Geobridge was one of the first information security solutions providers to support cryptography and payment applications for payment processors, financial institutions and retail organizations.

WillCo Tech

WillCo Tech

WillCo Tech works to enhance national security and force readiness for military and commercial enterprises with a suite of software capabilities surrounding the human element of cybersecurity.

Pontiro

Pontiro

At Pontiro, we are enabling a new era of data-sharing. Bridging the gap between protected data and valuable insights through the use of cutting edge Homomorphic Encryption.