German Police To Hack Suspect Devices

German police are set to make use of new laws to hack the devices of criminal suspects in order to monitor communications, bypassing the need to force tech companies to provide encryption backdoors.

Local media reports referencing Interior Ministry documents claimed that law enforcers will be able to make use of new Remote Communication Interception Software (RCIS) to target Android, iOS and BlackBerry mobiles.

The idea is to hack into suspects’ devices in order to read communications at source. This would seem to be a neat way of monitoring targets without the need to engage with providers of services like WhatsApp, iMessage and Telegram.

Tech companies including Facebook and Apple have been steadfast in refusing to engineer backdoors for law enforcers, arguing that it would undermine security for millions of innocent users and businesses. As most are based in the US, it’s unlikely that the German government alone could do anything about it.

That’s why they’re working to install backdoors on targeted devices themselves.

Tom Van de Wiele, principal security consultant at F-Secure, railed against misleading media reports claiming the encrypted messages themselves on platforms like WhatsApp could be hacked by police.
“The police are installing backdoors on suspect phones using phishing or other ways, as well as they should if they want to catch someone committing a crime or with ample evidence that that person requires further investigation,” he said. “If you control the phone then of course you control what was received and what is being sent from the phone, encrypted or not.”
The German parliament recently passed a new law expanding the power of the police to hack devices belonging to all criminal suspects and not just terror suspects.

This is in stark contrast to the situation in the UK, where the new Investigatory Powers Act grants police the power to hack devices irrespective of suspicion of criminal activity.
However, activists in Germany are still worried about the move, especially as the authorities have been revealed to have bought surveillance software from infamous provider FinFisher, as a back-up in case their own RICS 2.0 tools are leaked or get compromised.

By using third party provider tools, governments could skirt legal restrictions on what they can and can’t do, according to Deutsche Welle.

The European Commission claimed back in March that it was planning to give tech communications providers “three or four options” forcing them to make the communications of suspects available to police, ranging from voluntary measures to legislation.

In related news, rights groups have this month signed a joint open letter to EU member states urging more to be done to reform EU rules governing the export of surveillance equipment. It claimed over 330 export license applications for such technology have been made to 17 EU authorities since 2014; with 317 granted and only 14 rejected.

Infosecurity:

You Might Also Read:

Germany Gets Tough On Social Media:

Security & Encryption After Edward Snowden:

Is Apple Right To Resist The FBI?:

 

« Who Are The Shadow Brokers?
Using AI In Business Intelligence »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Berkman Klein Center for Internet & Society

Berkman Klein Center for Internet & Society

The Berkman Klein Center for Internet & Society is a research center at Harvard University that focuses on the study of cyberspace.

Cigniti Technologies

Cigniti Technologies

Cigniti Technologies provides Independent Software Testing (IST) Services including software security testing.

Perspective Risk

Perspective Risk

Perspective Risk provides penetration testing, security assessments, risk management & compliance solutions, InfoSec training and consultancy services.

Government CSIRT - Chile

Government CSIRT - Chile

Government CSIRT is the Computer Security Incident Response Team for State networks and government cyberspace in Chile.

National Forensic Sciences University (NFSU)

National Forensic Sciences University (NFSU)

National Forensic Sciences University is the world’s first and only University dedicated to Digital Forensic and allied Sciences.

XM Cyber

XM Cyber

XM Cyber provides the first fully automated breach and attack simulation (BAS) platform to continuously expose attack vectors.

CultureAI

CultureAI

CultureAI deliver intelligent cyber security awareness education and tools that build resilient security cultures where employees help defend.

Leadcomm

Leadcomm

Leadcomm is a Brazilian company focused on the distribution and integration of IT systems and security solutions for large companies.

IoT M2M Council (IMC)

IoT M2M Council (IMC)

The IMC is the largest and fastest-growing trade organisation in the IoT/M2M sector.

Macquarie Telecom Group

Macquarie Telecom Group

Macquarie Telecom is Australia's datacentre, cloud, cyber security and telecom company for mid-large business and government customers.

Nu Quantum

Nu Quantum

Nu Quantum is developing quantum photonics hardware to power the quantum revolution in communications, sensing and computing.

Gordian Networks

Gordian Networks

Gordian Networks offers complete managed IT services and IT support for small to large businesses.

Octo

Octo

Octo provides state-of-the-art cyber solutions so your organization can proactively defend itself from threats.

Futurae Technologies

Futurae Technologies

Futurae - enabling trust and invisible security for your users on all devices and applications. Strong customer authentication (SCA) made easy.

Information & Communications Technology Association of Jordan (int@j)

Information & Communications Technology Association of Jordan (int@j)

The Information & Communications Technology Association of Jordan is a membership based ICT and IT Enabled Services (ITES) industry advocacy, support and networking association.

Tego Cyber

Tego Cyber

Tego Cyber delivers a state-of-the-art threat intelligence platform that helps enterprises deploy the proper resolution to an identified threat before the enterprise is compromised.