IS uses Encrypted Apps says FBI Chief

Uploaded on 2015-07-21 in INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW, NEWS-Cybersecurity News

hqdefault.jpg

Wickr App Seeks To Outsmart FBI With Peer-To-Peer Encryption

FBI Director James Comey told US lawmakers recently that law enforcement agents are unable to access encrypted platforms, that are being used by Islamic State to recruit lone-wolf terrorists.
“This is not your grandfather’s al-Qaeda,” Comey told lawmakers during a Senate hearing. He said Islamic State is reaching out to 21,000 English-speaking followers on Twitter and other social-media networks and then directing them to encrypted messaging applications that his agency can’t access.

Companies such as Apple Inc. and Google Inc. are using harder-to-crack encryption in smartphones to protect user data and privacy, but the tools are also impeding criminal and law enforcement investigations into terrorists, Comey told the Senate Judiciary Committee.
“We’re not seeking special law enforcement access to any information,” Deputy Attorney General Sally Quillian Yates testified. While the government already has the legal authority to obtain electronic information using court warrants, some encryption technology can make data available only to the user. Yates said that the government wants companies to retain some capability to access encrypted data of users.

In a Senate intelligence committee hearing later, Senator Dianne Feinstein, a California Democrat, suggested that legislation could compel technology companies that don’t voluntarily keep a key to customers’ encrypted data.
Technology companies are working to block federal efforts to deliberately weaken encryption -- a method of scrambling data so it’s only accessible with a special key -- that protects e-mails, social media posts, instant messages and text messages.
They say revelations of government spying in documents leaked by former US contractor Edward Snowden have eroded consumer confidence in the security of their products and will cost more than $35 billion in lost sales and contracts by 2016, according to a report by the Information Technology and Innovation Foundation.

Under the Obama administration, the Federal Bureau of Investigation and the National Security Agency have called for government access to encrypted communications. Yates said Wednesday that the government doesn’t want the technology industry to build defects or “backdoors” into products to allow law enforcement access.

Comey also testified before the Senate intelligence committee and said that ramping up encryption technology comes at the expense of public safety. Law enforcement can access online communications with a warrant. “We cannot break strong encryption,” Comey said. It’s like trying to find a needle in a haystack, he said, but “the needle at that point goes invisible.”
In another analogy, Comey compared law enforcement’s struggle to access encrypted information to a safe or closet that can’t be broken into. This makes it particularly difficult for the agency to intercept communications between Islamic State and Americans vulnerable to recruitment.

A group of code specialists in a paper recently released argued that allowing law enforcement access to encrypted communications would compromise data security. “These proposals are unworkable in practice, raise enormous legal and ethical questions, and would undo progress on security at a time when Internet vulnerabilities are causing extreme economic harm,” the group wrote.

Several technology companies, including Apple and Google, have beefed up encryption on smartphones to protect users’ data and ensure privacy.

Info-management: http://bit.ly/1e2hkiC

 

 

« IBM Unveils Most Powerful Chip Ever Created
Adobe Tackles New Flash Threat After Hacker Team Leak »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Securezoo

Securezoo

Securezoo's mission is to simplify and enhance information security by providing trusted security guidance, products, and information to small and mid-sized businesses and security professionals.

Conference-Service

Conference-Service

Conference-Service provides a categorised calendar of conferences and events, including Information Security & Privacy.

ControlScan

ControlScan

ControlScan is a Managed Security Services Provider (MSSP) - our primary focus is protecting your business and securing your sensitive data.

Intrasoft International

Intrasoft International

Intrasoft International is a leading European IT Solutions and Services Group offering a full range of IT services including Information Security.

Cyjax

Cyjax

Cyjax monitors the Internet to identify the digital risks to your organisation, including cyber threats, reputational risks and the Darknet.

CRI4DATA

CRI4DATA

CRI4DATA's mission is to help organizations build their resilience to cyber risk.

DarkLight

DarkLight

DarkLight Cyio is an AI-powered cyber risk solution that applies real-time threat intelligence and business context to risk prioritization.

Futurae Technologies

Futurae Technologies

Futurae - enabling trust and invisible security for your users on all devices and applications. Strong customer authentication (SCA) made easy.

Alacrinet

Alacrinet

Alacrinet is an IT and cyber security consultancy. From penetration testing to fully managed MSSP, our team is focused on knowing the latest threats, preventing vulnerabilities, and providing value.

Limes Security

Limes Security

Limes Security GmbH is the leading OT Security expert in the German-speaking region of Europe.

U2opia Technology

U2opia Technology

U2opia is a consortium with a proven track record of delivering groundbreaking technology, cybersecurity, and innovative business solutions.

Effectiv

Effectiv

Effectiv is a real-time fraud & risk management platform for Financial Institutions and Fintechs.

Silobreaker

Silobreaker

Silobreaker is a SaaS platform that enables threat intelligence teams to produce high-quality and relevant intelligence at a faster pace.

PlanNet 21 Communications

PlanNet 21 Communications

PlanNet 21 Communications is Ireland most specialised technology solution provider.

Kaine Mathrick Tech (KMT)

Kaine Mathrick Tech (KMT)

KMT deliver comprehensive cyber-first outsourced technology support and solutions that scale with your business.

Syteca

Syteca

Syteca is specifically designed to secure organizations against threats caused by insiders. It provides full visibility and control over internal risks.