German Police To Hack Suspect Devices

Uploaded on 2017-08-16 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

German police are set to make use of new laws to hack the devices of criminal suspects in order to monitor communications, bypassing the need to force tech companies to provide encryption backdoors.

Local media reports referencing Interior Ministry documents claimed that law enforcers will be able to make use of new Remote Communication Interception Software (RCIS) to target Android, iOS and BlackBerry mobiles.

The idea is to hack into suspects’ devices in order to read communications at source. This would seem to be a neat way of monitoring targets without the need to engage with providers of services like WhatsApp, iMessage and Telegram.

Tech companies including Facebook and Apple have been steadfast in refusing to engineer backdoors for law enforcers, arguing that it would undermine security for millions of innocent users and businesses. As most are based in the US, it’s unlikely that the German government alone could do anything about it.

That’s why they’re working to install backdoors on targeted devices themselves.

Tom Van de Wiele, principal security consultant at F-Secure, railed against misleading media reports claiming the encrypted messages themselves on platforms like WhatsApp could be hacked by police.
“The police are installing backdoors on suspect phones using phishing or other ways, as well as they should if they want to catch someone committing a crime or with ample evidence that that person requires further investigation,” he said. “If you control the phone then of course you control what was received and what is being sent from the phone, encrypted or not.”
The German parliament recently passed a new law expanding the power of the police to hack devices belonging to all criminal suspects and not just terror suspects.

This is in stark contrast to the situation in the UK, where the new Investigatory Powers Act grants police the power to hack devices irrespective of suspicion of criminal activity.
However, activists in Germany are still worried about the move, especially as the authorities have been revealed to have bought surveillance software from infamous provider FinFisher, as a back-up in case their own RICS 2.0 tools are leaked or get compromised.

By using third party provider tools, governments could skirt legal restrictions on what they can and can’t do, according to Deutsche Welle.

The European Commission claimed back in March that it was planning to give tech communications providers “three or four options” forcing them to make the communications of suspects available to police, ranging from voluntary measures to legislation.

In related news, rights groups have this month signed a joint open letter to EU member states urging more to be done to reform EU rules governing the export of surveillance equipment. It claimed over 330 export license applications for such technology have been made to 17 EU authorities since 2014; with 317 granted and only 14 rejected.

Infosecurity:

You Might Also Read:

Germany Gets Tough On Social Media:

Security & Encryption After Edward Snowden:

Is Apple Right To Resist The FBI?:

 

« Who Are The Shadow Brokers?
Using AI In Business Intelligence »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

RioRey

RioRey

The DDoS mitigation specialist, from single server to Enterprise wide carrier level networks the RioRey Solution provides effective immediate and easy to manage protection.

AuthenTrend

AuthenTrend

AuthenTrend provide biometric authentication products to achieve high security with extreme ease-of-use for the user.

PrimeKey

PrimeKey

PrimeKey provides organisations with the ability to implement security solutions such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation.

Intelligent Business Solutions Cyprus (IBSCY)

Intelligent Business Solutions Cyprus (IBSCY)

IBSCY Ltd is a leading provider of total IT solutions and services in Cyprus specializing in the areas of cloud services and applications, systems integration, IT infrastructure and security.

APERIO

APERIO

APERIO, the global leader in industrial data integrity, helps its customers drive profitability and sustainability while mitigating risk in their industrial operations.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Critical Start

Critical Start

Critical Start provides Managed Detection and Response services, endpoint security, threat intelligence, penetration testing, risk assessments, and incident response.

StartupXseed Ventures

StartupXseed Ventures

StartupXseed Ventures is a smart capital provider for Deep Tech, B2B, Early Stage Startups. We support, NextGen Tech Entrepreneurs, who have potential to deliver the outsized growth.

VariQ

VariQ

VariQ is a premier provider of Cybersecurity, Software Development and Cloud services to federal, state, and local government.

Vantea SMART

Vantea SMART

Vantea SMART have decades of experience in cybersecurity resulting in an approach of proactive prevention - Security by Design and by Default.

Clear Skye

Clear Skye

Clear Skye, an Identity Access and Management (IAM) software company, reimagines enterprise identity access and risk management software to make a complicated problem easier to manage.

Antigen Security

Antigen Security

Antigen Security is a Digital Forensics, Incident Response and Recovery Engineering firm helping businesses and service providers prepare for, respond to, and recover from cyber threats.

Detego Global

Detego Global

Detego Global are the creators of the Detego® Unified Digital Forensics Platform, a suite of modular tools used globally by military, law enforcement and intelligence agencies, and enterprises.

Infisign

Infisign

Infisign addresses the challenges of traditional IAM systems and offers a comprehensive solution for modern identity management.

Jericho Security

Jericho Security

Jericho Security is on a mission to defend the world from the new threats of generative AI cyber attacks.

ERCOM

ERCOM

Ercom, a subsidiary of the Thales Group, is a French company known for its mobility security solutions.