IS uses Encrypted Apps says FBI Chief

hqdefault.jpg

Wickr App Seeks To Outsmart FBI With Peer-To-Peer Encryption

FBI Director James Comey told US lawmakers recently that law enforcement agents are unable to access encrypted platforms, that are being used by Islamic State to recruit lone-wolf terrorists.
“This is not your grandfather’s al-Qaeda,” Comey told lawmakers during a Senate hearing. He said Islamic State is reaching out to 21,000 English-speaking followers on Twitter and other social-media networks and then directing them to encrypted messaging applications that his agency can’t access.

Companies such as Apple Inc. and Google Inc. are using harder-to-crack encryption in smartphones to protect user data and privacy, but the tools are also impeding criminal and law enforcement investigations into terrorists, Comey told the Senate Judiciary Committee.
“We’re not seeking special law enforcement access to any information,” Deputy Attorney General Sally Quillian Yates testified. While the government already has the legal authority to obtain electronic information using court warrants, some encryption technology can make data available only to the user. Yates said that the government wants companies to retain some capability to access encrypted data of users.

In a Senate intelligence committee hearing later, Senator Dianne Feinstein, a California Democrat, suggested that legislation could compel technology companies that don’t voluntarily keep a key to customers’ encrypted data.
Technology companies are working to block federal efforts to deliberately weaken encryption -- a method of scrambling data so it’s only accessible with a special key -- that protects e-mails, social media posts, instant messages and text messages.
They say revelations of government spying in documents leaked by former US contractor Edward Snowden have eroded consumer confidence in the security of their products and will cost more than $35 billion in lost sales and contracts by 2016, according to a report by the Information Technology and Innovation Foundation.

Under the Obama administration, the Federal Bureau of Investigation and the National Security Agency have called for government access to encrypted communications. Yates said Wednesday that the government doesn’t want the technology industry to build defects or “backdoors” into products to allow law enforcement access.

Comey also testified before the Senate intelligence committee and said that ramping up encryption technology comes at the expense of public safety. Law enforcement can access online communications with a warrant. “We cannot break strong encryption,” Comey said. It’s like trying to find a needle in a haystack, he said, but “the needle at that point goes invisible.”
In another analogy, Comey compared law enforcement’s struggle to access encrypted information to a safe or closet that can’t be broken into. This makes it particularly difficult for the agency to intercept communications between Islamic State and Americans vulnerable to recruitment.

A group of code specialists in a paper recently released argued that allowing law enforcement access to encrypted communications would compromise data security. “These proposals are unworkable in practice, raise enormous legal and ethical questions, and would undo progress on security at a time when Internet vulnerabilities are causing extreme economic harm,” the group wrote.

Several technology companies, including Apple and Google, have beefed up encryption on smartphones to protect users’ data and ensure privacy.

Info-management: http://bit.ly/1e2hkiC

 

 

« IBM Unveils Most Powerful Chip Ever Created
Adobe Tackles New Flash Threat After Hacker Team Leak »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Brinqa

Brinqa

Brinqa is a leading provider of unified risk management and security analytics.to manage IT governance and technology risk.

Korea Internet & Security Agency (KISA)

Korea Internet & Security Agency (KISA)

KISA is committed to improving the competitiveness, reliability and security of Internet information and knowledge in Korea.

Iceberg

Iceberg

Since 2016, Iceberg has redefined how businesses approach hiring in the Cybersecurity and eDiscovery space.

Saviynt

Saviynt

Saviynt is a leading provider of Cloud Security and Identity Governance solutions.

VigiTrust

VigiTrust

VigiTrust is a security firm specializing in cloud based eLearning programs, security compliance portals and providing security assessments.

CSIRT GOV - Poland

CSIRT GOV - Poland

Computer Security Incident Response Team CSIRT GOV, run by the Head of the Internal Security Agency, acts as the national CSIRT responsible for coordinating the response to computer incidents.

Information & eGovernment Authority (iGA) - Bahrain

Information & eGovernment Authority (iGA) - Bahrain

The Information & eGovernment Authority facilitates many services catering to different parts of the community within the IT sector in Bahrain including information security.

FutureCon Events

FutureCon Events

FutureCon produces cutting edge events aimed for Senior Level Professionals working in the security community, bringing together the best minds in the industry for a unique cybersecurity event.

WiebeTech

WiebeTech

WiebeTech’s line of digital forensics tools provide innovative and rugged devices for efficient disk imaging and evidence capture.

Commonwealth Scientific & Industrial Research Organisation (CSIRO)

Commonwealth Scientific & Industrial Research Organisation (CSIRO)

CSIRO is Australia's national science agency. We solve the greatest challenges through innovative science and technology.

WPScan

WPScan

With WPScan, you'll be the first to know about vulnerabilities affecting your WordPress installation, plugins, and themes.

JLS Technology

JLS Technology

Since 2007, JLS Tech has been recognized as one of the world’s most innovative cybersecurity and technology operations leaders.

Keyrus

Keyrus

Keyrus is a global consultancy that develops data and digital solutions for performance management.

Virtual IT Group (VITG)

Virtual IT Group (VITG)

VITG is a cyber security-focused Managed Service Provider (MSP).

ITButler e-Services

ITButler e-Services

At IT Butler, our mission is crystal clear: we are dedicated to providing top-tier cybersecurity solutions and best-practice methodologies to secure and enhance your digital infrastructure’s resilienc

New Relic

New Relic

After inventing application performance monitoring (APM), New Relic stands at the forefront of observability with the most advanced platform for eliminating digital interruptions.