IS uses Encrypted Apps says FBI Chief

Uploaded on 2015-07-21 in INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW, NEWS-Cybersecurity News

hqdefault.jpg

Wickr App Seeks To Outsmart FBI With Peer-To-Peer Encryption

FBI Director James Comey told US lawmakers recently that law enforcement agents are unable to access encrypted platforms, that are being used by Islamic State to recruit lone-wolf terrorists.
“This is not your grandfather’s al-Qaeda,” Comey told lawmakers during a Senate hearing. He said Islamic State is reaching out to 21,000 English-speaking followers on Twitter and other social-media networks and then directing them to encrypted messaging applications that his agency can’t access.

Companies such as Apple Inc. and Google Inc. are using harder-to-crack encryption in smartphones to protect user data and privacy, but the tools are also impeding criminal and law enforcement investigations into terrorists, Comey told the Senate Judiciary Committee.
“We’re not seeking special law enforcement access to any information,” Deputy Attorney General Sally Quillian Yates testified. While the government already has the legal authority to obtain electronic information using court warrants, some encryption technology can make data available only to the user. Yates said that the government wants companies to retain some capability to access encrypted data of users.

In a Senate intelligence committee hearing later, Senator Dianne Feinstein, a California Democrat, suggested that legislation could compel technology companies that don’t voluntarily keep a key to customers’ encrypted data.
Technology companies are working to block federal efforts to deliberately weaken encryption -- a method of scrambling data so it’s only accessible with a special key -- that protects e-mails, social media posts, instant messages and text messages.
They say revelations of government spying in documents leaked by former US contractor Edward Snowden have eroded consumer confidence in the security of their products and will cost more than $35 billion in lost sales and contracts by 2016, according to a report by the Information Technology and Innovation Foundation.

Under the Obama administration, the Federal Bureau of Investigation and the National Security Agency have called for government access to encrypted communications. Yates said Wednesday that the government doesn’t want the technology industry to build defects or “backdoors” into products to allow law enforcement access.

Comey also testified before the Senate intelligence committee and said that ramping up encryption technology comes at the expense of public safety. Law enforcement can access online communications with a warrant. “We cannot break strong encryption,” Comey said. It’s like trying to find a needle in a haystack, he said, but “the needle at that point goes invisible.”
In another analogy, Comey compared law enforcement’s struggle to access encrypted information to a safe or closet that can’t be broken into. This makes it particularly difficult for the agency to intercept communications between Islamic State and Americans vulnerable to recruitment.

A group of code specialists in a paper recently released argued that allowing law enforcement access to encrypted communications would compromise data security. “These proposals are unworkable in practice, raise enormous legal and ethical questions, and would undo progress on security at a time when Internet vulnerabilities are causing extreme economic harm,” the group wrote.

Several technology companies, including Apple and Google, have beefed up encryption on smartphones to protect users’ data and ensure privacy.

Info-management: http://bit.ly/1e2hkiC

 

 

« IBM Unveils Most Powerful Chip Ever Created
Adobe Tackles New Flash Threat After Hacker Team Leak »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Mielabelo

Mielabelo

Belgian consulting firm providing services in the security and compliance of information systems and IT service management.

4ARMED

4ARMED

4ARMED specializes in penetration testing, information security consultancy and security training

Tresorit

Tresorit

Tresorit helps teams to collaborate securely and easily by protecting their data with end-to-end encryption.

TrustArc

TrustArc

TrustArc provide privacy compliance and risk management with integrated technology, consulting and TRUSTe certification solutions – addressing all phases of privacy program management.

OEDIV SecuSys

OEDIV SecuSys

OEDIV SecuSys (formerly iSM Secu-Sys) develops high-quality IT software solutions, setting standards as a technology leader in the area of identity and access management.

4Stop

4Stop

4Stop is a global KYC, compliance and anti-fraud risk management company.

ThreatAware

ThreatAware

Total visibility of your business cybersecurity. Monitoring, management and compliance for your cybersecurity tools, people and processes from one easy to use dashboard.

Joint Accreditation System of Australia and New Zealand (JASANZ)

Joint Accreditation System of Australia and New Zealand (JASANZ)

JASANZ is the joint national accreditation body for Australia and New Zealand. The directory of members provides details of organisations offering certification services for ISO 27001.

Women in CyberSecurity (WiCyS)

Women in CyberSecurity (WiCyS)

Women in CyberSecurity (WiCyS) is a non-profit organization dedicated to the recruitment, retention and advancement of women in the cybersecurity field.

Toothpic

Toothpic

ToothPic has invented, designed, developed and patented a solution to enable companies to turn every smartphone into a secure key for a user-friendly online authentication.

Torq

Torq

Torq's no-code automation modernizes how security & operations teams work with easy workflow building, limitless integrations and numerous pre-built templates.

Open Quantum Safe (OQS)

Open Quantum Safe (OQS)

The Open Quantum Safe (OQS) project is an open-source project that aims to support the development and prototyping of quantum-resistant cryptography.

IONOS

IONOS

IONOS is a leading provider of cloud infrastructure, cloud services, and hosting with more than 8.5 million customers contracts.

Block Harbor Cybersecurity

Block Harbor Cybersecurity

Block Harbor has worked closely with automakers, suppliers, and regulators since 2014 on vehicle cybersecurity.

Ignite Cyber

Ignite Cyber

IGNITE Cyber is focused on enabling secure technology adoption through intelligent business decisions. We are focused on providing a secure and stable business environment for everyone.

QPoint Technologies

QPoint Technologies

QPoint provides solutions and consulting in areas including software engineering, testing, cybersecurity, ICT, web, mobile, project management, and complex integration processes.