IS uses Encrypted Apps says FBI Chief

Uploaded on 2015-07-21 in INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW, NEWS-Cybersecurity News

hqdefault.jpg

Wickr App Seeks To Outsmart FBI With Peer-To-Peer Encryption

FBI Director James Comey told US lawmakers recently that law enforcement agents are unable to access encrypted platforms, that are being used by Islamic State to recruit lone-wolf terrorists.
“This is not your grandfather’s al-Qaeda,” Comey told lawmakers during a Senate hearing. He said Islamic State is reaching out to 21,000 English-speaking followers on Twitter and other social-media networks and then directing them to encrypted messaging applications that his agency can’t access.

Companies such as Apple Inc. and Google Inc. are using harder-to-crack encryption in smartphones to protect user data and privacy, but the tools are also impeding criminal and law enforcement investigations into terrorists, Comey told the Senate Judiciary Committee.
“We’re not seeking special law enforcement access to any information,” Deputy Attorney General Sally Quillian Yates testified. While the government already has the legal authority to obtain electronic information using court warrants, some encryption technology can make data available only to the user. Yates said that the government wants companies to retain some capability to access encrypted data of users.

In a Senate intelligence committee hearing later, Senator Dianne Feinstein, a California Democrat, suggested that legislation could compel technology companies that don’t voluntarily keep a key to customers’ encrypted data.
Technology companies are working to block federal efforts to deliberately weaken encryption -- a method of scrambling data so it’s only accessible with a special key -- that protects e-mails, social media posts, instant messages and text messages.
They say revelations of government spying in documents leaked by former US contractor Edward Snowden have eroded consumer confidence in the security of their products and will cost more than $35 billion in lost sales and contracts by 2016, according to a report by the Information Technology and Innovation Foundation.

Under the Obama administration, the Federal Bureau of Investigation and the National Security Agency have called for government access to encrypted communications. Yates said Wednesday that the government doesn’t want the technology industry to build defects or “backdoors” into products to allow law enforcement access.

Comey also testified before the Senate intelligence committee and said that ramping up encryption technology comes at the expense of public safety. Law enforcement can access online communications with a warrant. “We cannot break strong encryption,” Comey said. It’s like trying to find a needle in a haystack, he said, but “the needle at that point goes invisible.”
In another analogy, Comey compared law enforcement’s struggle to access encrypted information to a safe or closet that can’t be broken into. This makes it particularly difficult for the agency to intercept communications between Islamic State and Americans vulnerable to recruitment.

A group of code specialists in a paper recently released argued that allowing law enforcement access to encrypted communications would compromise data security. “These proposals are unworkable in practice, raise enormous legal and ethical questions, and would undo progress on security at a time when Internet vulnerabilities are causing extreme economic harm,” the group wrote.

Several technology companies, including Apple and Google, have beefed up encryption on smartphones to protect users’ data and ensure privacy.

Info-management: http://bit.ly/1e2hkiC

 

 

« IBM Unveils Most Powerful Chip Ever Created
Adobe Tackles New Flash Threat After Hacker Team Leak »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Biscom

Biscom

Biscom offers solutions for secure file transfer, synchronization, file translation, and mobile devices, designed to deliver mission-critical reliability, streamline workflows and reduce costs.

CS Group

CS Group

CS Group offers a complete range of security solutions from consultancy to security maintenance and from secure infrastructure design to security governance.

Thomas Miller Specialty

Thomas Miller Specialty

Thomas Miller Specialty is a commercial Managing General Agency providing specialty risks insurance including Cyber & e-crime insurance.

Berwick Partners

Berwick Partners

Berwick Partners’ Cyber Security Practice is a leading recruiter of senior management positions in this field; we have an exceptional understanding of the constantly changing Cyber landscape.

IXDen

IXDen

IXDen provides a novel software-based approach to OT systems protection, covering Industrial IoT cybersecurity and sensor data integrity.

At-Bay

At-Bay

At-Bay offer an end-to-end solution to cyber risk with comprehensive risk assessment, a tailored cyber insurance policy and year-long, active, risk-management service.

Sequretek

Sequretek

Sequretek was formed with the aim to “Simplify Security”. We envision a future where enterprise networks are streamlined, secure and simple.

Internetwork Defense (IND)

Internetwork Defense (IND)

Internetwork Defense is a premier provider of Information Security Training and Business Consulting Services in the Mid-Atlantic region.

Alertot

Alertot

Hackers attack minutes after a new vulnerability is published. Alertot helps to decrease exposure time in organizations by notifying new issues when they are disclosed.

StateRAMP

StateRAMP

StateRAMP reduces risk from unsecure cloud solutions and protects data by providing State and local governments a standardized approach for verifying and monitoring security postures.

CyberLab

CyberLab

CyberLab (formerly Chess) is a specialist cyber security company that provides a wide range of security solutions and services.

Red Goat Cyber Security

Red Goat Cyber Security

Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff.

Zokyo

Zokyo

Zokyo is a venture studio that builds, secures, and funds legendary web3/crypto businesses.

Suffescom Solutions

Suffescom Solutions

Suffescom Solutions is a leading blockchain development company, assisting businesses in harnessing the true potential of blockchain technology.

Cycurion

Cycurion

Cycurion is a global leading provider of Network Communications and Information Technology Security Solutions.

Beround

Beround

Beround is an IT consultancy firm specialized in software testing.

RELIANOID

RELIANOID

RELIANOID is an application delivery controller and load balancing system that ensures high performance and security of IT services on a massive scale.