Tracking Islamic State Impeded By Encryption

Islamic State is "very security-conscious" and a prolific user of strong encryption technology, posing a major challenge as the US works to uncover and disrupt plots by the terrorist group, Director of National Intelligence James Clapper said.

Clapper said the group uses end-to-end encryption, which refers to messaging applications or other services that secure communications when they are sent and received with scrambled code that can be unlocked only with a special key.

"ISIL is the most sophisticated, by far, user of the Internet and the technologies that are available privately to ensure end-to-end encryption," Clapper, using an acronym for the group, told reporters recently at an event in Washington hosted by the Christian Science Monitor. "That is a major inhibitor to discerning plotting going on principally by ISIL, or others."

The increasing availability of strong encryption has stoked a fierce debate inside the US, pitting officials and agencies responsible for security against technology companies such as Apple Inc. that view the technology as essential to helping their customers and users secure personal and business information.

Find a Balance

Clapper said he supports strong encryption but that he and other US officials are trying to "thread the needle so that we ensure privacy and security." He declined to say whether the Obama administration would support draft legislation in the Senate that would require companies to comply with court orders giving law enforcement agencies access to data by releasing it from encryption.

"Somehow we need to find a balance here," Clapper said. "I don’t know the technicalities of how we might arrive there."

Apple, Google and other companies began offering more and stronger encryption after former US contractor Edward Snowden exposed extensive government spying.

Snowden Impact

The National Security Agency estimates that the Snowden revelations pushed the development and adoption of commercial encryption technology forward by seven years, Clapper said. It was the first time a US official offered such a calculation.

"It has had, and is having, a profound effect on our ability to collect, particularly against terrorists," Clapper said. "From our standpoint, it’s not a good thing."

The FBI served Apple with a court order in February compelling the company to help break into an encrypted iPhone used by Syed Rizwan Farook, who with his wife carried out the deadly December attack in San Bernardino, California. Apple resisted and the FBI dropped the case last month after saying it bought a tool from a private organization it hasn’t identified to break into the phone.

Clapper declined to comment on how the FBI got into the phone. The FBI has said an entity it hasn’t identified helped it hack into the phone, and agency Director James Comey suggested last week that it paid more than $1.3 million for the hacking tool that won’t work on newer phones.
Information-Management: http://bit.ly/1US00Qf

 

 

« SpyEye Masterminds Begin 24 Year Sentence
Hit By DDoS? You Will Be Hit Again… »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

LRQA

LRQA

LRQA are a leading global assurance provider, bringing together unrivalled expertise in certification, brand assurance, cybersecurity, inspection and training.

Paramount Computer Systems

Paramount Computer Systems

Paramount is a regional leader in the Middle East for cybersecurity solutions and consulting services.

Codified Security

Codified Security

Codified is a testing platform for mobile application software. We make it easier than ever for companies to detect and fix security vulnerabilities and ensure their applications are compliant.

Highland Capital Partners

Highland Capital Partners

Highland Capital Partners is an early stage venture capital firm focused on category-defining businesses in consumer and enterprise technology, including cybersecurity.

ADGS

ADGS

ADGS is a deeptech company focused in the fields of Agent-Based simulations (Emergent Behavior), Cybersecurity and Biometrics, Social Dynamics, Natural Language Processing and Artificial Intelligence.

Titan Labs

Titan Labs

Titan Labs is a Cyber Security Consultancy that provides advice and technical expertise to government, international finance and telecommunications providers.

Security & Intelligence Division (SID) - Singapore

Security & Intelligence Division (SID) - Singapore

Security & Intelligence Division (SID) protects Singapore from external threats and safeguards its interests in areas related to terrorism, cyber security, other transnational threats, and geopolitics

SandboxAQ

SandboxAQ

SandboxAQ is an enterprise SaaS company combining AI + Quantum tech to solve hard problems impacting society.

Edgio

Edgio

Edgio provides unmatched speed, security, and simplicity at the edge through globally-scaled media and applications platforms.

Bastion Networks

Bastion Networks

Bastion are a security-focussed managed solution provider and consultancy. We work with advanced cyber security vendors to produce managed security solutions to protect from online threats.

The Purple Guys

The Purple Guys

The Purple Guys offer Trouble-Free IT Support to businesses across the Central and Southern US. Safe and Secure, Rapid Response, Friendly Support that’s our Purple Promise.

SecurWeave

SecurWeave

SecurWeave's Configurable Hardware Enforced Safety and Security (CHESS) platform has been designed to meet the security and safety criticality needs of the evolving digital industry.

Information Security Society of Africa – Nigeria (ISSAN)

Information Security Society of Africa – Nigeria (ISSAN)

The Information Security Society of Africa – Nigeria (ISSAN) is a not-for-profit organization dedicated to the protection of Nigeria’s cyberspace.

Cybersecurity Elastic Laboratory (CEL)

Cybersecurity Elastic Laboratory (CEL)

CEL specialize in providing top-tier services in vulnerability diagnosis and penetration testing, offering a comprehensive suite of solutions to mitigate cyber risks.

Vortacity Cyber

Vortacity Cyber

Vortacity is a boutique cybersecurity provider specializing in associations, nonprofits, and mission-based organizations.

Nordic Defender

Nordic Defender

Nordic Defender is the first crowd-powered modern cybersecurity solution provider in the Nordic region.