Tracking Islamic State Impeded By Encryption

Uploaded on 2016-05-11 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

Islamic State is "very security-conscious" and a prolific user of strong encryption technology, posing a major challenge as the US works to uncover and disrupt plots by the terrorist group, Director of National Intelligence James Clapper said.

Clapper said the group uses end-to-end encryption, which refers to messaging applications or other services that secure communications when they are sent and received with scrambled code that can be unlocked only with a special key.

"ISIL is the most sophisticated, by far, user of the Internet and the technologies that are available privately to ensure end-to-end encryption," Clapper, using an acronym for the group, told reporters recently at an event in Washington hosted by the Christian Science Monitor. "That is a major inhibitor to discerning plotting going on principally by ISIL, or others."

The increasing availability of strong encryption has stoked a fierce debate inside the US, pitting officials and agencies responsible for security against technology companies such as Apple Inc. that view the technology as essential to helping their customers and users secure personal and business information.

Find a Balance

Clapper said he supports strong encryption but that he and other US officials are trying to "thread the needle so that we ensure privacy and security." He declined to say whether the Obama administration would support draft legislation in the Senate that would require companies to comply with court orders giving law enforcement agencies access to data by releasing it from encryption.

"Somehow we need to find a balance here," Clapper said. "I don’t know the technicalities of how we might arrive there."

Apple, Google and other companies began offering more and stronger encryption after former US contractor Edward Snowden exposed extensive government spying.

Snowden Impact

The National Security Agency estimates that the Snowden revelations pushed the development and adoption of commercial encryption technology forward by seven years, Clapper said. It was the first time a US official offered such a calculation.

"It has had, and is having, a profound effect on our ability to collect, particularly against terrorists," Clapper said. "From our standpoint, it’s not a good thing."

The FBI served Apple with a court order in February compelling the company to help break into an encrypted iPhone used by Syed Rizwan Farook, who with his wife carried out the deadly December attack in San Bernardino, California. Apple resisted and the FBI dropped the case last month after saying it bought a tool from a private organization it hasn’t identified to break into the phone.

Clapper declined to comment on how the FBI got into the phone. The FBI has said an entity it hasn’t identified helped it hack into the phone, and agency Director James Comey suggested last week that it paid more than $1.3 million for the hacking tool that won’t work on newer phones.
Information-Management: http://bit.ly/1US00Qf

 

 

« SpyEye Masterminds Begin 24 Year Sentence
Hit By DDoS? You Will Be Hit Again… »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

European Defence Agency (EDA)

European Defence Agency (EDA)

EDAs mission is to improve European defence capabilities. Programme areas include Cyber Defence.

Titania

Titania

Titania provide network security and compliance software. Find your Network Security gaps before hackers do with our security & compliance tools.

Avanan

Avanan

Avanan is The Cloud Security Platform. Protect all your SaaS applications using tools from over 60 industry-leading vendors in just one click.

4iQ

4iQ

4iQ fuses surface, social, deep and dark web sources to research and assess risks to people, infrastructure, intellectual property and reputation.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

CERT NZ

CERT NZ

CERT NZ supports businesses, organisations and individuals affected by cyber security incidents, and provide trusted and authoritative information and advice.

Deep Mirror Automotive Cybersecurity

Deep Mirror Automotive Cybersecurity

Deep Mirror Automotive Cybersecurity make Cars & Infrastructures Cybersecure.

SpyCloud

SpyCloud

SpyCloud is a leader in account takeover (ATO) prevention, protecting billions of consumer and employee accounts either directly or through product integrations.

David Hayes-Export Controls

David Hayes-Export Controls

David Hayes-Export Controls provides assistance to companies affected by export controls or who are considering entering the market but are unsure of the commercial and regulatory implications.

SkyePoint Decisions

SkyePoint Decisions

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider.

Netography

Netography

Netography provides a scalable and reliable platform for detection & remediation of cyber threats found on your network.

ProLion

ProLion

ProLion provides Data Integrity solutions that ensure organisations’ data remains secure, compliant, manageable and accessible.

Strata Identity

Strata Identity

Strata is pioneering identity orchestration to unify on-premises and cloud-based authentication and access systems for consistent identity management in multi-cloud environments.

Microminder Cyber Security

Microminder Cyber Security

Microminder Cyber Security are innovators, advisors, strategists committed to solving your cyber security challenges.

Var Group

Var Group

Var Group is one of the main partners for innovation in the ICT sector in Italy.

rThreat

rThreat

rThreat is a cloud-based SaaS solution that challenges your cyber defenses using real-world and custom threats in a secure environment, ensuring your readiness for attacks.