Tracking Islamic State Impeded By Encryption

Islamic State is "very security-conscious" and a prolific user of strong encryption technology, posing a major challenge as the US works to uncover and disrupt plots by the terrorist group, Director of National Intelligence James Clapper said.

Clapper said the group uses end-to-end encryption, which refers to messaging applications or other services that secure communications when they are sent and received with scrambled code that can be unlocked only with a special key.

"ISIL is the most sophisticated, by far, user of the Internet and the technologies that are available privately to ensure end-to-end encryption," Clapper, using an acronym for the group, told reporters recently at an event in Washington hosted by the Christian Science Monitor. "That is a major inhibitor to discerning plotting going on principally by ISIL, or others."

The increasing availability of strong encryption has stoked a fierce debate inside the US, pitting officials and agencies responsible for security against technology companies such as Apple Inc. that view the technology as essential to helping their customers and users secure personal and business information.

Find a Balance

Clapper said he supports strong encryption but that he and other US officials are trying to "thread the needle so that we ensure privacy and security." He declined to say whether the Obama administration would support draft legislation in the Senate that would require companies to comply with court orders giving law enforcement agencies access to data by releasing it from encryption.

"Somehow we need to find a balance here," Clapper said. "I don’t know the technicalities of how we might arrive there."

Apple, Google and other companies began offering more and stronger encryption after former US contractor Edward Snowden exposed extensive government spying.

Snowden Impact

The National Security Agency estimates that the Snowden revelations pushed the development and adoption of commercial encryption technology forward by seven years, Clapper said. It was the first time a US official offered such a calculation.

"It has had, and is having, a profound effect on our ability to collect, particularly against terrorists," Clapper said. "From our standpoint, it’s not a good thing."

The FBI served Apple with a court order in February compelling the company to help break into an encrypted iPhone used by Syed Rizwan Farook, who with his wife carried out the deadly December attack in San Bernardino, California. Apple resisted and the FBI dropped the case last month after saying it bought a tool from a private organization it hasn’t identified to break into the phone.

Clapper declined to comment on how the FBI got into the phone. The FBI has said an entity it hasn’t identified helped it hack into the phone, and agency Director James Comey suggested last week that it paid more than $1.3 million for the hacking tool that won’t work on newer phones.
Information-Management: http://bit.ly/1US00Qf

 

 

« SpyEye Masterminds Begin 24 Year Sentence
Hit By DDoS? You Will Be Hit Again… »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ACIS Professional Center

ACIS Professional Center

ACIS provides training and consulting services in the area of information technology, cybersecurity, IT Governance, IT Service management, information security and business continuity management.

Panda Security

Panda Security

Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions.

Logicalis

Logicalis

Logicalis are a leading provider of global IT solutions and managed services.

Identiv

Identiv

Identiv is a global security technology company that establishes trust in the connected world, including premises, information and everyday items.

Secusmart

Secusmart

Secusmart provide highly secure and encrypted speech and data communication solutions.

SISA

SISA

SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive and corrective cybersecurity solutions.

Data Shepherd

Data Shepherd

Data Shepherds primary focus is to protect your business. We achieve this by offering extensive and unique expertise in innovative IT and Cyber security solutions.

Centurion Information Security

Centurion Information Security

Centurion Information Security is a consulting firm based in Singapore that specialises in penetration testing and security assessment services.

Emsisoft

Emsisoft

Emsisoft protects your devices against all types of malware, ransomware and other threats with no-bloat anti-malware & antivirus solutions.

SafeLogic

SafeLogic

SafeLogic provides strong encryption products for solutions in mobile, server, Cloud, appliance, wearable, and IoT environments that are pursuing compliance to strict regulatory requirements.

Secberus

Secberus

SECBERUS creates cloud security technology to help organizations stay secure & compliant in the public cloud.

Outsource Group

Outsource Group

Outsource Group is an award winning Cyber Security and IT Managed Services group working with a range of SME/Enterprise customers across the UK, Ireland and internationally.

Palitronica

Palitronica

Palitronica build cutting-edge hardware and breakthrough software that revolutionizes how we defend critical infrastructure and key resources.

ViewDS Identity Solutions

ViewDS Identity Solutions

ViewDS Identity Solutions develops innovative identity software including cloud identity management solutions, directory services, access and authorization management solutions.

Azerbaijan Cybersecurity Center (ACC)

Azerbaijan Cybersecurity Center (ACC)

Azerbaijan Cybersecurity Center is a state-of-the-art facility to deliver advanced cyber training programs and build the next generation of Azerbaijan’s cybersecurity professionals.

Ultima

Ultima

Ultima are on a mission to help businesses unlock their true potential by using the right IT to protect your company’s revenue and reputation – 24/7.