The war against cybercrime is ongoing and should not be halted or terminated because cybercriminals are not on the verge of giving up any time soon. Rather, they seem to be getting tech savvier on a daily basis. (Read How Cybercriminals Use GDPR as Leverage to Extort Companies.)
Taking a look at the IC3 Complaint Statistics 2014-2018, it becomes very glaring that we are really facing a cyberwar across the globe.
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
IC3 statistics showing a significant increase in total losses during 2018 (source: FBI IC3)
Different technological and non-technological measures such as weak and strong passwords, single, double, and multi-factor authentication are being fashioned out to arrest the menace caused by hackers but due to the fact that technology itself is advancing rapidly, it will still take some level of work to be able to have full control of the situation. (Read Is Security Research Actually Helping Hackers?)
Some of the measures that have been posited to use in tackling cybercrime include:
While the zero-trust strategy is not technologically based, both VPN and blockchain are based on technology. Despite the fact that they may have their different shortcomings especially as even renowned VPN providers can have privacy issues the good news is that both have encryption as a feature.
Its rather unfortunate that despite all the effort being put in place to ensure that organizations, governments, and individuals are secured, it is the government that may be constituted a stumbling block in checkmating the activities of cybercriminals.
Get insights into data center priorities and IT trends.
Governments and law enforcement agents around the globe, especially in the Five Eyes (FVEY) intelligence alliance, are not relaxing in their efforts to ensure that there are encryption backdoors.
They claim this is necessary for the interests of national safety and security as criminals and terrorists increasingly use encrypted messages to communicate online.
The FVEY governments believe that there is a widening gap between the ability of law enforcement to lawfully access data and their ability to acquire and use the content of that data, which they term "a pressing international concern." In their opinions, this clearly demands "urgent, sustained attention and informed discussion."
Encryption is the method by which your data is converted into a secret code that conceals the information's true meaning. (Read Trusting Encryption Just Got a Lot Harder.)
It's based on the science known as cryptography. Any data that is not encrypted in computing, unencrypted data is referred to as plaintext, while the encrypted data is called ciphertext.
You make use of encryption algorithms or ciphers to encode or decode messages. If an unauthorized party manages to intercept your encrypted data, the only way such data can be meaningful to the intruder is by haphazardly guessing which cipher was used to encrypt the message and also what keys were used as variables.
The best way to crack any encryption key is a brute-force attack. For example, AES with 256-bit keys has a key length that is 256-bit.
The possible number of combinations that can be used to crack this type of encryption can keep a hacker working throughout life without success. This makes encryption a very valuable asset and security tool.
Encryption can be said to be the basic block on which information technology (IT) assets are built and without it, cybercriminals will be having a field day as things are currently. Before going through the tunnel, your data gets encrypted with a special pre-configured algorithm.
Then going out of your device, the encrypted traffic goes via the tunnel to a blockchain or VPN server. The server contacts the requested Internet resource, traffic is decrypted and reaches the resource in an unencrypted way.
The process is the same backward: your data from the website is unencrypted, then it becomes encrypted and conveyed through the tunnel to you where it is finally decrypted.
The Federal Bureau of Investigation (FBI), are brimming hell on technology companies that offer end-to-end encryption (E2EE). Their argument is that such encryption restricts law enforcement from accessing data and communications even with a warrant.
The FBI described this issue as "going dark," and the U.S. Department of Justice (DOJ) is not taking it with a pinch of salt either. The DOJ is calling for what they termed "responsible encryption" that can be unbarred by technology companies under a court order.
Taking it to the extreme, Australia enacted a law that made it compulsory for visitors to render passwords for all digital devices when before entering the country. A five-year jail term is a punishment for failure to comply.
Even when you fail to have security behind your mind, the fact that you must meet up with the worlds best standards makes it mandatory for you to encrypt your data since you must meet compliance regulations.
Quite a number of organizations and standard bodies recommend or mandate that sensitive data must be encrypted in order to prevent unauthorized third parties or hackers from accessing the data.
A case in point is that of the Payment Card Industry Data Security Standard (PCI DSS) where it is absolutely necessary that merchants must encrypt customers' payment card data when it is both stored at rest and broadcasted over unrestricted channels.
Making use of link-level encryption, you have your data encrypted data when it leaves your network, decrypted at the next link, which may be a host or a relay point, and then its re-encrypted before it is sent to the next link. You have the advantage of using a different key or even a different algorithm for data encryption by each link.
This process keeps on repeating until your data gets to its destination.
The world is talking Cloud storage and hence the encryption of data in the cloud cannot be overemphasized. Cloud storage providers are able to encrypt data using encryption algorithms and the data is then placed in cloud storage.
The fundamental difference between cloud encryption and in-house encryption is that cloud customers must take time to learn about the provider's policies and procedures for encryption and encryption key management in order to ensure that encryption is in league with the level of sensitivity of the data being stored.
With Network-level encryption you are able to apply crypto services at the network transfer layer above the data link level but below the application level. The implementation of network encryption is facilitated through Internet Protocol Security (IPsec) as a set of protocols and authentication methods developed for data protection just at the dawn of the Internet, which is a set of open Internet Engineering Task Force (IETF) standards that, when used in conjunction, design a structure for private transmission over IP systems.
This is based on the quantum mechanical properties of particles to protect data. Going by the Heisenberg uncertainty principle which posits that the two identifying properties of a particle its location and its momentum cannot be measured without changing the values of those properties, quantum cryptography is strongly positioned to ensure the security of your data.
For this reason, its practically impossible to copy any quantum-encoded data since any attempt to access the encoded data will change the data. This will raise a red flag and the authorized parties to the encryption will be notified of the attempted breach.
E2EE ensures that any data being sent between two parties cannot be viewed by an attacker who may have one way or the other intercepted the communication channel. However, the use of an encrypted communication circuit, as provided by Transport Layer Security (TLS) between web client and web server software, is not always enough to ensure E2EE.
You should ensure that the actual content you are transmitting is encrypted by client software before being passed to a web client and decrypted only by the recipient. Examples of messaging apps that provide E2EE include Facebook's WhatsApp and Open Whisper Systems' Signal.
Its also possible for Facebook Messenger users to get E2EE messaging with the Secret Conversations option.
Looking at this succinctly from all angles, what the government is trying to do maybe for the intended good of the populace with encryption backdoors will clearly and overwhelmingly jeopardize the privacy and security of everyone. They should ponder on the gravity of cybercriminals exploiting these same backdoors they are clamoring for.
Without encryption backdoors, the cybercrime situation is barely containable as it stands. What will the scenario look like if we open up our last line of defense to them?
And this is exactly what we shall obtain. The risks are of mammoth proportions.
See the article here:
Encryption Backdoors: The Achilles Heel to Cybersecurity? - Techopedia
- Zoom concedes custom encryption is substandard as Citizen Lab pokes holes in it - ZDNet - April 6th, 2020
- This startup is going back to basics to strengthen encryption - Livemint - April 6th, 2020
- Zoom's encryption has 'serious, well-known weaknesses', according to report - Android Central - April 6th, 2020
- LimeRAT malware is being spread through VelvetSweatshop Excel encryption technique - ZDNet - April 6th, 2020
- Hardware-based Full Disk Encryption Market 2019 Global Share, Trend, Segmentation and Forecast to 2025 - Science In Me - April 6th, 2020
- Encryption helps America work safely and that goes for Congress, too | TheHill - The Hill - April 6th, 2020
- Zoom admits confusion over its promise of end-to-end encryption - IT World Canada - April 6th, 2020
- Zoom Alternatives: 5 Options For People Who Care About Security And Privacy - Forbes - April 6th, 2020
- Senator Blumenthal Is Super Mad That Zoom Isn't Actually Offering The End To End Encryption His Law Will Outlaw - Techdirt - April 6th, 2020
- Another day, another couple of Zoom vulnerabilities discovered - 9to5Mac - April 6th, 2020
- Encryption Software Market Increasing Demand with Leading Player, Comprehensive Analysis and Forecast 2026 - Science In Me - April 6th, 2020
- Work from home: Videoconferencing with security in mind - We Live Security - April 6th, 2020
- Trustifi Releases Solution for Organizations to Protect Themselves Against the Explosion of Video Conferencing Cybercrime and Hacking - GlobeNewswire - April 6th, 2020
- Bill to protect children online ensnared in encryption fight | TheHill - The Hill - March 13th, 2020
- Child exploitation bill earns strong opposition from encryption advocates - Washington Examiner - March 13th, 2020
- Senators Pretend That EARN IT Act Wouldn't Be Used To Undermine Encryption; They're Wrong - Techdirt - March 13th, 2020
- Patent hints that encrypted displays could appear on future Apple devices - TechSpot - March 13th, 2020
- Senators dispute industry claims that a bill targeting tech's legal shield would prohibit encryption - CNBC - March 11th, 2020
- The EARN IT Act Is a Sneak Attack on Encryption - WIRED - March 11th, 2020
- Krk WiFi vulnerability affected WiFi encryption on over a billion devices - Privacy News Online - March 11th, 2020
- The Benefits of Encryption and the Implications of Creating Backdoors - American Action Forum - March 11th, 2020
- Big Boom in Encryption Key Management Software Market that is Significantly Growing with Top Key Players Netlib Security, Fortanix, Avery Oden, AWS -... - March 11th, 2020
- Mobile Encryption Market to Witness Robust Expansion throughout the Forecast 2020-2026: McAfee(Intel Corporation), Blackberry, T-Systems... - March 11th, 2020
- Email Encryption Market Rising Trends, Technology and Business Outlook 2020 to 2026 - Best Research Reports - March 11th, 2020
- Crypto, Encryption, and the Quest for a Secure Messaging App - Bitcoin News - March 8th, 2020
- Encryption Flaws Leave Millions of Toyota, Kia, and Hyundai Cars Vulnerable to Key Cloning - Gizmodo - March 8th, 2020
- IoT Security Solution for Encryption Market to Boom In Near Future by 2026 Industry Key Players: Cisco Systems, Intel Corporation, IBM Corporation -... - March 8th, 2020
- What are the top-rated encrypted texting apps? - Fox Business - March 8th, 2020
- Data Encryption Software Market: Future Forecast Assessed On The Basis Of How The Industry Is Predicted To Grow 2020-2025 - Bandera County Courier - March 8th, 2020
- How Encrypted Messaging Works And Why Australian Spies Are Trying To Break The Code - Gizmodo Australia - March 8th, 2020
- Why Britains new deal with Silicon Valley for stopping child abuse still has one big hole in it - Telegraph.co.uk - March 8th, 2020
- What the 2020 election means for encryption - The Verge - March 3rd, 2020
- Our guide to the 2020 election including Section 230 and encryption - The Verge - March 3rd, 2020
- Research: IT Managers Regard Encrypted Traffic as a Source of Cyberthreats, But Their Defenses Are Inadequate - Yahoo Finance - March 3rd, 2020
- Encryption Foes in Washington Won't Give Up - Reason - March 3rd, 2020
- BestCrypt by Jetico expands cross-platform protection to computers with T2 chip - Help Net Security - March 3rd, 2020
- Barr's Motives, Encryption and Protecting Children; DOJ 230 Workshop Review, Part III - Techdirt - March 3rd, 2020
- Comment: Its time for governments to learn how end-to-end encryption works - 9to5Mac - March 3rd, 2020
- Crypto AG Shows That US Concern Over Huawei Encryption Backdoors Comes From Long Experience Doing the Same Thing - CPO Magazine - March 3rd, 2020
- MI5 Still Thinks Encryption Backdoors are an Excellent Idea That Couldn't Possibly Go Wrong - Gizmodo UK - March 3rd, 2020
- Global Encryption Software Market is projected to reach a value of USD 20.44 billion by 2026 - WhaTech Technology and Markets News - March 3rd, 2020
- Exporters Should Be 'Very Careful' of Misusing New End-to-End Encryption Carve-Out in ITAR, Experts Say - Export Compliance Daily - March 3rd, 2020
- Encryption Software Market 2020 Analysis by Overview, Growth, Top Companies, Trends, Demand and Forecast to 2026 - Packaging News 24 - March 3rd, 2020
- If We Build It (They Will Break In) - Lawfare - March 3rd, 2020
- Why the US government is questioning WhatsApp's encryption - CNBC - February 25th, 2020
- No Backdoor on Human Rights: Why Encryption Cannot Be Compromised - Bitcoin News - February 25th, 2020
- Backdoor to encryption back on agenda in absurdly named bill - 9to5Mac - February 25th, 2020
- Signal is the European Union's encrypted messaging app of choice - Cult of Mac - February 25th, 2020
- cloudAshur, hands on: Encrypt, share and manage your files locally and in the cloud - ZDNet - February 25th, 2020
- ASIO: Relentless advance of technology was outstripping our capabilities - ZDNet - February 25th, 2020
- Cygilant to Highlight the Need for Encrypted Traffic Visibility at RSA Conference 2020 - Business Wire - February 25th, 2020
- Encryption Software Market 2020 Emerging Trends, Growing Demand, Leading Companies, Applications, Overview and Regional Analysis 2026 - News Times - February 25th, 2020
- US bill seen threatening encryption on tech platforms - EJ Insight - February 25th, 2020
- AES Encryption Software Market to Witness Increased Incremental Dollar Opportunity During the Forecast Period 2020 2026 | Dell, Eset, Gemalto, IBM,... - February 25th, 2020
- Malware and HTTPS a growing love affair - Naked Security - February 25th, 2020
- Hardware-based Full Disk Encryption Market To Witness Growth Acceleration During 2020-2026 | Western Digital Corp, Samsung Electronics, Toshiba,... - February 25th, 2020
- Encryption Software Market are anticipated to lucrative growth opportunities in the future by Product Type, Structure, End-user and Geography to 2027... - February 25th, 2020
- Proposed Bill Could Threaten Apple, Facebook Messaging Platforms - MSSP Alert - February 25th, 2020
- Zettaset to Participate in Cybersecurity Forum at Annual HIMSS 2020 Conference - Business Wire - February 25th, 2020
- Cloud Encryption Technology Market Analysis with Key Players, Applications, Trends and Forecasts to 2025 | Gemalto, Sophos, Symantec - Nyse Nasdaq... - February 25th, 2020
- US legislation to fend off end-to-end encryption of Facebook, Google and others - Financial World - February 25th, 2020
- Encryption on Facebook, Google, others threatened by planned new bill - Reuters - February 22nd, 2020
- What Is an Encryption Backdoor? - How-To Geek - February 22nd, 2020
- Sophos Takes On Encrypted Network Traffic With New XG Firewall 18 - CRN: Technology news for channel partners and solution providers - February 22nd, 2020
- Last Week In Venture: Eyes As A Service, Environmental Notes And Homomorphic Encryption - Crunchbase News - February 22nd, 2020
- CIA Encryption Meddling and Chinese Espionage Allegations Make It Clear: We All Need Strong Data Protection - Reason - February 12th, 2020
- Congress, Not the Attorney General, Should Decide the Future of Encryption - Lawfare - February 12th, 2020
- The code breakers: This vault is the epicenter in law enforcement's battle to unlock encrypted smartphones - USA TODAY - February 12th, 2020
- Enea Announces New Smart Tools to Identify Encrypted and Evasive Network Traffic - Yahoo Finance - February 12th, 2020
- Encryption Vs. Decryption: What's the Difference? - Techopedia - February 12th, 2020
- Labor Bill to fix Australian encryption laws it voted for hits second debate - ZDNet - February 12th, 2020
- Encryption Software Market Growth by Top Companies, Trends by Types and Application, Forecast to 2026 - News Parents - February 12th, 2020
- Mobile Encryption Market to Grow Massively (2020-2025) By Size, Share, Price, Trend and Forecast | Blackberry, T-Systems International, ESET, Sophos,... - February 12th, 2020
- Child-Welfare Activists Attack Facebook Over Encryption Plans - The New York Times - February 9th, 2020
- How Attorney General Barr's War On Encryption Will Harm Our Military - Techdirt - February 9th, 2020
- Strong Opinions on Whether Police Calls Should be Encrypted - Government Technology - February 9th, 2020
- The EARN IT Act is the latest clueless attack on encryption, do not fall for it - Privacy News Online - February 9th, 2020
- Republican Senator Lindsey Graham introduces bill that threatens end-to-end encryption - World Socialist Web Site - February 9th, 2020
- Activists write to Facebook against encryption, says it will dent bid to curb child pornography - Hindustan Times - February 9th, 2020
- BBB Offers the Following Tips for National Clean Out Your Computer and Safer Internet Day WKTN- A division of Home Town Media - WKTN Radio - February 9th, 2020