Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

US Attorney General Says Encryption Creates Security Risk

U.S. Attorney General Bill Barr said Tuesday that increased encryption of data on phones and computers and encrypted messaging apps are putting American security at risk.

U.S. Attorney General Bill Barr said Tuesday that increased encryption of data on phones and computers and encrypted messaging apps are putting American security at risk.

Barr’s comments at a cybersecurity conference mark a continuing effort by the Justice Department to push tech companies to provide law enforcement with access to encrypted devices and applications during investigations.

“There have been enough dogmatic pronouncements that lawful access simply cannot be done,” Barr said. “It can be, and it must be.”

The attorney general said law enforcement is increasingly unable to access information on devices, and between devices in the virtual world, even with a warrant supporting probable cause of criminal activity.

Barr said that terrorists and cartels often will switch mid-communication to an encrypted application to plan especially deadly operations. He described a transnational drug cartel’s use of WhatsApp group chat to specifically coordinate murders of Mexico-based police officials.

Gail Kent, Facebook’s global public policy lead on security, recently said that allowing the government’s ability to gain access to encrypted communications would jeopardize cybersecurity for millions of law-abiding people who rely on it. WhatsApp is owned by Facebook.

“It’s impossible to create any backdoor that couldn’t be discovered, and exploited, by bad actors,” Kent said.

Kent said changing encryption practices won’t stop bad actors from using encrypted devices or applications on other services that might pop up to enable this.

Encrypted communications are ones that are only available to users on either end of the communications. The increasing use of this technology has long been coined by the Justice Department as the “going dark” problem.

The remarks acknowledged the need for encryption to ensure overall cybersecurity that has enabled people to bank relatively securely online and engage in e-commerce.

Barr said that to date, law enforcement in Garland, Texas, have been unable to access 100 instant messages sent between terrorists who carried out an attack there.

“The status quo is exceptionally dangerous, it is unacceptable and only getting worse,” Barr said. “It’s time for the United States to stop debating whether to address it and start talking about how to address it.”

Ex-FBI director James Comey championed the need for a law enforcement workaround to encrypted devices and communications. He led a highly publicized push to gain access to an iPhone belonging to a perpetrator of a terrorist attack in San Bernardino, California, that killed 14 people in 2015.

Related: Inside GCHQ’s Proposed Backdoor Into End-to-End Encryption

Related: The Argument Against a Mobile Device Backdoor for Government

Related: ‘Five Eyes’ Agencies Demand Reignites Encryption Debate

Related: Mandatory Encryption Backdoors Would Be Ineffective

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...