sb-eu logo
Story image

Govts risk cyber attacks if they continue to demand encryption backdoors

27 Aug 2019

Governments that flout encryption best practice and mandate the inclusion of backdoors into technology are putting their entire countries at risk, according to security professionals.

With election time looming, backdoors are perfect targets for cyber attackers who look to target election infrastructure.

It was only last year with ‘Five Eyes’ nations (United States, Canada, United Kingdom, Australia, and New Zealand) were lobbying for technology providers to build backdoors into their solutions.

According to 384 IT professionals polled at Black Hat USA 2019, 74% believe that countries with government-mandated encryption backdoors are more susceptible to nation-state attacks.

Furthermore, many professionals believe that backdoors won’t make countries any safer – 72% believe laws that allow governments to access encrypted personal data will not make countries safer from terrorists.

“Last month, the U.S. Senate Intelligence Committee reported that election systems in all 50 states were targeted by Russia during the 2016 election,” comments Venafi’s vice president of security strategy and threat intelligence, Kevin Bocek.

“We know that encryption backdoors dramatically increase security risks for every kind of sensitive data, and that includes all types of data that affects our national security. The IT security community overwhelmingly agrees that encryption backdoors would have a disastrous impact on the integrity of our elections and on our digital economy as a whole.”

70% of security professionals believe countries with government-mandated encryption backdoors are at an economic disadvantage in the global marketplace; and 84% would never knowingly use a device or program from a company that agreed to install a backdoor.

“On a consumer level, people want technology that prioritises the security and privacy of their personal data,” Bocek adds.

“This kind of trust is priceless. Encryption backdoors would not only make us much less safe at a national level, they also clearly have the potential to inflict significant economic and political damage.” 

Venafi states that many government and law enforcement officials across the world either believe that the risks encryption backdoors bring are worth it if they can be used to catch malicious actors, or think that there is a technical solution that can mitigate these risks. “Information security professionals overwhelmingly disagree with these beliefs,” Venafi concludes.

Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise - on premises, mobile, virtual, cloud and IoT - at machine speed and scale.

Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.

Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Story image
Acronis announces new security endpoint solution
The solution is an integration of data protection and cybersecurity which provides customers with effective endpoint protection in a landscape where the pointlessness of perimeter security is becoming more pronounced.More
Story image
Bring Your Own PC security to transform businesses within five years - Gartner
“Prior to the COVID-19 pandemic, there was little interest in BYOPC."More
Story image
Shlayer malware proves Apple devices aren't as secure as you think
"Apple never talks about malware publicly, and loves to give the impression that its systems are secure. Unfortunately, the opposite has been proven to be the case with great regularity."More
Story image
Proofpoint launches new SMB focused security awareness training
Proofpoint has launched security awareness training for small to medium businesses (SMBs) with the aim of reducing successful phishing attacks and malware infections to almost zero. More
Story image
ESET launches the latest version of its Mobile Security solution
“With this latest version of ESET Mobile Security, we want to ensure our users feel completely secure when performing financial transactions on their devices, in addition to being protected from malware and phishing attempts."More