In the aftermath of every terrorist attack or high-profile cybercrime, it is usually revealed by security professionals through the media that the terrorists or criminals used encrypted communications, enabling them to plan and coordinate their activities without raising suspicion among the intelligence and law enforcement communities.
This is almost always followed by a knee-jerk reaction among politicians in Washington who argue for “backdoors” in encryption products, which would allow government agencies to easily unlock protective encryption in an effort to identify perpetrators and their accomplices. They say this is essential to keeping us all safe and that we must stop complaining about the loss of personal privacy.
Left unsaid in all this clueless scare-mongering is that once a backdoor is built into encryption software, anyone can open protected devices and data, not just intelligence agencies.
A backdoor would make it easier for terrorists and criminals everywhere to wreak even more havoc on financial, healthcare, energy and retail sectors. They can use the backdoor to breach government, military and law enforcement agencies. They can tinker with our utility grid and shut down critical parts of our communications infrastructure, including vast chunks of the Internet.
Skilled hackers worldwide have already demonstrated that they can do all this and more, so imagine what they and foreign intelligence agencies can do once our government mandates that all encryption providers equip their products with a backdoor. It is just a matter of finding the key to the backdoor they know is already there and employing brute force methods to gain entry. The power of today’s computer networks makes this child’s play.
If the tech sector is forced to equip their products with backdoors, how does this solve anything? Terrorists and criminals can turn to alternative methods to hide their communications, as they have already done with social gaming networks. Another alternative is steganography, which encrypts messages that can be hidden within images of puppies, kittens and bunnies posted in plain sight on the Internet – all innocuous enough to avoid the scrutiny of law enforcement agencies.
If you think the world is a bit too chaotic, you haven’t seen anything yet. Under a backdoor mandate, computer systems, networks and devices will be rendered totally insecure, making all of us more vulnerable to the whims of criminals and terrorists.
There is ample reason for Americans to value their privacy. They do not like the idea of risking their bank accounts, credit cards and retirement funds to cyber-looters. They do not want their identities stolen, and then putting their lives on hiatus while they painstakingly sort it all out. They do not want to become bombarded with yet more scams, or become targets of new social engineering schemes that trick them out of their money.
The strong encryption currently employed in backend systems and on networks everywhere goes a long way to keeping criminals and terrorists out of our daily lives.
A caution to our representatives in Congress: know what the heck you are doing before deciding that backdoors will solve our national security problems. You may be opening the proverbial Pandora’s Box – unleashing more chaos on the American public than you can possibly imagine.
Nathan Muller is the author of 29 technical books and over 3,000 articles that have appeared in 75 publications worldwide. He also writes articles, blogs and social media content for tech companies and their executives.