Privacy and Security: The Case for Encryption
In February 2016, when a federal judge instructed Apple to cooperate with the Federal Bureau of Investigations (FBI) in unlocking one iPhone used by one of San Bernardino shooters in December 2015, the public was largely divided on which side to support.
On one hand, many supported Apple in its refusal to unlock the phone, based on the conviction that doing so would create a backdoor through which authorities and hackers could get access to any iPhone. On the other hand, just as many people felt that the FBI’s request was justified and that Apple’s refusal would be a huge blow to national security.
There had been no courtroom news story that has dominated the headlines since the OJ Simpson trial like this Apple-FBI lawsuit. However, the FBI asked the court to dismiss the case after it found a way around Apple’s encryption. Some news outlets reported that the FBI got an Israeli security firm to crack the iPhone. Nothing was ever confirmed.
Lovers of Apple’s iPhone were terrified that the elaboration and multiplicity of security features in the iPhone would no longer make sense if the FBI got its way. With this request coming after Edward Snowden’s revelations of the NSA’s surveillance program, it is not unthinkable, why many would feel that creating an unlock tool for the FBI would impetuously allow the government to disregard people’s privacy in the name of keeping the country safe.
Furthermore, this Apple versus FBI tussle came at a time when an increasing number of Americans are rethinking 9/11. These dissenting voices believe that the official story of the events of September 11, 2001, is not accurate, and have signed a petition demanding that a new investigation be opened into what exactly happened when the Twin Towers collapsed that fateful day.
While the majority of Americans still subscribe to the official story as told by government authorities, the fact that this growing movement has a backing of over 2000 architects and engineers is making it increasingly hard to ignore the glaring facts that these nonconformist voices present.
The majority of Americans agree that since 9/11, successive governments have justified taking away civil liberties in the guise of national security. If 9/11 was staged, it would seem that there was never a good reason to take away people’s liberties and many Americans would demand back their right to privacy. The acme of these US government privacy violations was laid bare by Snowden’s revelations, making many IT companies to rethink how they protect their customers’ devices from unauthorized access.
The majority of Americans still do not quite understand the magnitude of these leaks. This, perhaps, motivated the creators of The Good Wife creators to create an NSA surveillance program storyline in the show’s season five, in a bid to help people understand how disturbingly intrusive the NSA program was. The storyline revolved around the wiretapping of Alicia Florrick’s (played by Julianna Margulies) phone and how the NSA could listen in to every conversation that she had, using her phone.
Encryption history
Given the fact that world governments and hackers alike want a way into people’s private spaces and private conversations, many IT companies today are helping their customers to encrypt their conversations as well as the data on their electronic devices.
This is to make sure that only the people intended to have access to those messages are able to see them in plain text. Encryption involves converting data, information or a message into a different form that is unreadable to everyone except the person it was intended.
Since the beginning of time, human beings have always attempted to send concealed messages. In the old days, they would use symbols, pictures, and numbers. In the 21st century, the tech has made the process more complex, but the fundamental intentions remain the same. At any one time, thousands of attempts at hacking US companies are made by hackers from around the world, including China and North Korea.
These hackers focus on stealing the corporations’ business secrets, and customer information, in what is referred to as industrial espionage. But US companies are not the only ones in danger of being hacked. These hackers consider any successful hack into any company of a Western country a big win.
During the middle ages, most European governments had adopted the use of cryptography, especially during their communications with their ambassadors. The polyalphabetic substitution that dominated the cryptography scene in the period before the 19th century marked a significant change in the way messages were encrypted.
Gilbert Vernam improved the polyalphabetic cipher when he created the Vernam-Vigenere cipher. This was in 1918. Vernam’s work is what led to the use of a keyword to encrypt, in what at the time seemed like the unbreakable way of encrypting messages. And since that period, many other technological advances have changed the way data, information and messages are encrypted and decrypted.
During World War II, the Navajo style of sending encrypted messages was through their own language. While some people might argue that using an unknown language to communicate is not encryption, it is worth noting that no one ever succeeded in breaking the Navajo code.
In fact, the code is credited for helping them win the Pacific War. This is quite a remarkable feat given that part of their procedure required that every message that was conveyed be put in writing.
Privacy and vulnerabilities
According to a 2016 research paper (PDF) published by the SAS Institute, 62% of consumers are concerned about the personal information they give to businesses and what those companies do with it. In addition, 60% of consumers worry about the security of the devices used and the risks they might be exposed as a result of using them.
Given the growing number of security breaches of government agencies and multinationals, these concerns would seem to have a basis in reality. According to the Center for Strategic and International Studies, the world economy has suffered a loss of $445 billion as a result of cyber-attacks (PDF.) This figure is close to 1% of the world’s income.
62% of consumers are concerned about the personal information they give to businesses and what those companies do with it.
More than any other time in the past, the electronic devices in use everywhere are extremely vulnerable to cyber-attacks. As businesses across the globe spend more to secure their systems, individuals must also put in place every strategy that can help make the use of electronic gadgets and online systems safer. The dangers of personal and private information falling into the wrong hands should be enough motivation towards embracing encryption.
Hackers and cyber terrorists: responding to the new normal
Before the end of January 2014, a US insurance company that caters for the health sector discovered that its IT system had been compromised and hackers had gained access to personal information of over 80 million Americans.
This remains one of America’s biggest data breaches of health-related customer information in history. The insurance company also noticed that the cyber-attackers had been monitoring its internal processes following their successful infiltration over a month earlier.
Later that year, it emerged that JPMorgan Chase had also been hacked and contact information of over 76 million customers and businesses compromised. The bank, however, refuted claims by some media outlets that the hackers had gained access to personal information of its customers. The company said it was vigilant in monitoring the situation and that an investigation into the cyber-attack was ongoing.
A few weeks after this devastating cyber-attack on JPMorgan Chase, Sony Pictures hit the headlines after hackers attacked its machines in what has been described by some as the worst cyber-attack in American history. When Sony employees tried to log into the company computers on November 24, 2014, they found a warning message on the screens and a flaming skeleton that hovered over two zombie-like images of the company’s top executives.
Before Sony Pictures’ IT experts could get on top of the situation, the attackers’ malware had spread across the entire Sony network around the world and wiped out everything stored in over 3000 of its personal computers and more than 800 of its servers. This accounted for around half of Sony’s entire global network.
The hackers were thorough. To ensure that everything they deleted would be unrecoverable, the hackers had designed the malware with a special algorithm that would delete and overwrite data in 7 different ways. And as if this was not enough, the malware also code zapped the software of all those computers, thereby rendering them brain-dead.
As a result of this devastating hack, Sony Pictures was forced to go back to using fax machines and paid thousands of its employees using paper checks. The corporate sector in the U.S. shook with terror as the entertainment giant came crashing down.
After this initial devastation, it soon became apparent that the hackers were not done. Before deleting Sony’s data, they had stolen its confidential files only to dump them onto file-sharing sites. Over 47,000 Social Security Numbers, unfinished scripts of several movies, salary lists and emails were released.
Furthermore, the cyber-attackers also threatened to attack theaters that would show ‘The Interview’, a comedy movie that depicted the assassination of Kim Jong-un, North Korea Supreme Leader.
The FBI released a statement that December saying North Korea was responsible for the hack. To this day, Sony employees still worry about the perpetual risk of their identities being stolen. If the company had embraced encryption for its systems and in protecting the information of its employees, this identity theft threat would have been avoided.
The challenge for law enforcement agencies has been the increasing popularity of encryption for messaging applications essentially allowing everyone, including terrorists, to communicate securely. Some government agencies have been pushing against the possibility of going dark when trying to investigate suspected terrorists.
But like with any other technology, insisting on a plan that would disallow encryption would fail. At present, the authorities are relying on the error-prone human elements of using the app to gain access to the information stored in these apps.
Encryption for businesses
Many business leaders today worry about how secure their business data is. They also wonder about the effect that a security breach could have on the future of their companies. For that reason, many CEOs are willing to allocate substantial company resources to premium data protection.
That said, even for the most cautious of these business executives, coordinating the entire company security network is an extremely difficult task. The fact that the majority of business systems now include personal devices like employees’ phones and tablets makes monitoring and coordination even more complex.
This is what makes encryption the best solution for business security. Any business that values its trading secrets will typically have considerably solid encryption techniques in use to protect its cloud system, mobile devices, and computers. Using encryption drastically reduces the vulnerability of every device in the system to cyber-attacks.
Some of the functions within which encryption is crucial include protecting the company’s cloud storage, concealing operating systems and keeping business email secure.
Cloud storage protection
Like all other storage options available for businesses, the cloud can be attacked by hackers and business information stolen or destroyed. The majority of business owners who use cloud storage do so because it is affordable, convenient and scalable.
Therefore, a good number of them assume the responsibility of securing their business data to the cloud storage solutions companies they have engaged in. This is a big mistake. You cannot shift the responsibility of protecting business, customer and employee information to another company.
Concealing the operating system in use
For those business leaders who believe that their ability to stay ahead of their competition is directly proportional to how well their businesses are able to keep company secrets and information away from those who would want to exploit it, the option of concealing a business operating system can be enticing. By using encryption, you can conceal your business operating system from those prying eyes that are seeking information that they should have no access to.
Keeping business email secure
Now and then, we hear about emails of a certain individual that were made public after successful hacks. For business, a single hack that gets access to business emails could have far-reaching consequences. This is because most businesses use email to communicate and pass sensitive company information.
Keeping the emails safe from hackers is very important, but making sure that, even in the event of a hack the cyber- attackers do not get their hands on sensitive company information, it is even more critical. Encryption is the easiest and, perhaps, the most effective way of doing this.
The future of encryption
What every entrepreneur wants to know is how he can build his business’ encrypted network that can stand the test of time, keeping his company safe from hackers and from the security threat they pose. In recent years, network security companies have found a way to detect malware that is encrypted using TLS/SSL.
The next generation of firewalls is SSL aware and protects business systems from malware lurking in encrypted files. Business leaders must embrace encryption for every level of business undertakings if their companies are to remain secure. Setting up these encrypted systems is quite expensive, but if your business secrets and company information is valuable to you, hesitating to do this should not be an option.
Into the future, the popularity of encryption is bound to grow. As more businesses realize the benefits of secure systems, encryption will head towards becoming so widespread that it will be quite tasking to find a single business that will not employ encryption in its internal processes. In some quarters, encryption has been described as the modern-day businesses’ last line of defense (PDF.)
The use of photonic chips seems to be the next phase of encryption. The use of random numbers plays a crucial role in encryption. Engineers from Barcelona’s Institute of Photonic Sciences have used a photonic chip to develop a random number generator that is both fast and tiny.
This random number generator makes use of the innately random quantum characteristics of light to create numbers. The tech in use at the present uses an algorithm that mimics rolling a dice. This method can be hacked more easily than using the photonic chip.
