GRyan Masters Blog

Cybersecurity and Encryption

1. Encrypted — March 15, 2016

1. Encrypted

With the steady increase of cyber crimes, encryption should be a top priority for everyone. Whether you are a basic computer user to a company that deploys multiple server across multiple locations, encryption should be considered. Using encryption to protect your data can be as simple as securing a single file, to a folder that you store important information in, or it could be used to protect entire systems/servers.

Encryption used to Protect

A big controversy right now is the Apple vs. FBI. The incident that start this battle over encryption was the attack on the Inland Regional Center in San Bernardino, California by Syed Rizwan Farook and Tashfeen Malik (NPR Report). After the attack the two men committed suicide and there was an iPhone 5c recovered at the crime scene. The FBI confiscated the phone and was not able to access the data stored on the device. Since the FBI cannot access the data many questions could not be answered.

The FBI filed suit against Apple requesting them to supply a way to get into the device and Apple denied the request. Tim Cook, CEO of Apple, said

“In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession. …

“The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable (NPR Report).”

This is a major issue in encryption. By creating a backdoor to encryption methods you are opening the encryption and reducing the security of the algorithms. Someone will eventually crack it and now the encryption is worthless.

Encryption used to Restrict

Another way that encryption can be used is to restrict access. Yes, I know, encryption is supposed to be used to restrict access, but not the way that unethical hackers are using it.

There are many reports that have been linked to hackers gaining access to systems and then encrypting them so the users and administrators of the system is unable to access it. This is being called Ransomware, or Remote Access Hacking.

These hackers are gaining access to different systems and then encrypting the data on these systems. Then the hackers are demanding a ransom in order to decrypt the systems. In 2012, there was an attack on an Australian business, and the hackers asked for $3000 in ransom for the password to the encryption. The company paid the ransom and the hackers claimed that child pornography was detected on their computers (Ransom Attack).

20120924013801_unlock

Many more attacks of this type can be found online.

No matter what type of computer, smart phone, server, or any other type of electronic device that connects to the internet you should research ways to encrypt your personal data. There are many different types of encryption methods available. We all should use some type of encryption to protect our personal effects.

Grant Ryan

Apple, The FBI And iPhone Encryption: A Look At What’s At Stake. (n.d.). Retrieved March 15, 2016, from http://www.npr.org/sections/thetwo-way/2016/02/17/467096705/apple-the-fbi-and-iphone-encryption-a-look-at-whats-at-stake
Dealing with ransomware and remote access hacking | NetSafe Security Central. (n.d.). Retrieved from http://www.securitycentral.org.nz/cybersecurity-for-small-businesses/dealing-with-ransomware-and-remote-access-hacking/
Advertisements