Latest Mass Telephone Hack Provides More Evidence of Need for End-to-End Encryption in Communications

On Behalf of | Dec 24, 2024 | Criminal Defense, Federal Crimes, Felonies |

Majority of Users Who Had Call Records Stolen Not Notified

Earlier this year, at least eight telecommunication companies were hacked by the group Salt Typhoon, which is possibly connected to the Chinese government, with many high-end political figures as the target, including Donald Trump’s and Kamala Harris’ respective presidential campaigns, but the threat is said to be ongoing. One industry source said that the metadata, including call logs and text messages, of more than a million people were hacked, along with attacks on the FBI and others. Certain carriers that were hacked, like AT&T and Verizon, have reportedly not contacted the majority of those whose information was stolen. It seems that the target was likely politically motivated because pulling such data from political campaigns and, “Mapping the social relationships between groups of politicos would be pretty useful” according to Dakota Cary, a China adviser at the cybersecurity company Sentinel One.

FBI Advocates for “Government Backdoor” to Encrypted Communication

In response to the news of this major hacking campaign, many privacy experts have warned that the only real protection users can have is to ensure they use end-to-end encryption technology for all communication. End-to-end encryption technology ensures that any written communication, and even some voice calls, are made unreadable to any third party outside the sender and receiver, with widely available apps like WhatsApp or Signal being effective encryptors, the use of which have been endorsed by tech companies such as Apple. The need for this is especially evident because the hackers were reportedly able to access the interface where law enforcement agencies request wiretaps from the telecommunication companies under the 1994 Communications Assistance for Law Enforcement Act (“CALEA”), essentially handing over the list of phone numbers that the FBI has investigated and requested wiretaps for in the past. In response, the FBI has advocated for “responsibly managed encryption” which would be “designed to protect people’s privacy and also managed so U.S. tech companies can provide readable content in response to a lawful court order.” Essentially, the FBI does not want to lose its ability to place wiretaps on people they are investigating and want access to a backdoor key that only they and other native law enforcement agencies could use to break encryptions, as characterized by privacy experts. But those same experts warn this would only create a huge incentive for hackers to get their hand on such a “golden key” and would place everyone’s phone at a potential risk. “If the FBI cannot keep their wiretap system safe, they absolutely cannot keep the skeleton key to all Apple phones safe,” summarized Sean Vitka, the policy director at the progressive group Demand Progress. Giving law enforcement a backdoor key that they can use on any type of phone would naturally lend itself to abuse by bad actors, both inside and outside law enforcement. Even in instances in which law enforcement is able to review materials on an individual’s phone, it is the role of defense attorneys in criminal investigations and charged cases to make sure that they followed certain procedures so as to not run afoul of an individual’s constitutional rights.

Archives

RSS Feed

FindLaw Network