This week:
3 – A back door for one is a back door for all.
2 – Encryption is your friend.
1 – But encryption doesn’t protect everything.
3 – A back door for one is a back door for all.
“This is the worst telecom hack in United States history. The Chinese have been into our telecom networks since at least 2023.”
Summary: U.S. officials suspect that a recently discovered Chinese hacking and espionage campaign that successfully breached at least 9 of the major phone companies in the country, enabled them to steal information about more than 1 million customers. As part of the attack, they also focused in on the communications of a small number of Americans working in the Washington DC area (including Donald Trump and JD Vance, Trump’s pick for Vice President). Apparently, they then used the wiretap systems used by law enforcement agencies to listen to these individuals’ phone conversations and read their SMS text messages. Recent updates to this story suggest the hack isn’t limited to America, with rumours that this attack has impacted phone companies around the world. China has denied involvement, stating that it firmly opposes and combats all kinds of cyber attacks.
So what? Phone companies are under legal obligation to retain information (‘meta data’) about our phone use. Many phone systems also have a ‘back door’, enabling someone to eavesdrop on phone calls and text messages. This is all in place to allow court-approved access to government agencies. Many criminals have been brought to justice because of this. But unfortunately, when there’s a back door for one, it can become a back door for all.
Source: ABC News
2 – Encryption is your friend
“U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack”
Summary: While details of this breach continue to emerge, officials working for CISA (The US Cyber and Information Security Agency) are advising the public to use encrypted messaging applications like Signal and WhatsApp to safeguard communications.
So what? CISA is breaking ranks with many other governments and state agencies. For many years, government agencies have been putting pressure on tech companies like Apple and Meta to prevent them from using encryption on users’ communications (or at least to provide them with ‘back doors’ into their encryption systems), so these agencies can see the messages of (anyone they don’t like) crime suspects. It looks like CISA can see the problems that arise with this type of back door access.
Source: NBC News
1 – But encryption doesn’t protect everything.
“They (also) stole data about where, when and whom individuals were communicating with”
Summary: As part of this attack, it is believed the ‘meta data’ relating to the calls and SMS text messages of a million US phone users was also stolen.
So what? Encryption will protect the contents of a communication, but it doesn’t protect ‘meta data’ about the communication. With this ‘meta data’, someone can determine who a mobile phone user was talking to, when they spoke and where they were communicating from. You may say you don’t care because you have nothing to hide. You’re lucky, because about vulnerable people like domestic abuse victims and journalists fighting against oppressive regimes can’t say the same.
Source: VOA News