WhatsApp, message encryption and national security

Is Whatsapp the perfect communication channel for terrorists?

The devastating terrorist attack that took place in London last week has brought grief to the UK and the rest of the world. The police that investigation into the incident has raised a number of questions, that could have far-reaching consequences.

WhatsApp and messaging encryption hits the headlines

The discovery that terrorist Khalid Masood had been using the messaging app WhatsApp shortly before the attack presents police with a problem. WhatsApp uses a technology called end-to-end encryption to encode text messages.

This encryption is intended to protect messages from being intercepted by hackers and cybercriminals. If a text is intercepted, it cannot be read without the decryption key – and only the authorised sender has that key. The text is completely garbage without decryption.

Unfortunately this also means that legal investigators cannot access those texts either – the data is completely inaccessible without access to Masood’s phone. Which means that the police may be missing vital evidence of other terrorist activities because the texts are encrypted.

UK government criticises encryption

Speaking in the media, UK Home Secretary Amber Rudd has criticised the use of end-to-end encryption, calling it “completely unacceptable”. She even went as far as suggesting that these encrypted messaging apps are “places for terrorists to hide”.

Ms Rudd’s main concern is that traditional surveillance techniques used to prevent terrorism and crime simply do not work in the age of complex encryption. As such, police and intelligence services are limited in what they can do to keep people safe.

A difficult issue globally

The London terror attack is not the first time security services have run into problems. The FBI has run into similar problems in the US too, unable to access encrypted smartphones belonging to criminals.

Service providers like Apple, Google and Facebook have complied with requests to access data in the past, but in the case of WhatsApp, they remain powerless to act. All encryption keys are specific to the phone owner – services providers like WhatsApp do not store copies, so even they cannot read messages.

Clearly there is no easy answer

.
For the majority of people, encryption is a vital tool to protecting their sensitive personal data. However criminals will exploit that anonymity – placing lives in danger in the process.

In future we may see WhatsApp and other messaging providers being forced by governments to create a “backdoor” in their apps that allows for proper surveillance. Although useful for the intelligence services, this approach could also be exploited by hackers, immediately weakening security of law-abiding citizens too.

How this situation will be resolved remains to be seen. But it could be that your favourite messaging app will undergo major changes security-wise in the near future.

The post WhatsApp, message encryption and national security appeared first on Panda Security Mediacenter.

Leave a Reply