Page 25 - Cyber Warnings
P. 25
The ways of responding to a terrorist encryption
By Milica D. Djekic
The encryption may get a crucially significant point in some communication or information
exchange activities. It’s not only important to a Defense Force as it may get from significance to
some terrorist organizations using cryptography to plan and prepare their attacks. Some terrorist
groups may use software tools to protect their sensitive data, while many would rely on
hardware solutions which would offer them somehow better level of protection. As it’s known,
many software solutions may get hacked, but is that the case with the encryption hardware?
Through this effort, we would want to analyze how to apply a skillfully prepared state-sponsored
attack – that could make it possible to damage some hardware remotely taking advantage over
its physical imperfections.
Why terrorist groups use the encryption
Many terrorist groups would use cryptography to protect their sensitive information or
communication channels from being breached from the outside. Sometimes encryption software
would be enough to protect a certain amount of data, but – would it get resistive to skillfully
organized hacker’s attacks? Our answer to this question is – no. Once the intelligence
community discovers some of machines using the cryptographic tools, it would become feasible
to disable such a computer with its entire network.
Also, the current software cryptography would offer many weaknesses such as the encryption
keys that should get delivered through the special channels. We know that terrorist may use e-
mails, web or even mobile devices to obtain such a confidential information transfer. The
intelligence community got its methods to discover the terrorist organizations and their
members, while the state-sponsored hackers got plenty of skills and expertise to attack their
information sharing systems.
A bit better situation is with the hardware-based encryption solutions. These solutions may
appear as the smaller boxes or even computer sticks which would do data encryption and its
transmission. It appears much harder to affect such a solution, but the question is – would that
be possible?
The experience would suggest that it’s not easy at all to break into that cryptographic system,
but we would want to suggest that it’s not necessary to deal with that protection from the inside
or, in other words, send your intelligence agent to a highly risky task – it’s simply sufficient to get
well-trained staffs with the appropriate technology operating from the outside.
25 Cyber Warnings E-Magazine – September 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
