CIO Today HOME LATEST NEWS NEWSLETTERS SEARCH Search
  LATEST NEWS FOR THURSDAY APRIL 27

Close Search Box
CIO Today
DATA SECURITY
U.K. Wants WhatsApp Accessible to Authorities
Posted March 27, 2017
U.K. Wants WhatsApp Accessible to Authorities
Next Story
EARLIER
Instagram Introduces Two-Factor Authentication
THIS STORY
U.K. Wants WhatsApp Accessible to Authorities
Next Story
LATER
IBM X-Force Finds over 4 Billion Records Leaked in 2016
YOU ARE HERE:   HOME arrow DATA SECURITY arrow THIS STORY
NEWS OPS

By Syndication. Updated March 27, 2017 9:07AM

SHARE

ALSO SEE

Westminster Bridge attacker Khalid Masood sent a WhatsApp message that cannot be accessed because it was encrypted by the popular messaging service, a top British security official said Sunday.

British press reports suggest Masood used the messaging service owned by Facebook just minutes before the Wednesday rampage that left three pedestrians and one police officer dead and dozens more wounded.

As controversy swirled over the encrypted messages, police made another arrest in Birmingham, England, where Masood had lived. The 30-year-old is one of two men now in custody over possible links to the attack. Neither has been charged or publicly named.

Masood was shot dead on the grounds of Parliament.

Home Secretary Amber Rudd used appearances on BBC and Sky News to urge WhatsApp and other encrypted services to make their platforms accessible to intelligence services and police trying to carrying out lawful eavesdropping.

"We need to make sure that organizations like WhatsApp -- and there are plenty of others like that-- don't provide a secret place for terrorists to communicate with each other," she said.

Rudd did not provide any details about Masood's use of WhatsApp, saying only "this terrorist sent a WhatsApp message and it can't be accessed."

But her call for a "back door" system to allow authorities to retrieve information is likely to meet resistance from the tech industry, which has faced previous law enforcement demands for access to data after major attacks.

In the United States, Apple fought the FBI's request for the passcodes needed to unlock an iPhone that had been used by one of the perpetrators in the 2015 extremist attack in San Bernardino, California.

The FBI initially claimed it could obtain the data only with Apple's help, but ultimately found another way to hack into the locked phone.

Masood drove a rented SUV into pedestrians on Westminster Bridge before smashing it into Parliament's gates and rushing onto the grounds, where he fatally stabbed a policeman and was shot by other officers. A detailed police reconstruction has found the entire attack lasted 82 seconds.

Police are trying to pinpoint his motive and identify any possible accomplices, making the WhatsApp message a potential clue to his state of mind and his social media contacts.

Rudd said attacks like Masood's would be easier to prevent if authorities could penetrate encrypted services after obtaining warrants similar to the ones used to listen in on telephone calls or -- in snail mail days -- to steam open letters and read their contents.

Without a change in the system, she said terrorists would be able to communicate with each other without fear of being overheard even in cases where a legal warrant has been obtained.

Rudd also urged technology companies to do a better job at preventing the publication of material that promotes extremism. She plans to meet with firms Thursday about setting up an industry board that would take steps to make the web less useful to extremists.

British police investigating the attack say they still believe Masood, a 52-year-old Briton, acted alone and say they have no indications that further attacks are planned.

Metropolitan Police Deputy Assistant Commissioner Neil Basu said it may never be possible to fully determine Masood's motives.

"That understanding may have died with him," Basu said Saturday night as police appealed for people who knew Masood or saw him to contact investigators. "Even if he acted alone in the preparation, we need to establish with absolute clarity why he did these unspeakable acts, to bring reassurance to Londoners."

The Islamic State group, which is losing territory in Iraq and Syria but still has radical followers in other parts of the world, has claimed Masood was a "soldier" carrying out its wishes to attack Western countries.

Masood had convictions for violent crimes in the U.K. and spent time in prison. He also worked in Saudi Arabia teaching English for two years and traveled there again in 2015 on a visa designed for religious pilgrimages.

Along with the man arrested Sunday, a 58-year-old man detained in Birmingham several days ago remains in custody in the case. Nine others arrested after the attack have been freed without charges, while one person was released on bail.

The family of slain police officer Keith Palmer, meanwhile, released a statement thanking those who tried to save his life.

"There was nothing more you could have done. You did your best and we are just grateful he was not alone," the statement said.

© 2017 Associated Press syndicated under contract with NewsEdge/Acquire Media. All rights reserved.

Image credit: iStock.

Tell Us What You Think
Comment:

Name:

SafeSwiss:
Posted: 2017-03-28 @ 5:24pm PT
Govt now appears to use last week’s very tragic horrific event as a mechanism to either ban or introduce legislation on encryption providers.

Reality: encryption is here to stay.

Last week’s tragic events have highlighted the effectiveness of end to end encryption such as deployed by likes of Telegram Messenger, Safeswiss, WhatsApp.

This truly represents a true paradox between privacy & security. Modern encryption architecture ensures there can be no possibility of back doors as either these apps are encrypted or they are not, there is no middle ground.

Modern cryptography is extremely complex. The primary purpose of a robust encryption solution is to prevent any possibility of third party access. It's extremely misguided to think that any Govt or Govt agency can be considered a trusted third party.

Simply banning encryption will open doors to a multitude of malicious MiTM attacks from adversaries everywhere. Govt would be far better placed to put their resources into the issue at the source of the problem -- the continual brainwashing of children, youth & adults under the guise of medieval religious delusion.

MORE IN DATA SECURITY

Next Article >

INSIDE CIO TODAY NETWORK SITES SERVICES BENEFITS