Last December, Australia’s parliament passed legislation requiring technology businesses to create encryption backdoors within their products.
Security and privacy advocates responded with shock and disappointment, with Nate Cardozo of the Electron Frontier Foundation writing he “can see a potential dystopic future in the Land Down Under: one where only backdoored communication tools are permitted in Australia, and all other services and protocols will face government-mandated blocking and filtering.”
At this year’s RSA conference, Venafi evaluated the opinions of over 500 convention attendees on the impact of government mandated encryption backdoors and the results were quite interesting. For example, 73% of respondents believe countries with these encryption backdoors are more susceptible to nation-state attacks.
"This is not rocket science; backdoors create vulnerabilities"
“This is a tense moment for industry professionals because they know backdoors make our critical infrastructure more vulnerable,” says Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. “This is not rocket science; backdoors inevitably create vulnerabilities that can be exploited by malicious actors. It’s understandable that so many security professionals are concerned because backdoors are especially appealing to hostile and abusive government agencies and more governments are considering these mandates.”
SSL/TLS Certificates and Their Prevalence on the Dark Web
Additional findings from the survey include:
- 69% believe countries with government-mandated encryption backdoors suffer economic disadvantages in the global marketplace as a result.
- 70% believe governments should not be able to force technology companies to grant access to encrypted user data.
- Only 25% believe technology companies are doing enough to protect consumers’ personal information.
Bocek concludes: “We know that attackers don’t abide by restrictions; they don’t follow the rules or buy products in controlled markets. Countries that enact these near-sighted restrictions harm law abiding businesses and court economic damage as well as intrusions focused on sovereign government processes.”
Get a 30 Day Free Trial of TLS Protect Cloud, Automated Certificate Management.
Related posts