March 3, 2016
Weakened Encryption Leaves Data Accessible to Hackers States New Report
Image courtesy of (Stuart Miles) / FreeDigitalPhotos.net
Encryption weaknesses mandated by American officials are leaving websites vulnerable, a new report by researchers reveals.
The lengthy and highly-technical report highlights how hackers can attack Web communications thanks to the nearly 20-year-old changes. The report also sheds light on how further reductions in Web encryption, that officials continue to push for, would place websites in further danger.
The Drown attacks, as they are referred to, could allow hackers easier access to encrypted information including passwords, credit card information and even e-mails. However, a tool has been created to fix the problem but it could take site administrators a lengthy period of time to implement the needed changes.
“What is shocking about this is that they have found a way to use a very old fault that we have known about since 1998,”University of Surrey professor Alan Woodward told the BBC.
The report stresses the need not only for administrators to protect themselves from potential attacks, but also for the findings to be considered as weakened encryption continues to be a matter of debate.
“Today, some policy makers are calling for new restrictions on the design of cryptography in order to prevent law enforcement from ‘going dark,’” the researchers said, reports PC World. “While we believe that advocates of such backdoors are acting out of a good- faith desire to protect their countries, history’s technical lesson is clear: Weakening cryptography carries enormous risk to all of our security.”
W. Brice McVicar is a staff writer for SiteProNews.
For all other news on the Technology