Skip to main content
banner image
venafi logo

The Biggest Encryption Stories of 2020 [Encryption Digest 54]

The Biggest Encryption Stories of 2020 [Encryption Digest 54]

December 31, 2020 | Alexa Hernandez

2020, the year that has seemed to both last forever and at the same time flash past in the blink of an eye, has finally come to an end. It’s certainly been a roller coaster of a year, and the world of encryption had its ups and downs as well.

Venafi is rounding up the top encryption stories of the year. Whether it’s the good, the bad, or the ugly, here are the biggest encryption stories that went down in 2020. Read on to see if there are any that you might have overlooked in the midst of pandemic distraction!

Billions of Devices Open to Wi-Fi Eavesdropping Attacks

In February, before the age of masks and social distancing really took effect, a major vulnerability in Wi-Fi chips was revealed by ThreatPost. This chip, present in billions of devices worldwide, allows malicious actors to eavesdrop on Wi-Fi communications.

Researchers at ESET found that the bug (CVE-2019-15126) came from the use of an all-zero encryption key in chips made by Broadcom and Cypress, and the resulting data decryption breaks Enterprise security protocols. These vulnerable chips were found in smartphones, tablets and laptops, along with several generations of products from Apple, Amazon, and Samsung.

The estimate of a billion devices being impacted was even thought to be a conservative one! ESET did immediately disclose the bug and gave manufacturers time to create firmware upgrades and OS updates to protect users’ devices.

Worldwide Espionage Operation With a Swiss Company Uncovered

US and German Secret Services were found to be involved in a worldwide wiretapping operation by Cryptoleaks, ZDF and the Washington Post. A secret-service dossier revealed spying was used with manipulated encryption devices.

New documents from the CIA and the German Federal Intelligence Services prove that they spent decades using manipulated encryption devices to bug over 100 countries. Messages between government agencies, authorities, embassies and military agencies were routinely intercepted. “Operation Rubicon”, as it was called, was considered “one of the most successful intelligence operations of the post-war period”.

Zoom Delivers End-to-End Encryption to All Users

Back in June, Zoom finally implemented an end-to-end encryption strategy for all users, not just those with paid subscriptions. Previously, Zoom only offered this security to paid users, while unpaid users were left to remain on the unencrypted version. While Zoom tried to justify the move by saying it would allow law enforcement to track criminals online more freely, the furious backlash proved that users were not buying it.

Check out our previous Encryption Digest article to learn more about this story.

UK Government May Block Facebook’s Plans for End-to-End Encryption

Facebook definitely understands the importance of providing all users with the protection of end-to-end encryption, but they have come up against surprising opposition from the UK government via legislation known as a Technical Capability Notice (TCN). Not only does this notice stipulate a weakened form of encryption, but also provides for law enforcement agencies to monitor communications.

While Facebook itself hasn’t directly addressed these requests, the director of the Open Rights Group has publicly slammed the UK government for its lack of respect for personal privacy.

"There are legitimate concerns about investigating crime,” said Jim Killock”.  “But the government should not facilitate crime by making personal security harder."


Related posts


Like this blog? We think you will love this.
Featured Blog

With Rapid Rise in Funds Stolen from DeFi Protocols, Private Keys in Play

Massive heist begins with

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Alexa Hernandez
Alexa Hernandez

Alexa is the Web Marketing Specialist at Venafi.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more