Skip to main content
banner image
venafi logo

No Surprise: Black Hat Survey Reveals that Government Enforced Encryption Backdoors Alarm IT Professionals

No Surprise: Black Hat Survey Reveals that Government Enforced Encryption Backdoors Alarm IT Professionals

encryption backdoor
August 15, 2017 | Eva Hanscom

It is widely acknowledged that backdoors into encryption technology create vulnerabilities that can be exploited by a wide range of malicious actors, including hostile or abusive government agencies. Billions of people worldwide rely on encryption to protect critical infrastructure – including global financial systems, electrical grids and transportation systems – from cybercriminals who steal data for financial gain or espionage.

Despite these dangers, many government officials want private companies to hand over their encrypted data and communication methods. Advocates claim this would strengthen national security and hinder terrorism. However, experts agree that breaking encryption would do little to prevent terrorist attacks.

In July 2017, Venafi released the results of an international study on consumer attitudes regarding government-enforced backdoors into encryption technology. One thousand consumers from the United States, United Kingdom and Germany (3,000 total) participated in the survey and the results showed that the public is conflicted about the how these laws and policies would affect them personally.

During this year’s Black Hat convention, Venafi was curious to see if IT security professionals had similar opinions on encryption backdoors. We surveyed over 290 attendees and found that the majority of industry professionals believe encryption backdoors are ineffective and potentially dangerous.

For example, 91% of the respondents said cybercriminals could take advantage of government-mandated encryption backdoors. In addition, 72% of the respondents do not believe that encryption backdoors would make their nations safer from terrorists

Additional highlights from the survey include:

  • The industry must do more to combat encryption backdoors.
    • Only 19% believe the technology industry is doing enough to protect the public from the dangers of encryption backdoors.
       
  • Technology companies should keep their encrypted data.
    • 81% feel governments should not be able to force technology companies to give them access to encrypted user data.
       
  • Consumers need more education on encryption backdoor issues.
    • 86% believe consumers don’t understand issues around encryption backdoors.

“Giving the government backdoors to encryption destroys our security and makes communications more vulnerable,” says Kevin Bocek, chief security strategist for Venafi. “It’s not surprising that so many security professionals are concerned about backdoors; the tech industry has been fighting against them ever since global governments first called for unrestricted access. We need to spend more time protecting and supporting the security of our machines, not creating purposeful holes that are lucrative to cybercriminals.”

Overall, it’s clear from our survey that members of the security industry greatly distrust government mandated encrypted backdoors. They find them unproductive at best and hazardous at worst.

How can we educate our government officials and consumers about the dangers of encryption backdoors?

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

lawyer reading from legal books on a desk, with a scale in the foreground

Do We Trust Governments to Effectively Regulate Privacy? [Ask Security Professionals]

hands reaching out of laptop screen holding ballot box, another person's hand casting a vote
Encryption

Will Encryption Backdoors Hurt Election Infrastructure? Security Professionals Say Yes.

Man standing in front of a cyber-secured world.

What If You Could Guarantee Eliminating Outages in Your Organization?

About the author

Eva Hanscom
Eva Hanscom

Eva is Public Relations Manager at Venafi. She is passionate about educating the global marketplace about infosec and machine-identity issues, and in 2018 grew Venafi's global coverage by 45%.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat