Last December, Australia’s parliament passed legislation requiring technology businesses to create encryption backdoors within their products.
Security and privacy advocates responded with shock and disappointment, with Nate Cardozo of the Electron Frontier Foundation writing he “can see a potential dystopic future in the Land Down Under: one where only backdoored communication tools are permitted in Australia, and all other services and protocols will face government-mandated blocking and filtering.”
At this year’s RSA conference, Venafi evaluated the opinions of over 500 convention attendees on the impact of government mandated encryption backdoors and the results were quite interesting. For example, 73% of respondents believe countries with these encryption backdoors are more susceptible to nation-state attacks.
“This is a tense moment for industry professionals because they know backdoors make our critical infrastructure more vulnerable,” says Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. “This is not rocket science; backdoors inevitably create vulnerabilities that can be exploited by malicious actors. It’s understandable that so many security professionals are concerned because backdoors are especially appealing to hostile and abusive government agencies and more governments are considering these mandates.”
Additional findings from the survey include:
Bocek concludes: “We know that attackers don’t abide by restrictions; they don’t follow the rules or buy products in controlled markets. Countries that enact these near-sighted restrictions harm law abiding businesses and court economic damage as well as intrusions focused on sovereign government processes.”