The IT security community overwhelmingly believes that government-mandated encryption backdoors will put countries at a greater risk of election hacking, according to new Venafi research.
The security vendor polled over 380 security professionals at Black Hat USA 2019 in Las Vegas earlier this month, following recent comments by attorney general, William Barr.
Like his predecessors, Barr last month claimed that strong data encryption in tech products is effectively creating a “law-free zone” exploited by terrorists and criminals as it “seriously degrades” the ability of law enforcement to detect and prevent crimes.
Also like many others, he argued that government-mandated backdoor access “can and must be done,” claiming that if they only tried hard enough, tech firms could find a solution which could enable lawful access to data without undermining security for all users.
This argument has been repeatedly shot down, not only by the tech firms themselves, but also world-renowned cryptography experts. Last year they backed senator Ron Wyden’s demands that the FBI explain the technical basis for its repeated claims that encryption backdoors can be engineered without impacting user security.
Now the IT security community is arguing that backdoors would also expose countries to the threat of cyber-attacks on election infrastructure — an increasingly important issue as the 2020 Presidential election comes into view.
While 80% agreed with this sentiment, 74% said countries with government-mandated encryption backdoors are more susceptible to nation-state attacks, 72% claimed they don’t reduce the terrorist threat and 70% argued they put countries at a distinct economic disadvantage.
Last month a Senate report revealed that voting infrastructure in all 50 states was most likely compromised by Russian hackers ahead of the 2016 election. It warns that if Russia’s preferred candidate doesn’t win in 2020, it could seek to use this access to de-legitimize the result.
“We know that encryption backdoors dramatically increase security risks for every kind of sensitive data, and that includes all types of data that affects our national security,” argued Venafi VP of security strategy and threat intelligence, Kevin Bocek.
“On a consumer level, people want technology that prioritizes the security and privacy of their personal data. This kind of trust is priceless. Encryption backdoors would not only make us much less safe at a national level, they also clearly have the potential to inflict significant economic and political damage.”