Encryption

If an attacker has managed to access your data, an extra layer of defence is to encrypt that information so they can’t see it, or even if they do it will look like Gobbledygook.

Unfortunately while encryption makes you a much harder target, depending on a few things, it may not matter.

Your encryption keys and passwords are all kept on your computer/ within your network. That’s how it knows when you’ve put in the right password or key. So, if an attacker has access to your computer, they may gain unfettered access to all things you have access to including your encryption keys and passwords. In this case, just as you can unencrypt and see things in postcard form, so can an attacker. This is the Gotcha!.

If someone gets to your computer they can even delete encrypted information with things like malware called wiper, which as illustrated in Scenario 1- Shamoon of the Gotcha! Book) destroys information, including the information needed to start your computer up, thereby rendering it inoperable – and potentially any that machine is connected to.

That said, assuming your device or machine hasn’t been compromised, encryption does make you a much harder target.

Hard drive encryption is important and expected. You can encrypt your hard drive so that parts of it containing files don’t even look like they exist. Password strength is, again, also important. However, if the attacker has access to your computer and passwords they have access to your encrypted hard drive. They could also achieve this through Keyloggers .

A very strong form of encryption that utilises the principles PKE is called PGP (Pretty Good Privacy) with an open source version GPG (Gnu Privacy Guard).

The way it works is that we both have a public key known to everyone. Let’s call this the Public Padlock. I take your Public Padlock, you take mine. I send you something locked with your Public Padlock (public key), so you can open it with your matching private key and vice versa.

That private key, however is stored by you on a digital key ring on your computer or another device like a USB that you will plug into your computer. An attacker can access these private key files with a password.

Assuming you keep your private key safe with a strong password, it is properly implemented, and the underlying cryptography of keys haven’t been compromised, it is difficult to crack and would take a long time even with a lot of resources thrown at it.

Let’s say you and I are going to use this form of encryption to communicate. We can use it across email, voice, chat, documents. It will secure the contents but not the Header information (metadata) or, in the case of an email, its subject line. That is, it will not secure information identifying that you have sent an email, the subject of that email, who it was sent from and who it’s being sent to over TCP/IP … the public internet.

An attacker can use this information to target your machine or device and gain direct access to your keys. With this access, the attacker can see and do what you see and do.

If an attacker has access to your computer, they can see anything plugged into your computer as well. They will have access to your passwords and private digital keys, and so they can access your encrypted files.

Your encryption keys and passwords are all kept on your computer. That’s how it knows when you’ve put in the right password or key. So, if they have access to your computer, they have unfettered access to all things you have access to. Just as you can unencrypt and see things in postcard form, so can an attacker.

If someone gets to your computer they can even delete encrypted information, which is secure wiping, with things like malware called wiper – which does what it says on the tin.

That said, assuming your device or machine hasn’t been compromised, encryption does make you a much harder target.

Adapted from Ernst (2013)

Leave a Reply

Your email address will not be published. Required fields are marked *