Monday, 10 December 2018 07:56

Business as usual for crims under encryption laws: security pro

Bogdan Botezatu: "Weakening security in any way might help cyber criminals capitalise on technical oversights or user confusion to carry out their own agenda." Bogdan Botezatu: "Weakening security in any way might help cyber criminals capitalise on technical oversights or user confusion to carry out their own agenda." Supplied

Terrorists and paedophiles, the two claimed targets of the government's encryption laws, are likely to bury themselves deeper on the dark net and adopt necessary security precautions to keep operating as before, a senior security professional has warned.

Bogdan Botezatu, a senior e-threat analyst at security firm Bitdefender, said on the other hand, the losers would be innocent people who would forfeit their privacy and freedom of speech for nothing.

The encryption laws took effect on Thursday evening after the Senate approved them without any amendments. Labor leader Bill Shorten agreed to pass the laws as such after getting an assurance from the government that the amendments would be passed during Parliament's first sitting in 2019.

The amendments could not be added because the government delayed voting on another bill in the Senate – a cross-party push to amend existing legislation on moving refugees from Manus Island and Nauru to the mainland. This delay prevented it going back to the lower house for a vote as the House of Representatives had risen for the day by then.

Botezatu said many countries were pursuing similar laws that would make it mandatory for secure communications service providers to intercept and document messages. These were aimed at circumventing the progress made in recent years to secure communications, in order that law enforcement agencies could extract the contents of conversations.

"However, in the current form, it seems that regulators are not necessarily looking into weakening encryption or removing it, but rather into forcing service providers to offer full co-operation for covert backdooring," he said.

"Because it is not specified who these 'providers' are or how 'access' will be possible - other than what is summarised in point 2: Introducing new computer access warrants for law enforcement that will enable them to covertly obtain evidence directly from a device - scenarios such as internet service providers transparently planting government-sanctioned spyware on users' devices will become a reality.

"Additionally, application providers who service customers in Australia will be forced to install, maintain, test, or use software that a law-enforcement or intelligence agency has given them."

Botezatu said it was difficult to say what opportunities such backdoors would provide for law enforcement, but it was easy to predict the outcome for the common man.

"Weakening security in any way might help cyber criminals capitalise on technical oversights or user confusion to carry out their own agenda," he said.

"In addition, extremely sophisticated backdoor code likely included with, or installed through, applications or ISPs, will inspire cyber criminals who will include these threat vectors into their existing creations.

"Last, but not least, getting citizens used to cyber surveillance for a good cause can generate chilling effects or a relaxed attitude towards weak security by design. I don't believe that such measures will have a direct impact in curbing terrorism or cyber crime."


You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer


QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments