Child Abuse Images Being Traded Via Secure Apps

Images of child sexual abuse and stolen credit card numbers are being openly traded on encrypted apps, a BBC investigation has found.

Security experts told Radio 4’s File on 4 programme that the encrypted apps were taking over from the dark web as a venue for crime.The secure messaging apps, including Telegram and Discord, have become popular following successful police operations against criminal markets operating on what is known as the dark web – a network that can only be accessed by special browsers.

Experts Comments below:

Boris Cipot, Senior Security Engineer at Synopsys:

“Encryption apps started out with good intentions – it was to help people who couldn’t speak up without this software. For example, news reporters in countries where the truth could get them in jail or even cost them their lives, and it should protect abused people that are on the run from their partners so that they can keep up communication with people without the abuser finding them. Also, through the Snowden revelation, it helped protect private communications from government spying.

“Since this idea started, encryption in all types of software is a feature which users do not want to be without. Some have valid reasons, and some are just following the crowd when they say they need it. But, unfortunately, even if this functionality was created for good use, there are those that will abuse it for negative reasons. The Silk Road Darknet portal is one of the most well-known negative uses, and unfortunately those abuses will continue.

“The issue is that once you add some sort of governance or tracking into encryption enabled apps, the whole idea about security/anonymity/privacy is gone. But I hope that there will be a technology developed that will disable the misuse of encryption functionalities for human-harming actions.”

Christopher Littlejohns, EMEA Manager at Synopsys:

“The use of what is currently considered “uncrackable” encryption mechanisms is an essential capability that enables much of the commerce that is executed on the internet. Without encryption, there would be no way to safely buy goods online, protect personal data, comply with GDPR regulations, do your banking, communicate safely in the battlefield, etc. We literally cannot do without encryption in current and future times. So encryption ensures privacy and security in the transmission and storage of our valuable data, hence this is why criminal and terrorist groups of various kinds will use it to their advantage.

“The underlying issue is one that societies as a whole need to tackle. The question is, is tackling the bad usage of encryption worth the potential impact on the good uses? Governments throughout the world are considering this problem, but there are no easy answers. If government agencies demand that the private keys are stored in some form of Escrow or similar, this undermines the whole purpose of encryption, to guarantee privacy and security. The worry would be that these keys are used for political or criminal purposes. This would lower the trust that people would place in the good uses of encryption, and could badly effect the economy. Alternatively, if we insist on the use of crackable encryption techniques, then the result is the same, i.e. we lose trust in the mechanism and the capabilities that use it.

“There is some positives in this however. Criminal gangs who exchange encrypted messages will inevitably leave a footprint on the internet. It is quite possible that Cyber forensic specialists could use this to identify participants to help build a picture of the participants. In addition, these individuals will inevitably record or store these pictures for further use. Here is where our serious crime investigators need to focus their efforts and develop their capabilities to deal with the threats as they are now. These types of criminals will always use whatever they can to reduce the risk of being caught, be it low tech or high tech. Unfortunately the old, trusted method of infiltration into these groups is probably still the best approach.

“The bottom line is it is absolutely futile to expect that the issue can be tackled by enabling government or police forces to access encrypted data more easily.”

Javvad Malik, Security Advocate at AlienVault:

Javvad Malik

Javvad Malik

“There is no such thing as a low priority system or data that is uninteresting to attackers. Whenever a system is online, or accessible in a digital form, it should be assumed that bad actors will try to compromise it to either steal information, make it unavailable, or to tamper with it. Government departments are no exception, and therefore security controls should be carefully considered – in particular having strong monitoring and threat detection capabilities so that any intrusion or potential intrusion can be quickly identified and responded to and limit the damage.”

Paul Edon, Senior Director at Tripwire:

“This attack is the latest demonstration of how the threats against nation-states have evolved in the last few years.

The value of the digital assets that a system holds influences the risk factor of that system, and given the national and international interests invested in a nation-states’ parliamentary networks, these kind of attacks are likely to be attempted again. Although it is impossible to predict whether the next attack will be successful, it is encouraging that Australia’s parliament has detected the threat promptly and has addressed the security issue immediately. Bipartisan forces should concentrate on keeping the election process free of international interference, and although it is tempting to speculate on whether – and which – nation-state backed the hacking operation, the focus should be on securing the networks as soon as possible.”

Chris Doman, Security Researcher at AlienVault:

“The Australian Government has released a tool to identify the attacker’s tools within networks. The tools they’ve identified are in use by a number of different attackers, though some analysts have noted they are particularly popular with Chinese attackers.”