Checklist 403: The FBI, Salt Typhoon, and Encryption

FBI and CISA Urge Encrypted Communications Amid Fallout from Major Telecom Hack

In a striking reversal of past positions, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) are now advising Americans to use end-to-end encrypted apps such as iMessage and FaceTime to safeguard against foreign cyber threats. This shift comes in the wake of the Salt Typhoon hack, a significant breach of U.S. telecommunications systems attributed to Chinese state-sponsored hackers.

A History of Resistance to Encryption

The FBI’s call for encryption marks a sharp contrast to its prior stance. For years, the agency pushed for backdoors in encrypted systems, arguing they were necessary for law enforcement. Apple famously resisted, with CEO Tim Cook declaring in a 2015 NPR interview that “privacy is a fundamental human right.” Cook warned that any backdoor could be exploited by both “good guys” and “bad guys,” a concern now validated by recent events.

The tension between Apple and the FBI peaked in 2016, following the San Bernardino shooting. The FBI demanded that Apple create software to bypass encryption on the attacker’s iPhone. Apple refused, and the FBI ultimately accessed the phone through alternative means, yielding no actionable intelligence.

The Salt Typhoon Hack: Breach of U.S. Telecom Networks

The catalyst for the FBI’s policy reversal is the Salt Typhoon hack, described in reports by AppleInsider and other outlets. Hackers affiliated with the Chinese government exploited vulnerabilities in U.S. telecommunications systems, gaining prolonged access to wiretap networks. The compromised systems were designed to comply with the Communications Assistance for Law Enforcement Act (CALEA), which mandates surveillance capabilities for federal agencies. Unfortunately, these backdoors also provided entry points for hackers.

Scale and Impact of the Breach

The breach, revealed in October, affected major carriers, including Verizon, AT&T, and Lumen Technologies, and persisted for months. Hackers reportedly gathered sensitive political, medical, and business intelligence. In one instance, security startup iVerify flagged suspicious activity on iPhones belonging to senior officials of a U.S. presidential campaign, raising concerns about the broader implications of the hack.

Jeff Greene, CISA’s executive assistant director for cybersecurity, acknowledged the severity of the breach, stating it is “impossible to predict a time frame on when we’ll have full eviction” of the hackers from affected systems.

The New Recommendation: Encryption as a Shield

In light of these developments, the FBI and CISA are urging widespread adoption of end-to-end encrypted communication to protect sensitive information from foreign adversaries. This recommendation underscores the inherent risks of backdoors in encrypted systems, which can be exploited by malicious actors.

As geopolitical tensions escalate and cyber threats grow more sophisticated, the pivot toward encryption signals a significant shift in how U.S. authorities approach cybersecurity and privacy.

FBI and CISA Suggest for Encrypted Communications Amid Cyber Threats

The FBI and Cybersecurity and Infrastructure Security Agency (CISA) are urging Americans to adopt end-to-end encrypted communication methods to safeguard against increasingly sophisticated cyber threats. This comes just two months after Chinese government-linked hackers exploited a decades-old law enforcement backdoor, compromising U.S. telecommunications.

The Case for Encryption

CISA’s Jeff Greene underscored the importance of encryption in a recent press call, stating, “Encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication.” Greene emphasized that encryption renders intercepted data indecipherable, shielding sensitive information from adversaries. An anonymous FBI official echoed this sentiment, recommending timely software updates, responsibly managed encryption, and phishing-resistant multi-factor authentication for digital communications and accounts.

What’s Encrypted and What’s Not?

The debate over encrypted messaging is not new. Apple’s iMessage offers end-to-end encryption for its users but lacks compatibility with Google’s RCS, leaving “green bubble” messages unprotected. Meanwhile, Google’s RCS implementation and its dedicated Messages app offer encrypted communication for Android users.

For those seeking additional security, third-party apps are viable alternatives. According to Tom’s Guide, Signal is the best choice for most users due to its simplicity, robust encryption, and commitment to privacy. Surprisingly, WhatsApp and Facebook Messenger also use Signal’s encryption protocol, though they come with caveats, such as behavioral data sharing with Facebook and limited encryption availability on Messenger.

Lessons from the Salt Typhoon Hack

The newfound advocacy for encryption follows the Salt Typhoon hack, where hackers tied to the Chinese government exploited vulnerabilities in U.S. wiretap systems. This breach highlights the risks of backdoors, which, while intended for law enforcement, also provide entry points for bad actors.

The hack has spurred agencies to stress the importance of adopting secure communication tools. The FBI’s shift in stance underscores the urgency of protecting sensitive data from foreign adversaries, signaling a growing recognition of encryption as a critical defense mechanism.