Tuesday, 28 March 2017

WhatsApp: Scapegoat for London’s security lapses

British Home Secretary Amber Rudd Sunday, March 26, attacked WhatsApp for refusing intelligence services and police access to its encrypted messaging service, used by Khalid


Masood three minutes before his terrorist rampage in London last Wednesday. She presented this opacity as an impediment to the investigation into his deadly attack and to the prevention of terror in general.

Khalid Masood was shot dead after killing four people including a policeman when he rammed his car into pedestrians on Westminster Bridge and then tried to force his way into parliament. Referring to his use of WhatsApp’s End-to-End encryption service to communicate with an unknown person minutes before the attack, Rudd said “We need to make sure that organizations like WhatsApp – and there are plenty of others like that - don’t provide a secret place for terrorists to communicate with each other.”
This argument does not really hold water, debkafile’s cyber experts and security sources explain.
1. Western intelligence agencies - certainly the US, British, Canadian, Australian and New Zealand members of the “Five Eyes” – have found ways of hacking into the “inaccessible” encrypted messages carried by such services as WhatsApp and Skype. After the 2015 attack in San Bernardino, California, the FBI, when denied the passcode for an iPhone used by one of the perpetrators, found another way to get into the phone.
2.  If the British MI5 domestic intelligence agency knows when Masood posted his message and its length, his cell phone must be in their hands and in working order. “Communication research” and “communication mapping” can therefore be performed to obtain the addresses he called, how frequently and his location when he made the calls. Even if all is messages can’t be fully recovered from the cell phone, the information can be extracted from the operator.



Masood three minutes before his terrorist rampage in London last Wednesday. She presented this opacity as an impediment to the investigation into his deadly attack and to the prevention of terror in general
Khalid Masood was shot dead after killing four people including a policeman when he rammed his car into pedestrians on Westminster Bridge and then tried to force his way into parliament. Referring to his use of WhatsApp’s End-to-End encryption service to communicate with an unknown person minutes before the attack, Rudd said “We need to make sure that organizations like WhatsApp – and there are plenty of others like that - don’t provide a secret place for terrorists to communicate with each other.”
This argument does not really hold water, debkafile’s cyber experts and security sources explain.
1. Western intelligence agencies - certainly the US, British, Canadian, Australian and New Zealand members of the “Five Eyes” – have found ways of hacking into the “inaccessible” encrypted messages carried by such services as WhatsApp and Skype. After the 2015 attack in San Bernardino, California, the FBI, when denied the passcode for an iPhone used by one of the perpetrators, found another way to get into the phone.
2.  If the British MI5 domestic intelligence agency knows when Masood posted his message and its length, his cell phone must be in their hands and in working order. “Communication research” and “communication mapping” can therefore be performed to obtain the addresses he called, how frequently and his location when he made the calls. Even if all is messages can’t be fully recovered from the cell phone, the information can be extracted from the operator.
The important Islamist terrorist organizations, especially ISIS, are tech-savvy enough to be aware that the British Home Secretary’s arguments against WhatsApp were made of whole cloth. They will be happy to deduce that she was attempting to cover up the major flaws in her government’s counterterrorism setup that came to light in the Westminster attack. This impression was reinforced by Metropolitan Police Deputy Assistant Commissioner Neil Basu when he said it may never be possible to fully determine Masood’s motives.
ISIS, which claimed the attack by its “soldier,” will also conclude from the comments by the Home Minister and the police chief that the British authorities are at a loss for any leads to the terrorist’s connections, accomplices, support system or a network, which may be secretly preparing the next attack.
Sunday night, a 30-year old man was arrested in Birmingham, Masood’s last place of residence, on suspicion of “preparation of terrorist acts.” He is one of two men in custody, the 12th to be arrested in connection with the investigation after nine others were released.
Regarding the overall battle against Islamist terror, a major obstacle is the failure of Western intelligence agencies to set up technological, organizational, commercial or even “patriotic” working relationships with the Internet majors, such Google, Microsoft and Facebook (which also owns WhatsApp).
During the Obama presidency, the two groups drew further apart, especially after WikiLeaks exposed the extent to which such US agencies as NSA intruded on individual privacy, or planted malware in exported US-made servers as secret monitors on a global scale.
The complaints of “inaccessible” services are irrelevant and outdated in an era marked by the explosion of universally accessible information and the advantages it offers hostile terrorist organizations against counterintelligence agencies. It is vitally important for those agencies to catch up with the high-tech giants’ capabilities and for governments to adjust regulations for making it worth while for those giants to play ball whether for patriotic motives or financial gain, and establish relations of trust.
As for the security shortcomings exposed by the Westminster attack, five are the most glaring:
1.  UK intelligence and security services had no advance warning.
2.  The entire area around Parliament and Downing Street lacked basic security protection and presented terrorists with several soft targets. This part of London is the location of impressive national monuments and unique landmarks that draw millions of visitors as well as housing a foremost international financial center. Its lack of security is hard to comprehend.
3.  A gate for vehicles to the parliament building was left open and undefended for a time during the deadly attack.
4. The security detail responsible for Prime Minister Theresa May appears on video to have lost its cool over getting her into the right car after bundling her out of the House to the car park.
5. The River Thames bridges, which are major transport conduits in central London, are completely unguarded.

No comments:

Post a Comment