Imagine that for reasons of national security, the law obliges telecom operators to open special access so that the authorities can listen to the calls, messages and Internet traffic of every citizen. Now imagine that despite guarantees of inviolability, this special access, in other words, a backdoor or back doorback dooror also exploited by a hostile foreign power.
This is exactly the story revealed by the Wall Street journal Friday October 5. Hackers linked to the Chinese government managed to penetrate the backdoors of several American operators, such as AT&TT and Verizon. Thanks to this infiltration, they were able to potentially use for months the infrastructures allowing them to obtain authorization for almost unlimited access to the data of the customers of these operators.
The hacker group goes by the name “Salt Typhoon”. It is one of several hacking units supported by Chinese authorities. These groups are used to prepare the ground for carrying out destructive cyberattacks in the event of conflict between China and the United States over Taiwan. In this case, the hackers entered the systems of the three largest American operators (AT&T, Verizon, LumenLumen). They were then able to access the tools used to transmit customer data to law enforcement and the government. All we know is that the collection would have been massive. The American authorities announce that they have started their investigation. This hack shows once again that a massive surveillance law, supposed to ensure the protection of the nation and citizens, can put them in danger.
Encryption to slam the backdoor
Despite the protections put in place by operators, a backdoor remains a flaw in the system and zero risk does not exist. With all due respect to States, including France, where this obligation towards operators also exists, illicit access to a legal backdoor, however secure it may be, is only a matter of time. For practicality, ease and necessity, the laws taken at a time when this type of threat did not exist or little have never been updated.
In other words, the danger was then non-existent when this American law on surveillance of massemasse of communications was applied thirty years ago. At the time, cell phones were rare and the Internet was in its infancy. It was not until the revelations of former NSA member Edward Snowden that the American population realized that those in power had the technical means to “listen” to it. Forced to maintain these backdoors, the operators were neither able nor able to protect their customers from this surveillance.
But it is on the side of the high-tech giants that a revolution ensuring better confidentiality for their customers has been carried out. For example, Meta took care to encrypt its messagingmessaging (MessengerMessenger, WhatsAppWhatsApp). On AndroidAndroidl’applicationapplication Message from GoogleGoogle is also end-to-end encrypted. Encrypted communications applications, such as Signal or TelegramTelegramwere acclaimed by a now informed public. In fact, except when calling or communicating by SMS, or surfing without a VPN on computercomputerthese backdoors are less and less relevant for monitoring people.
It is exactly for this reason that in France, the authorities would like to be able to access the encrypted data of applications, as was recently demanded by the former Minister of the Interior, Gérald Darmanin. And to put the pressionpressionthis precisely gave rise to the arrest in France of Pavel DurovPavel Durovthe boss of Telegram. The argument used to legitimize this access to encrypted data is the fight against terrorism and abuse of minors.
Unfortunately, to achieve this goal, technology does not ensure that these “openings” are not exploited by malicious actors. In other words, monitoring to protect can be completely counterproductive and dangerous.
Related News :