Snowden leak: Slow cyber defenses letting Russia, China hack US

Foreign capitals and criminal networks are able to attack private companies and the government because cyber officials aren’t using encryption tools fast enough, according to a secret government report.

Revelation of the 2009 document, which was contained in leaks Edward Snowden gave to The Guardian, comes amid new pressure on encryption technologies, which scramble messages and documents so that they are unreadable to anyone without a specific digital key.

ADVERTISEMENT

This week, British Prime Minister David Cameron is headed to Washington after lambasting private companies’ use of encryption. Cameron is reportedly planning on pressing President Obama to join his call to prevent Apple, Google and other tech companies from encrypting messages to lock out government officials and other prying eyes.

But according to the newly released document, the absence of those technologies has made it easier for countries like China and Russia as well as ill-intentioned hackers to break into people’s networks and do billions of dollars worth of damage.

Encryption is the “[b]est defense to protect data,” the report said, according to the Guardian, especially if officials are required to prove their identities multiple ways, such as with a password as well as a fingerprint or code word.

One reason for the continuing successful intrusions, it said, was “the slower than expected adoption ... of encryption and other technologies.”

The report was published by the National Intelligence Council in 2009 and gave an outlook on the cyber threats facing the U.S. over the next five years.

Government agencies have long bemoaned that encryption technologies are outpacing their ability to track potential criminals and terrorists.

In the U.S., the FBI has been the primary critic of moves by Apple and Google to encrypt their devices so that no one except the owner can access their information. FBI Director James Comey has called for Congress to mandate that companies give the government a way to access people’s data, in order to go after suspected criminals.

Cameron’s criticism of companies that encrypt users’ communication came in response to the recent terror attacks in Paris. On Monday, he said that the United Kingdom cannot allow communication that “simply isn’t possible to read.”

The White House has declined to endorse Cameron’s position, instead saying that the policy issue was “rapidly evolving.”