Paris attacks – DoGoodSoft's Official Blog

Paris attack planners used encrypted apps, investigators believe

French counterterrorism investigators believe that the men suspected in last month’s Paris attacks used widely available encryption tools to communicate with each other, officials familiar with the investigation said, raising questions about whether the men used U.S.-made tools to hide the plot from authorities.

Investigators have previously said that messaging services WhatsApp and Telegram were found on some of the phones of the men suspected in the November attacks that claimed 130 victims. But they had not previously said that the services had been used by the men to communicate with each other in connection with the attacks. The two services are free, encrypted chat apps that can be downloaded onto smartphones. Both use encryption technology that makes it difficult for investigators to monitor conversations.

The findings of the investigation were confirmed by four officials, including one in France, who are familiar with the investigation. All spoke on the condition of anonymity because they were not authorized to speak publicly about the ongoing inquiry. A spokeswoman for the Paris prosecutor’s office, which is leading the investigation, declined to comment.

The investigators’ belief that WhatsApp and Telegram had been used in connection with the attacks was first reported by CNN.

The revelation is likely to add fuel to calls in Congress to force services such as WhatsApp, which is owned by Facebook, to add a back door that would enable investigators to monitor encrypted communications. Such demands have grown stronger in the wake of the Paris attacks and after other attacks in the United States in which the suspects are believed to have communicated securely with Islamic State plotters in Syria.

Already, security hawks in Congress, citing the likelihood that the Paris attackers used encrypted communications, have called for legislation to force companies to create ways to unlock encrypted content for law enforcement. Sen. Dianne Feinstein, D-California, vice-chairman of the Senate Intelligence Committee, has begun working on possible legislation. And Sen. John McCain, R-Arizona, chairman of the Senate Armed Services Committee, has promised hearings on the issue, saying, “We’re going to have legislation.”

FBI Director James B. Comey last week cited a May shooting in Garland, Texas, in which two people with assault rifles attempted to attack an exhibit of cartoons of the prophet Muhammad. Investigators believe they were motivated by the Islamic State. Comey told the Senate Judiciary Committee that encrypted technology had prevented investigators from learning the content of communications between the shooters and an alleged foreign plotter.

“That morning, before one of those terrorists left and tried to commit mass murder, he exchanged 109 messages with an overseas terrorist,” Comey told the committee. “We have no idea what he said, because those messages were encrypted.”

Tech firms such as Apple have opposed such calls, saying that such a requirement would render their services and devices less secure and simply send users elsewhere. Apple began placing end-to-end encryption on its chat and video call features several years ago. Then last year, in the wake of revelations by former National Security Agency contractor Edward Snowden about the scope of U.S. surveillance, Apple announced it was offering stronger encryption on its latest iPhones. And more tech firms began to question what had once been routine law enforcement requests to comply with court-ordered wiretaps.

A spokesman for Facebook declined to comment about whether the attackers used WhatsApp. A representative for Germany-based Telegram did not respond to a request for comment.

The officials familiar with the Paris investigation did not say when the services were used, how frequently or for what purpose. One of the officials said investigators believe that the attackers used Telegram’s encrypted chat function more frequently than they used WhatsApp. It was not clear whether authorities were able to obtain “metadata,” information indicating the times and dates of chat messages from either company’s servers. Nor was it clear whether authorities had been able to recover the messages from the phones themselves.

Not all encrypted apps are equal. WhatsApp offers end-to-end encryption between two users on some platforms, such as Android phones. That means the chat content is not visible to Facebook but only to the sender and receiver. WhatsApp is in the process a rollout for Apple’s iPhones. Telegram’s Secret Chat feature is end-to-end encrypted. However, a number of experts say that Telegram is not secure.

“It’s home-brew crypto style,” said Lance James, chief scientist at Flashpoint, a threat intelligence firm. The Telegram developers have “introduced unnecessary risk by making up their own cryptography rules.” He said he was “fairly certain” that advanced spy agencies could find ways around the encryption.

The group chat functions on the apps do not offer end-to-end encryption, which means anyone with access to WhatsApp or Telegram’s servers can read the chats.

European authorities have come under heavy criticism for failing to disrupt the Paris attacks, and it is unclear whether encrypted messaging played an important role in the plot’s success. Ringleader Abdelhamid Abaaoud, a Belgian citizen, was being monitored by European authorities but nevertheless managed to travel to Syria and back this year.

Another suspect, Salah Abdeslam, is still at large despite having been stopped by French police at the Belgian-French border hours after the attacks. He used his real identity documents, but he was not yet in a database, Belgian Interior Minister Jan Jambon told the Belgian VTM broadcaster in an interview aired this week.

“We were simply unlucky,” he said.

Then, investigators believe, Abdeslam went into hiding in a building in the Molenbeek district of Brussels, and Belgian Justice Minister Koen Geens said that a Belgian law banning police raids between 9 p.m. and 5 a.m. may have played a role in his subsequent escape.

Encryption Debate Erupts Post-Paris Attacks But Don’t Expect Any Change Soon

Despite the lack of evidence, the Obama Administration has revived the encryption debate, pointing to encryption as an aid to the terrorists behind the Nov. 13 Paris attacks.

Investigators from France and the U.S. have conceded that there has been no evidence backing up their conclusion that the terrorist behind the attacks relied on the latest, high-level encryption techniques being offered to consumers by Google and Apple.

Yet, the debate over government-grieving encryption is back in high gear.

Decrypting the Encryption Debate

The Great Encryption debate kicked into full swing about a year ago, when current and former chiefs of the U.S. Department of Justice began calling on Apple and Google to create backdoors in iOS 8 and Android Lollipop.

The encryption built for the two mobile operating systems is so tough, that the world’s best forensic scientists in all of computing wouldn’t be able to crack devices running the software in time for a seven-year statute of limitations.

While it’s possible to crack the encryption in less time, each misstep would push back the subsequent cool-down period before the software would allow for another go.

A few weeks before the Nov. 13 attacks on Paris, the DOJ employed a new strategy to coerce Apple into handing over the keys to iOS – and it’s a good one. The tech world is still awaiting Apple’s counterpunch.

Roughly a year ago, then U.S. Attorney General Eric Holder frame the debate on encryption and stated the DOJ’s stance while speaking at the Global Alliance Against Child Sexual Abuse Online.

“Recent technological advances have the potential to greatly embolden online criminals, providing new methods for abusers to avoid detection,” Holder said, adding that there are those who take advantage of encryption in order to hide their identities and “conceal contraband materials and disguise their locations.”

The Information Technology Industry Council, which speaks on behalf of the high-tech industry, sees all of the above issues as reasons everyone needs encryption.

“Encryption is a security tool we rely on everyday to stop criminals from draining our bank accounts, to shield our cars and airplanes from being taken over by malicious hacks, and to otherwise preserve our security and safety,” said Dean Garfield, president and CEO of ITI.

While stating the ITI’s deep “appreciation” for the work done by law enforcement and the national security community, Garfield said there is no sense in weakening the security just to improve it.

“[W]eakening encryption or creating backdoors to encrypted devices and data for use by the good guys would actually create vulnerabilities to be exploited by the bad guys, which would almost certainly cause serious physical and financial harm across our society and our economy,” he explained.

Paris as a Talking Point

In the wake of the recent Paris Attack, U.S. officials have again reissued their call for software developers – Apple, Google and others – to provide law enforcement agencies with keys to the backdoor of operating systems with government-grade encryption.

While there is still no evidence that law enforcement agencies, with encryption keys in hand, could have given police on the ground in Paris a game-changing heads up of the attacks. Nevertheless, Paris has been turned into a talking point said Michael Morell, a former deputy director of the CIA, who stated that the tragic events will reshape the encryption debate.

“We have, in a sense, had a public debate [on encryption],” said Morell. “That debate was defined by Edward Snowden.” Although, instead of what the former NSA contractor and leaker had done, the issue of encryption will now be “defined by what happened in Paris.”

Paris attacks reignite debate over encryption,surveillance and privacy

WASHINGTON — Friday’s terrorist attacks in Paris have revived the debate over whether U.S. tech companies should be required to build “backdoors” into encrypted phones, apps and Internet sites to let law enforcement conduct surveillance of suspected terrorists.

There has been widespread speculation among law enforcement authorities and the media that the Islamic State terrorists who attacked Paris were using some kind of encryption technology to communicate. However, American and French authorities have said there is no hard evidence to back up that assumption.

Still, the possibility has been enough to renew criticism of commercial encryption, putting pressure on U.S. companies that are increasingly using the technology to thwart hackers and reassure customers that their data will be kept private.

“When individuals choose to move from open means of communication to those that are encrypted, it can cause a disruption in our ability to use lawful legal process to intercept those communications and does give us concern about being able to gather the evidence that we need to continue in our mission for the protection of the American people,” Attorney General Loretta Lynch told the House Judiciary Committee Tuesday.

Lynch said the FBI and other Justice Department agencies work with Internet providers to try to find a way to enforce court orders to conduct surveillance of suspected terrorists. However, companies are increasingly employing encryption that even they cannot break to access their customers’ data.

In those cases, federal agents use other types of surveillance and intelligence-gathering tools, Lynch said.

“But it (encryption) does cause us the loss of a very valuable source of information,” she told the committee.

Despite strong criticism of encryption by the FBI, the White House announced in October that it would not seek legislation to force U.S. tech companies to build backdoors to let law enforcement get around the technology to access people’s messages and other information.