From traditional investigative methods to zero-day exploits, authorities have a range of techniques at their disposal, including digital searches at borders, which could present concerns for CISOs.
Accessing data on encrypted devices might seem like something out of a hacker or spy movie, but for law enforcement, it’s a very real challenge.
The issue is of relevance to CISOs and other security professionals because workers on sales trips or attending conferences overseas might face demands to decrypt devices and present their contents at border crossings.
Chinese border agents, for example, may use specialized equipment to extract data from devices, even if locked or encrypted.
Contrary to films, brute forcing an AES encryption key or similar encryption technologies is impractical — at least pending the advent of powerful enough quantum computers.
Modern encryption is pretty solid, but luckily for law enforcement and spy agencies the software and people using it are pretty fallible.
Access requests
Gaining access to a suspect’s mobile phone or computer is a high priority for law enforcement.
When a mobile device is seized, law enforcement can request the PIN, password, or biometric data from the suspect to access the phone if they believe it contains evidence relevant to an investigation.
In England and Wales, if the suspect refuses, the police can give a notice for compliance, and a further refusal is in itself a criminal offence under the Regulation of Investigatory Powers Act (RIPA).
“If access is not gained, law enforcement use forensic tools and software to unlock, decrypt, and extract critical digital evidence from a mobile phone or computer,” says James Farrell, an associate at cyber security consultancy CyXcel. “However, there are challenges on newer devices and success can depend on the version of operating system being used.”
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!