What’s happening

Top U.S. cybersecurity and law enforcement officials on Tuesday issued a joint statement to raise awareness of cyber threats from foreign governments. The invasion of the country’s systems, dubbed the “Salt Typhoon”, showed that we all vastly underestimated the capabilities of China and its closest allies. Hackers linked to the communist government are said to still be present on US systems. Senator Mark Warner called it “the worst theft in the history of the country,” Channel 24 reported, citing NBC News.

U.S. Cybersecurity and Infrastructure Security Agency officials, along with the FBI, have urged Americans to use encrypted messaging apps to prevent foreign hackers from intercepting communications.

The advice we tell our employees isn’t new: Whether it’s text messaging or the ability to use encrypted voice, encryption is your friend. Even if the enemy can access the data, [читання] It would be impossible if they were encrypted,
said Jeff Green, CISA’s Deputy Director for Cybersecurity.

An unnamed FBI agent who spoke to reporters also relayed the message to NBC News, urging Americans to use “responsibly managed encryption.” All this is very interesting, if you remember Agencies like the FBI are the most resistant to encryption efforts by software developers. Therefore, it can be concluded that protection from China is considered a greater and priority need than the desire of private services to access citizens’ chats.

The hackers behind Salt Typoon were unable to trace or capture anything encrypted; Anything sent via messaging programs like Signal or Apple’s iMessage was protected. But interfering with all other communications was extremely bold. Hackers had access to metadata, including messages and phone calls, as well as information about when and where they were delivered. The hackers reportedly focused on targets around Washington.

The most concerning target of the Salt Storm attack was a system used by US authorities to legally wiretap Americans under court order, but the FBI has not yet released details on that matter, including whether any classified information was accessed. But ABC News says officials believe the alleged hack was aimed at gaining access to a much broader range of U.S. communications than classified material.

The cybersecurity arms of the Five Eyes alliance, which includes the US, UK, Australia, New Zealand and Canada, also issued a joint statement with guidance on how to protect their systems from Typhoon Salt or a similar attack. These guidelines also focus on protecting against threats from abroad.

Encryption in messengers

End-to-End Encryption, as experts call it, is a data protection technology that ensures only the sender and recipient can access the content of a message.

The principle of operation is that information is encrypted on the sender’s device and decrypted only on the receiver’s device. No other party, including the communications service provider and the application developer, can examine the content of the transmitted data.Because encryption keys are stored only on the addressees’ devices without being downloaded to the servers. Therefore, it is not possible to obtain these keys neither there nor anywhere on the road.

Today, End-to-End Encryption is integrated into many popular messaging applications, including:

• Signal: Considered one of the most reliable messengers due to its open source code and focus on privacy.
• iMessage: Provides encryption for text messages between Apple devices.
• WhatsApp: Automatically encrypts all chats, calls and file exchanges.
• Viber: Automatically encrypts all chats so you don’t need to enable anything else.

Instead, Telegram only offers End-to-End Encryption in “secret chats”. At least the company claims it’s there.

The main advantage of end-to-end encryption is that it cannot be intercepted by third parties. Even if hackers gain access to the servers where messages are stored, they will only see encrypted data.